Elli2010 | 18.10.2010 13:57 | In der Zwischenzeit habe ich alle Schritte befolgt, die man laut "Selbshilfe" tun soll.
1. Schritt: erunt.exe ausgeführt
2. schritt:Malwarebytes Anti Malware ausgeführt.7 Objekte wurden gefunden und beseitigt. 2.Suchlauf war ohne Befund.
3. Schritt: defogger Logfile erstellt
4. Schritt: Gmer.exe ausgeführt. "Gmer hasn`t found any Modification"lautete das Ergebnis
5. Schritt: OTL.exe ausgeführt, OTL.txt und Extras.txt sind erstellt. OTL.txt:
[SIZE="2"] OTL Logfile: Code:
OTL logfile created on: 18.10.2010 13:16:24 - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Dokumente und Einstellungen\Inke\Desktop\MFTools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 638,00 Mb Available Physical Memory | 62,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 16,95 Gb Free Space | 57,86% Space Free | Partition Type: NTFS
Drive D: | 63,86 Gb Total Space | 48,65 Gb Free Space | 76,17% Space Free | Partition Type: NTFS
Computer Name: IS | User Name: Inke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ==========
PRC - [2010.10.18 10:26:51 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Inke\Desktop\MFTools\OTL.exe
PRC - [2010.01.26 19:19:44 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2009.12.28 14:53:59 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.02.18 11:16:30 | 000,110,592 | ---- | M] (Apple, Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007.04.23 04:00:00 | 000,692,224 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe
PRC - [2007.04.11 15:32:22 | 000,056,080 | ---- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\Logitech\KhalShared\KHALMNPR.exe
PRC - [2007.01.12 04:12:18 | 000,244,512 | ---- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\LVComSX.exe
PRC - [2007.01.12 04:09:28 | 000,488,984 | ---- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2006.06.27 17:21:14 | 001,449,984 | ---- | M] (Time Information Services Ltd.) -- C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe
PRC - [2006.06.15 13:36:18 | 000,229,376 | ---- | M] (Nokia) -- C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2006.06.09 11:37:18 | 000,471,552 | ---- | M] (Nokia Corporation) -- C:\Programme\Gemeinsame Dateien\Nokia\MPAPI\MPAPI3s.exe
PRC - [2006.06.05 14:59:18 | 000,174,080 | ---- | M] (Nokia.) -- C:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe
PRC - [2004.12.14 02:12:02 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Adobe Acrobat 7.0\Distillr\acrotray.exe
PRC - [2003.06.20 08:01:12 | 000,356,352 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\ZCfgSvc.exe
PRC - [2003.06.20 07:56:06 | 000,184,320 | ---- | M] (Intel) -- C:\WINDOWS\system32\1XConfig.exe
PRC - [2003.06.20 07:55:22 | 000,303,171 | ---- | M] (Intel Corporation ) -- C:\WINDOWS\system32\S24EvMon.exe
PRC - [2003.06.20 07:54:18 | 000,122,880 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\RegSrvc.exe
PRC - [2003.06.11 00:07:46 | 000,147,456 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\Apoint.exe
PRC - [2003.02.26 12:08:42 | 000,045,056 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApntEx.exe
PRC - [2002.04.12 02:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSVC01A.EXE
PRC - [2001.12.13 02:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSS01A.EXE
PRC - [2001.02.23 11:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
========== Modules (SafeList) ==========
MOD - [2010.10.18 10:26:51 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Inke\Desktop\MFTools\OTL.exe
MOD - [2010.10.14 17:59:49 | 000,049,152 | -H-- | M] () -- C:\WINDOWS\system32\brrbgoff.dll
MOD - [2010.08.23 18:11:46 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008.07.25 11:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008.07.25 11:17:20 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
MOD - [2008.04.14 04:22:31 | 000,199,168 | ---- | M] () -- C:\WINDOWS\uheyejej.dll
MOD - [2008.04.14 04:22:23 | 000,713,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\opengl32.dll
MOD - [2008.04.14 04:22:10 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\glu32.dll
MOD - [2008.04.14 04:22:08 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ddraw.dll
MOD - [2008.04.14 04:22:08 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dciman32.dll
MOD - [2008.04.14 04:21:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008.04.13 20:36:47 | 002,981,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2007.04.23 04:00:00 | 000,045,568 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\SetPoint\lgscroll.dll
MOD - [2004.12.14 03:29:24 | 000,030,208 | ---- | M] (Adobe Systems, Inc.) -- C:\Programme\Adobe\Adobe Acrobat 7.0\ActiveX\pdfshell.DEU
========== Win32 Services (SafeList) ==========
SRV - [2008.04.06 15:21:54 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2008.02.18 11:16:30 | 000,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2006.06.05 14:59:18 | 000,174,080 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005.04.06 16:53:02 | 000,163,840 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe -- (Adobe Version Cue CS2)
SRV - [2003.06.20 07:55:22 | 000,303,171 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\WINDOWS\system32\S24EvMon.exe -- (S24EventMonitor)
SRV - [2003.06.20 07:54:18 | 000,122,880 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\system32\RegSrvc.exe -- (RegSrvc)
SRV - [2003.04.29 15:29:54 | 000,139,264 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2002.04.12 02:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\WINDOWS\system32\BRSVC01A.EXE -- (Brother XP spl Service)
SRV - [2001.02.23 11:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LVcKap.sys -- (LVcKap)
DRV - [2008.04.13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB-Audiotreiber (WDM)
DRV - [2008.01.24 22:52:53 | 000,014,037 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2008.01.24 22:21:52 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2007.04.11 16:33:14 | 000,028,688 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007.04.11 16:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007.04.11 16:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2005.11.02 21:24:42 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2003.07.29 15:13:00 | 000,587,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003.07.03 16:59:06 | 000,189,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2003.07.03 16:56:58 | 000,631,680 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003.07.03 16:55:48 | 001,063,936 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003.06.20 07:54:04 | 000,010,970 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2003.06.10 22:35:58 | 000,093,700 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003.05.21 19:47:12 | 000,175,360 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2003.04.25 18:10:52 | 000,220,176 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2002.11.22 21:01:26 | 000,020,096 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2002.11.08 14:13:50 | 000,020,579 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ozscr.sys -- (O2SCBUS)
DRV - [2002.10.09 11:20:52 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)
DRV - [2002.05.13 19:59:20 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2000.07.24 01:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{99C27F9A-4BF3-4BEE-9D17-A701613B2217}: C:\Dokumente und Einstellungen\Inke\Lokale Einstellungen\Anwendungsdaten\{99C27F9A-4BF3-4BEE-9D17-A701613B2217} [2010.10.14 18:01:40 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (no name) - {ee1babcf-cbe2-4c07-8e18-dfe6fc08c30a} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programme\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Version Cue CS2] C:\Programme\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe (Adobe Sytems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [Hdixosama] C:\WINDOWS\uheyejej.DLL ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [PRONoMgr.exe] C:\Programme\Intel\NCS\PROSet\PRONoMgr.exe (Intel(R) Corporation)
O4 - HKCU..\Run: [PcSync] C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Acrobat - Schnellstart.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1201362824509 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1201363196123 (MUWebControl Class)
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab (CeWe Color AG & Co. OHG Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://asp.photoprintit.de/microsite/3661/defaults/activex/ips/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\Sebring: DllName - C:\WINDOWS\system32\LgNotify.dll - C:\WINDOWS\system32\LgNotify.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.01.20 22:22:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.03.02 08:40:47 | 006,549,689 | ---- | M] () - D:\auto_rattenloch.psd -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: arpdsvr - (C:\WINDOWS\system32\brrbgoff.dll) - C:\WINDOWS\system32\brrbgoff.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (15776153612582912)
========== Files/Folders - Created Within 90 Days ==========
[2010.10.18 10:40:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.10.18 10:37:56 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2010.10.18 10:28:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Inke\Anwendungsdaten\Malwarebytes
[2010.10.18 10:28:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.10.18 10:28:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.10.18 10:28:15 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.10.18 10:28:15 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.10.18 10:27:02 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2010.10.18 10:25:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Inke\Desktop\MFTools
[2010.10.14 18:01:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Inke\Lokale Einstellungen\Anwendungsdaten\{99C27F9A-4BF3-4BEE-9D17-A701613B2217}
[2010.10.14 17:59:48 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Settings
[2010.10.10 12:27:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX
[2010.09.25 11:02:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Inke\Anwendungsdaten\InstallShield
[2010.08.12 12:09:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Inke\Eigene Dateien\AdobeStockPhotos
[2009.06.16 14:03:56 | 000,126,976 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.SHDocVw.dll
========== Files - Modified Within 90 Days ==========
[2010.10.18 13:00:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.18 11:48:38 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.18 11:48:35 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010.10.18 11:48:22 | 000,002,343 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Acrobat - Schnellstart.lnk
[2010.10.18 11:48:18 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.18 11:48:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.18 11:46:44 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Inke\defogger_reenable
[2010.10.18 11:28:52 | 000,183,808 | ---- | M] () -- C:\Dokumente und Einstellungen\Inke\Desktop\Ergebnis_Malwarebytes18102010.doc
[2010.10.18 10:37:57 | 000,000,591 | ---- | M] () -- C:\Dokumente und Einstellungen\Inke\Desktop\NTREGOPT.lnk
[2010.10.18 10:37:57 | 000,000,572 | ---- | M] () -- C:\Dokumente und Einstellungen\Inke\Desktop\ERUNT.lnk
[2010.10.18 10:31:20 | 000,471,680 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.10.18 10:31:20 | 000,450,520 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.18 10:31:20 | 000,090,242 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.10.18 10:31:20 | 000,074,990 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.18 10:28:20 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.18 10:26:51 | 000,285,230 | ---- | M] () -- C:\Dokumente und Einstellungen\Inke\Desktop\Gmer.zip
[2010.10.18 10:26:51 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Inke\Desktop\defogger.exe
[2010.10.18 10:23:14 | 000,388,977 | ---- | M] () -- C:\Dokumente und Einstellungen\Inke\Desktop\Load.exe
[2010.10.18 08:27:54 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Ixamofezipaha.dat
[2010.10.18 02:45:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Axitabefogufage.bin
[2010.10.15 18:05:50 | 000,293,376 | ---- | M] () -- C:\Dokumente und Einstellungen\Inke\Desktop\gmer.exe
[2010.10.15 11:16:13 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.10.14 17:59:49 | 000,049,152 | -H-- | M] () -- C:\WINDOWS\System32\brrbgoff.dll
[2010.10.14 13:43:08 | 000,134,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.10.14 10:43:04 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.10.13 10:08:00 | 000,034,650 | ---- | M] () -- C:\Dokumente und Einstellungen\Inke\Desktop\Eppendorf_18.10.-24.10.10.pdf
[2010.10.06 11:31:00 | 000,034,285 | ---- | M] () -- C:\Dokumente und Einstellungen\Inke\Desktop\Eppendorf_11.10.-17.10.10.pdf
[2010.09.25 11:03:43 | 000,001,645 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Logitech-Maus- und -Tastatureinstellungen.lnk
[2010.09.25 11:02:58 | 000,001,651 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
========== Files Created - No Company Name ==========
[2010.10.18 11:50:35 | 000,293,376 | ---- | C] () -- C:\Dokumente und Einstellungen\Inke\Desktop\gmer.exe
[2010.10.18 11:46:44 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Inke\defogger_reenable
[2010.10.18 11:28:51 | 000,183,808 | ---- | C] () -- C:\Dokumente und Einstellungen\Inke\Desktop\Ergebnis_Malwarebytes18102010.doc
[2010.10.18 10:37:57 | 000,000,591 | ---- | C] () -- C:\Dokumente und Einstellungen\Inke\Desktop\NTREGOPT.lnk
[2010.10.18 10:37:57 | 000,000,572 | ---- | C] () -- C:\Dokumente und Einstellungen\Inke\Desktop\ERUNT.lnk
[2010.10.18 10:28:20 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.18 10:26:19 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Inke\Desktop\defogger.exe
[2010.10.18 10:26:02 | 000,285,230 | ---- | C] () -- C:\Dokumente und Einstellungen\Inke\Desktop\Gmer.zip
[2010.10.18 10:23:13 | 000,388,977 | ---- | C] () -- C:\Dokumente und Einstellungen\Inke\Desktop\Load.exe
[2010.10.14 18:01:43 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Ixamofezipaha.dat
[2010.10.14 18:01:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Axitabefogufage.bin
[2010.10.14 17:59:49 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\System32\brrbgoff.dll
[2010.10.14 17:59:47 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\ldcpfk.dat
[2010.10.13 10:08:00 | 000,034,650 | ---- | C] () -- C:\Dokumente und Einstellungen\Inke\Desktop\Eppendorf_18.10.-24.10.10.pdf
[2010.10.06 11:31:00 | 000,034,285 | ---- | C] () -- C:\Dokumente und Einstellungen\Inke\Desktop\Eppendorf_11.10.-17.10.10.pdf
[2010.09.25 11:03:43 | 000,001,645 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Logitech-Maus- und -Tastatureinstellungen.lnk
[2010.09.25 11:02:58 | 000,001,651 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
[2009.06.28 20:31:18 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2009.06.28 20:31:18 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC32.DLL
[2009.06.28 20:31:18 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC16.DLL
[2009.06.28 20:31:18 | 000,000,137 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2009.06.28 20:31:18 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_1430.ini
[2009.06.28 20:31:18 | 000,000,039 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2009.06.28 20:31:18 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009.06.28 20:31:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\BROHL143.INI
[2009.06.28 20:31:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009.06.28 20:31:16 | 000,013,109 | ---- | C] () -- C:\WINDOWS\HL-1430.INI
[2009.06.28 20:31:11 | 000,000,453 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009.06.28 20:31:11 | 000,000,026 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009.06.28 20:31:10 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2009.06.16 14:03:58 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dossec.dll
[2008.05.29 14:00:21 | 000,009,216 | ---- | C] () -- C:\Dokumente und Einstellungen\Inke\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.05.29 09:09:09 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\hpgt34.dll
[2008.05.29 09:05:48 | 000,048,205 | ---- | C] () -- C:\WINDOWS\System32\drivers\lcoinst.ini
[2008.01.24 23:11:19 | 000,086,016 | R--- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008.01.24 23:10:52 | 000,757,760 | R--- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008.01.24 23:08:41 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2008.01.24 22:23:06 | 000,052,858 | ---- | C] () -- C:\WINDOWS\System32\interceptor.sys
[2008.01.24 22:22:24 | 000,027,059 | ---- | C] () -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2008.01.21 23:49:07 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.01.21 22:49:56 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2008.01.20 22:12:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005.12.07 13:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2004.08.04 14:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\uheyejej.dll
[2003.06.20 08:00:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\C1XStngs.dll
[2002.12.04 11:57:00 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2002.12.04 11:57:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
========== LOP Check ==========
[2009.12.26 14:40:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations
[2009.12.26 14:41:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009.12.26 14:54:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Inke\Anwendungsdaten\Nokia
[2009.12.26 14:54:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Inke\Anwendungsdaten\Nokia Multimedia Player
[2009.09.14 08:22:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Inke\Anwendungsdaten\Opera
[2009.12.26 14:40:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Inke\Anwendungsdaten\PC Suite
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2008.01.20 22:22:39 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008.01.20 22:16:59 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2004.08.04 14:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin
[2008.01.20 22:22:39 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008.01.20 22:22:39 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008.01.20 22:22:39 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004.08.04 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009.02.28 21:15:55 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2010.10.18 11:48:05 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\system32\*.wt >
< %systemroot%\system32\*.ruy >
< %systemroot%\Fonts\*.com >
[2006.04.18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006.06.29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006.04.18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006.06.29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2008.01.20 22:22:14 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2002.10.28 02:02:00 | 000,028,368 | ---- | M] (Brother Industries ,Ltd ) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\BRPP2KA.DLL
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008.07.06 12:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.06.16 14:03:58 | 000,053,248 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\dossec.dll
[2009.06.16 14:03:56 | 000,126,976 | ---- | M] ( ) Unable to obtain MD5 -- C:\WINDOWS\system32\Interop.SHDocVw.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.20 23:10:29 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.01.20 23:10:29 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.01.20 23:10:28 | 000,430,080 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\user32.dll /md5 >
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2008.04.14 04:22:32 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=6A35E2D6F5F052C84EC2CEB296389439 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\system32\ws2help.dll /md5 >
[2008.04.14 04:22:32 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=C7D8A0517CBF16B84F657DE87EBE9D4B -- C:\WINDOWS\system32\ws2help.dll
< MD5 for: EXPLORER.EXE >
[2004.08.04 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 15:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=64D320C0E301EEDC5A4ADBBDC5024F7F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: WINLOGON.EXE >
[2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-14 08:43:13
< End of report > --- --- --- Extra.txt:
[SIZE="1"]OTL Logfile: Code:
OTL Extras logfile created on: 18.10.2010 13:16:24 - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Dokumente und Einstellungen\Inke\Desktop\MFTools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 638,00 Mb Available Physical Memory | 62,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 16,95 Gb Free Space | 57,86% Space Free | Partition Type: NTFS
Drive D: | 63,86 Gb Total Space | 48,65 Gb Free Space | 76,17% Space Free | Partition Type: NTFS
Computer Name: IS | User Name: Inke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0D80391C-0A72-43BB-9BC2-143F63CC111D}" = Nokia PC Connectivity Solution
"{181934AF-3E7B-450D-804F-2B812E018ED1}" = Intel(R) PROSet
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{46548E80-0407-0000-7E8A-45000F855001}" = Adobe GoLive CS2
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}" = iTunes
"{5C77E45B-9B11-40F0-81A5-1CBF192782F2}" = ATW
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7959721D-8268-4565-9E0E-C41A9F4848A9}" = SigmaTel AC97 Audio-Treiber
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9BD3BC83-C14A-4C54-A5FB-F43D93D5E4EF}" = Nokia Connectivity Cable Driver
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-7760-000000000002}" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"{ADBE46EE-54E0-4610-B436-D7E93D829100}" = Adobe Version Cue CS2
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{BD202930-5F70-4B35-B875-1E28604F328D}" = Logitech Communications Manager
"{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{E1B34BF3-6333-47DC-AD85-D89A95829478}" = Nokia PC Suite
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Brother HL-1430" = Brother HL-1430
"C988931A08278BCA99C447BBDEEA229CC8656E50" = Windows Driver Package - Nokia Modem (07/24/2006 6.81.0.23)
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D480 MDC V.9x Modem
"ERUNT_is1" = ERUNT 1.1j
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa 3" = Picasa 3
"VLC media player" = VideoLAN VLC media player 0.8.6f
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.09.2010 13:40:48 | Computer Name = IS | Source = Google Update | ID = 20
Description =
Error - 23.09.2010 16:15:26 | Computer Name = IS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 29.09.2010 15:35:26 | Computer Name = IS | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application outlook.exe, version 10.0.2616.0, faulting module
outllib.dll, version 10.0.2627.0, fault address 0x00055727.
Error - 05.10.2010 12:12:15 | Computer Name = IS | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, stamp 49b3ad2e,
faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault address
0x0346a611.
Error - 17.10.2010 07:36:25 | Computer Name = IS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 17.10.2010 07:36:28 | Computer Name = IS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 17.10.2010 16:08:50 | Computer Name = IS | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, stamp 49b3ad2e,
faulting module urlmon.dll, version 8.0.6001.18968, stamp 4c89c68c, debug? 0, fault
address 0x000294f6.
Error - 17.10.2010 16:09:37 | Computer Name = IS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 17.10.2010 16:22:01 | Computer Name = IS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OUTLOOK.EXE, Version 10.0.2616.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 18.10.2010 03:59:52 | Computer Name = IS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 18.10.2010 04:31:03 | Computer Name = IS | Source = Service Control Manager | ID = 7034
Description = Dienst "RegSrvc" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.
Error - 18.10.2010 04:31:03 | Computer Name = IS | Source = Service Control Manager | ID = 7034
Description = Dienst "ServiceLayer" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 18.10.2010 04:31:03 | Computer Name = IS | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 18.10.2010 04:31:06 | Computer Name = IS | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 18.10.2010 04:33:55 | Computer Name = IS | Source = DCOM | ID = 10010
Description = Der Server "{601AC3DC-786A-4EB0-BF40-EE3521E70BFB}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 18.10.2010 04:37:29 | Computer Name = IS | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 18.10.2010 05:31:30 | Computer Name = IS | Source = sr | ID = 1
Description = Beim Verarbeiten der Datei "" auf Volume "HarddiskVolume1" ist im
Wiederherstellungsfilter der unerwartete Fehler "0xC0000001" aufgetreten. Die Volumeüberwachung
wurde angehalten.
Error - 18.10.2010 05:32:58 | Computer Name = IS | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 18.10.2010 05:32:58 | Computer Name = IS | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
IntelIde
Error - 18.10.2010 05:49:48 | Computer Name = IS | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
< End of report > --- --- ---
XXXXXX Inhalt von mbam-log:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4867
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
18.10.2010 11:42:52
mbam-log-2010-10-18 (11-42-52).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 136855
Laufzeit: 6 Minute(n), 33 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
XXXX defogger_disable:
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
XXXX
Das sind die angeforderten Reports.
Was haben die zu bedeuten?
Vielen Dank. |