| |  Fehler beim Laden von C:Windows\system32\sshnas.dll
 Hallo Community,
wie schon in der Überschrift geschrieben kommt jedes mal nach starten meines PCs diese Fehlermeldung: Fehler beim Laden von C:Windows\system32\sshnas.dll.
Ich bekomm die Fehlermeldung bestimmt schon seid über einem halben Jahr, dachte aber immer, dass das nix schlimmes ist, weil ja schließlich noch alles funktioniert hat(Bin ein Computeranalphabet, habt Nachsicht).
Heute hab ich aber mal diese Meldung gegoogelt und heraus gefunden das es sich dabei um einen Trojaner handelt. Viele hatten das Problem nur bin ich nicht wirklich auf eine Lösung gestoßen, deswegen schreib ich hier einfach mal rein.
Hab einen Quick Scan mit Malwarebytes Anti-Malware gemacht. (Wollte eigentlich einen vollständigen machen, nur bekomm ich nach ca. 2 Stunden Scan einen Bluescreen)
Nach dem Quick Scan wurden vier Dateien in Quarantäne gestellt und seitdem bekomm ich die Fehlermeldung auch nicht mehr. Hab aber hier gelesen, dass das nicht unbedingt was heißen muss.
Hier der Report vom Quick Scan: Zitat: Malwarebytes Anti-Malware (Test) 1.65.1.1000
www.malwarebytes.org
Datenbank Version: v2012.12.24.03
Windows Vista Service Pack 1 x64 NTFS
Internet Explorer 8.0.6001.19088
Jan Gerdes::JANGERDES-PC [Administrator]
Schutz: Aktiviert
24.12.2012 11:50:45
mbam-log-2012-12-24 (11-50-45).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 306562
Laufzeit: 6 Minute(n), 41 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 3
HKCU\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\XML (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\ZagrebLand (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|LosAlamos (Trojan.FakeAlert) -> Daten: rundll32.exe C:\Windows\system32\sshnas.dll,NvTaskbarInit -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
|
Dann hab ich mir auch den Defogger runtergeladen und ausgeführt und danach dann den OTL.
Hier dann einmal die beiden Dokumente(Ich wollte eigentlich nen Link senden, nur klappt das nicht so ganz):
Extras.Txt: Zitat:
OTL Extras logfile created on: 25.12.2012 14:53:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jan Gerdes\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 45,72% Memory free
8,18 Gb Paging File | 5,76 Gb Available in Paging File | 70,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584,61 Gb Total Space | 260,88 Gb Free Space | 44,62% Space Free | Partition Type: NTFS
Drive D: | 11,56 Gb Total Space | 1,56 Gb Free Space | 13,46% Space Free | Partition Type: NTFS
Drive E: | 680,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 962,70 Mb Total Space | 585,77 Mb Free Space | 60,85% Space Free | Partition Type: FAT
Computer Name: JANGERDES-PC | User Name: Jan Gerdes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe ()
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l ()
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" ()
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09C5DCB0-1C9A-45CF-80CF-8A4D7DD290B8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B001F0C-526A-4F65-AA04-A9E2ADDD150B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0B9E809A-063E-43AB-8FB2-E52239FB9724}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0BE1D342-6193-4F36-8F12-7EC71D6D91F8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1AD0B7E0-AF70-479F-A0D9-DE615954DB41}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{275A99B2-E617-4C00-A131-65332B23D407}" = rport=137 | protocol=17 | dir=out | app=system |
"{2DDA9833-13AC-4716-8FA9-B65D15CE2856}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{343CC9F5-E601-48A1-800D-BD59ED7564A9}" = lport=3390 | protocol=6 | dir=in | app=system |
"{35098093-F358-4765-A509-83F4F4EEBE88}" = rport=10243 | protocol=6 | dir=out | app=system |
"{391EEF56-2734-4B76-82F2-EFE78FC117D7}" = rport=139 | protocol=6 | dir=out | app=system |
"{3A155512-274E-4ADA-9708-348EA7D7195A}" = lport=139 | protocol=6 | dir=in | app=system |
"{3A34B94A-0894-42A2-AF2C-149C36F7AABE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{40815467-0FF6-4826-8FF9-0C3E2786FD39}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{41F0201C-2BC9-4D77-8B62-289AF5B31A10}" = lport=10244 | protocol=6 | dir=in | app=system |
"{4903408F-0778-484C-A52A-CB1AE74C401B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4D287E3D-08A4-4F8A-8DD6-AC62A93C0150}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{61460E83-1C30-4F50-A305-B2363B4006BE}" = lport=137 | protocol=17 | dir=in | app=system |
"{61F41127-D97D-4980-B43E-1B3C0FE22979}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{6387FCD3-B462-4904-A0A2-CEE952531A28}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{670FA5D8-F7A0-4F1D-BFC4-6CC5CF1CA523}" = lport=138 | protocol=17 | dir=in | app=system |
"{6CF24E5F-570A-4E6A-BC7E-259B4E126967}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{6FDF9A9B-96B4-4D02-A76A-2F9FA1AB1879}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{738E2288-7F1C-4C31-B7F1-556B57FDF5BB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{791B50B2-07F0-4112-9AB7-81BF130F0133}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7E621995-74FB-421C-8231-5205A6019784}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{80285907-1A41-48E3-B108-97C0F300DFB5}" = lport=445 | protocol=6 | dir=in | app=system |
"{82A13071-B01B-426E-8975-36A6E569E016}" = lport=3390 | protocol=6 | dir=in | app=system |
"{842BB45D-577B-407D-8B03-3E1885228F35}" = rport=138 | protocol=17 | dir=out | app=system |
"{845BBEDD-AF03-46C0-85C6-EB02502ACF75}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{86510686-8795-451F-A0E0-A202B6E12773}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{913D64D0-BAC5-4C98-81E6-F1411D22F092}" = lport=10244 | protocol=6 | dir=in | app=system |
"{96717B7D-FD30-47D4-A665-42D99FEC5106}" = rport=445 | protocol=6 | dir=out | app=system |
"{9A26F061-B191-410C-9073-EE374529BDC8}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9E1E12E9-AEA8-452F-9E3A-CDA486C4E79D}" = rport=10244 | protocol=6 | dir=out | app=system |
"{9E258E73-6892-42DD-A0DB-4FAF204B8EDF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A291CA8E-2D4C-43C6-BF5C-C999F3883E4C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A59F8968-75D4-4EA7-8003-C372BEB104F7}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{A633A46C-19E6-4417-824D-E8532547AF40}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AA57CE68-25BF-4C65-AC3C-374A3E4314D9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ABAAA1DB-43D6-4CB5-AB46-B08ACA49221E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B23EEFD3-5CBA-4EF5-85D6-7DEC05FA7637}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{B65AF21C-8A74-4881-8B21-CAE85F7DACFF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D09C8F15-E2D7-4F94-AC46-5C93217F2531}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D46DEA2A-A9DF-4FC9-95BB-F1B91D49913D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9F04474-8578-4818-B7EB-BACF1B727155}" = rport=10244 | protocol=6 | dir=out | app=system |
"{E0A0D8D4-4747-421C-A279-FF6F493495CA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EA17F5E3-78D2-4B87-A324-9AE23703F992}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EB0535B7-F939-457D-B3E5-0E725CAE00E2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EF745BB2-BDC9-4449-AED9-06B3DAEC5A26}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FD2A7280-5A6F-4F28-A145-D5894E144D4C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002F252D-C187-4F1D-B458-D22C4270E406}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{00C64CC4-6891-4494-9113-F6795E10AA52}" = protocol=17 | dir=in | app=c:\program files (x86)\alarm für cobra 11 - das syndikat - demo\crashtime4low.exe |
"{02404206-D8D7-427A-9F99-2E5E31B460C8}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe |
"{024FE40D-5E00-4265-B9B5-A1293DDFC9B6}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{02CD1318-0FD9-4BD4-B4EC-6A5E3617097A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{0B586977-0421-4DB4-A2AC-F024B1E86918}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011\game.exe |
"{0B8E523C-16CA-47F9-9948-7DBD7C29DB81}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{11B808D5-20D1-497C-AC45-40C473962F03}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{1534B867-4F28-46D4-8E74-F844E17F9A7E}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{168855BB-D397-462D-953D-40AE8DE7B067}" = protocol=17 | dir=in | app=c:\program files (x86)\alarm für cobra 11 - das syndikat\crashtime4hi.exe |
"{17E1C646-A914-4630-A6D5-8C26C2B6D85F}" = protocol=6 | dir=in | app=c:\program files (x86)\alarm für cobra 11 - das syndikat - demo\crashtime4hi.exe |
"{1AB2B977-337F-4AE8-A9FC-93CD04CBCBF0}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{1DD3A32B-79A4-4E2A-9FD6-2AC85090158B}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{209C0385-301E-411F-8014-778929AF1535}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe |
"{211C8BFA-BF02-4AFA-8923-8EC0CB400728}" = protocol=17 | dir=in | app=c:\users\jan gerdes\downloads\sweetimsetup.exe |
"{215D63D8-7E98-4B4E-A744-74C42EFB1D4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{215FE5FD-8C6D-47EF-B1A0-E9E7F1F8C296}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{288D1A32-062C-4ABE-8E08-F5C37BF96046}" = protocol=17 | dir=in | app=c:\program files (x86)\agrar simulator 2011\iupdate.dll |
"{3154FAE1-6443-4B5F-A0BC-5865AAC4DEAA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{354F333D-D8B4-4906-AF24-110057B33633}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{367C2234-A8F7-4A9E-A6B8-96B9DD515E42}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3CD35116-2B06-4DB2-81FC-8651FAD247B8}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{3D1E8FDB-BA2E-43BC-BA51-378FB7DE5618}" = protocol=6 | dir=in | app=c:\program files (x86)\alarm für cobra 11 - das syndikat\crashtime4hi.exe |
"{3EB8046E-CCC5-4865-9FBD-69FF745F72EA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3F659DE7-E12D-4516-B139-FC3C664760BB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{415137B8-0AF1-4027-BAF7-D43D2D9A1700}" = protocol=6 | dir=in | app=c:\program files (x86)\agrar simulator bga 2011\farm.bga.dll |
"{4380149A-5F81-4078-A2CD-AE00CF6F47A1}" = protocol=6 | dir=in | app=c:\program files (x86)\agrar simulator 2011\iupdate.dll |
"{43BCA487-901F-4B38-99E2-CB31A6087359}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe |
"{47EB364C-74FB-43A5-A27B-615E376EA723}" = protocol=17 | dir=in | app=c:\program files (x86)\agrar simulator bga 2011\iupdate.dll |
"{495ADF8A-7770-4568-982E-F8FBA8C9E237}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{49D5D44D-E042-4FC5-BAD1-FA99FD6F1B89}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{4A1970D7-B6C3-42CA-A89E-58351914EBD1}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{4B5EE28C-ABD3-4C47-B938-00E8016D1659}" = protocol=6 | dir=in | app=c:\program files (x86)\alarm für cobra 11 - das syndikat\crashtime4low.exe |
"{4C80DEFB-820C-4BB7-BE59-7E2D7E56F325}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{50216335-5B8D-4861-BE9A-A537DD79C726}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{504FE0EB-AAA2-4296-A28D-8215176B5FBC}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{5B50A988-AD20-4D57-8253-C6FE4668F41D}" = protocol=6 | dir=in | app=c:\program files (x86)\alarm für cobra 11 - das syndikat - demo\crashtime4low.exe |
"{607E0281-12A5-49C1-B677-B519F1FB1234}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{61FFDD5D-1B6D-4A56-9C94-F2DBE6677539}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{63E849B5-533D-4FA1-A87F-CB41DC5D1FF5}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\operation flashpoint red river\redriverlauncher.exe |
"{6DE5B49F-FFA0-4C54-8F42-1EB0F228727E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6FB68DED-F0A3-4DA1-A1E7-FCF9BA0F87DD}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{724B00FF-6E77-45D4-B441-2414D3D06717}" = protocol=6 | dir=in | app=c:\program files (x86)\agrar simulator bga 2011\iupdate.dll |
"{7504CFC7-3185-48F0-8B6C-51A49F9A7918}" = dir=in | app=c:\users\jan gerdes\documents\the war z\warz.exe |
"{7A105F6C-14C0-4381-8180-1AF726C7870C}" = protocol=17 | dir=in | app=c:\program files (x86)\agrar simulator bga 2011\farm.bga.dll |
"{7B8FE7DA-40FB-4EC6-B357-27DADB80067A}" = protocol=6 | dir=in | app=c:\users\jan gerdes\downloads\sweetimsetup.exe |
"{845B67BC-696E-4970-B3B7-3541A9595ED6}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold\stronghold.exe |
"{88180D26-3D26-4A49-B7EA-69FCBE4FBD88}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011\game.exe |
"{8AB31BC2-52AE-41D9-AA92-24EB0CA375B6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8E73EFDD-11AD-4D32-B96A-9DC7C1255005}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8F54491A-A1AA-4970-B9D9-0B035031F90D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{917F2F79-E0B1-49DF-8007-AF79C063BC27}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{95C187C0-CC4F-4E28-B19F-6369C184F5C5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{995EFC1F-9742-4568-AFA6-2455DB99B7FC}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{995F6F94-0015-4AAC-8F5D-4F99B88D4259}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{9BBB4764-067D-4A2B-8418-877D25E2A77D}" = protocol=6 | dir=in | app=c:\program files (x86)\agrar simulator 2011\farm.dll |
"{A03CBC52-93A2-41C1-B95B-C0C94B6807F2}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold\stronghold.exe |
"{A2A2D2AF-63A7-46F6-A2A3-06458961E7EA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A89D79E7-9662-4EDA-945E-05738F881DF1}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{A9AC29AF-AF4C-4398-A08E-64434BE5F848}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{AAABD9BB-80E4-4551-A6D0-30DB6C062765}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{AB0777CF-6B0F-4B1F-AFA7-610F8B99F17E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B45CDF71-EE5F-45E0-811B-3F250BB05037}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{C1B9C75B-6F6D-49CA-AB0D-CCAA25603F05}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C6CDB16B-7367-46F1-8DF3-0BEAEF734685}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C793082A-93A1-4EE3-862E-66C72CE8D342}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C96ED7B9-50EF-46A4-B71D-1FCB3F8C84D0}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe |
"{CA4FD3D2-3BFD-426F-8B63-CC3AF15D2D32}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CB6EA4EE-DD22-4A73-B64D-AC4BD65FA34D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CB822875-499A-4E55-B46F-58A243B2D497}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{D2881552-957B-4857-B61E-B78A0C875256}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D781F8BE-E28E-4AF9-AA9E-00EF83620C6E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D85BD06D-4FFD-439A-A372-B0A945E9A1C5}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe |
"{DC296A6C-2C76-418A-B736-3DD95A082F3D}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{DD7D84AF-87F4-4CCE-870B-A748924B5F14}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DDE4575D-FB29-4455-BDA7-E3227BE2FAB8}" = protocol=6 | dir=out | app=system |
"{E050F5B9-A8A8-4A2B-BF5C-645B233B6161}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\operation flashpoint red river\redriverlauncher.exe |
"{E19EF93B-1CFC-4A88-9BBE-C32CFB72D4EE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E4C4B3F4-7BD1-4FD4-B869-FBF084AEC726}" = protocol=17 | dir=in | app=c:\program files (x86)\alarm für cobra 11 - das syndikat\crashtime4low.exe |
"{E6084A9D-A738-4B9E-8DAC-C6FB12834CC0}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{E6AAD340-FC68-4736-8480-3AEFEA2CDF70}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E96238B4-C44A-420E-AEB9-26B33532D29F}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\operation flashpoint red river\redriver.exe |
"{EA537C96-F897-4E17-94B2-F74CA1E1BA0D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{EA9D5AB4-725B-4DCC-95E7-B87E5CEB9D17}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{EB8D1273-A553-47D2-9B40-45A4571AD041}" = protocol=17 | dir=in | app=c:\program files (x86)\alarm für cobra 11 - das syndikat - demo\crashtime4hi.exe |
"{F07B13CD-49D6-44F9-8D95-7B4DF44E0A31}" = protocol=17 | dir=in | app=c:\program files (x86)\agrar simulator 2011\farm.dll |
"{F2016D04-D573-4520-8FB6-8B5559D77C73}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD58C3F2-E35B-4F3F-BF38-6E6304D66EB5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{18A0CFB2-9D2B-4269-AE37-E7C642EFD2F2}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{8A8B1A4C-A0BC-4E4C-9C6A-C6170C061701}C:\users\jan gerdes\desktop\pc-spiele\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\users\jan gerdes\desktop\pc-spiele\left 4 dead 2\left4dead2.exe |
"TCP Query User{8D641396-D862-476D-B152-4AF19846C0E9}C:\program files (x86)\sixteen tons entertainment\emergency 4 deluxe\em4deluxe.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sixteen tons entertainment\emergency 4 deluxe\em4deluxe.exe |
"TCP Query User{A0495165-064F-4CC0-A9B9-740285741FA4}C:\users\jan gerdes\desktop\1.6\hl.exe" = protocol=6 | dir=in | app=c:\users\jan gerdes\desktop\1.6\hl.exe |
"TCP Query User{CC292F5A-80DA-4B7F-8816-564EE88B1602}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe |
"UDP Query User{476194D9-0C60-42AF-9504-132087836D3E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{6A68EAA0-15D9-4421-A202-28ADFC752821}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe |
"UDP Query User{9D8A6D64-0509-42FB-BBD6-8364029EF712}C:\users\jan gerdes\desktop\1.6\hl.exe" = protocol=17 | dir=in | app=c:\users\jan gerdes\desktop\1.6\hl.exe |
"UDP Query User{CD915A09-2735-466A-BAEB-349746B18A9F}C:\users\jan gerdes\desktop\pc-spiele\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\users\jan gerdes\desktop\pc-spiele\left 4 dead 2\left4dead2.exe |
"UDP Query User{F5238CF1-913C-424A-842F-D0D54549D0A3}C:\program files (x86)\sixteen tons entertainment\emergency 4 deluxe\em4deluxe.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sixteen tons entertainment\emergency 4 deluxe\em4deluxe.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series" = Canon iP3600 series Printer Driver
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{903029FE-FA82-427B-916C-AD08185DA3C2}" = Microsoft Xbox 360 Accessories 1.1
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"BC15EA930074932BB2C4B4493C9FD4EA95087D1A" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.61.3
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Drivers" = NVIDIA Drivers
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216034FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{404245D0-E836-4737-9C12-D4D0034540F5}_is1" = Free Countdown Timer 2.3.0
"{434D083E-7E9A-4D3A-914B-121000008100}" = Operation Flashpoint ®: Red River
"{434D083E-A4CC-401A-9E74-621000038101}" = OF: Red River
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{55DAC754-01F4-4EF8-9E23-6A1847862FBD}_is1" = Winterberg Configurator Version WEM Confi 8.5
"{5C81B189-5456-40C4-9313-7FE6FA6DD64C}" = Office-Bibliothek
"{5F7ED0CD-E04E-4441-9E03-10AFDB654E96}_is1" = Werksfeuerwehr-Simulator Version 1.0
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{901C0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B399BFBA-258C-4C01-B929-D0D0873FBC4B}" = TL-PA211 Powerline Utility
"{B6C2569C-E2AA-4AB9-8C26-AC2487A2BFFC}" = Sid Meier's Civilization 4
"{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = The War Z version alpha
"{BDBA9828-200B-43A0-AB4F-82DABEE64F94}_is1" = LPS 2009v 3.0 USB
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{E040012F-A895-482E-87EF-D747ABB0F1D6}" = CADdy++ - SEE Electrical
"{E0810CC2-4B5B-4439-B1D0-452306AF2D64}" = HP Active Support Library
"{E1476612-02D6-42A3-BDC1-E292B4115738}" = HP Easy Setup - Frontend
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EDA12670-56B5-4459-BA21-D010F0E3EBA1}" = Emergency 4 Deluxe
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FDDB69BB-2F9A-4830-A579-ABBB7C5AF9A8}" = muvee autoProducer 6.1
"{Wegberg-Modifikation-5-0}_is1" = Feuer- und Notfallsimulation Wegberg Version 5.0
"1ClickDownload" = OnlineHDTV
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Alarm für Cobra 11 - Das Syndikat_is1" = Alarm für Cobra 11 - Das Syndikat
"Canon iP3600 series Benutzerregistrierung" = Canon iP3600 series Benutzerregistrierung
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Emergency 2012" = Emergency 2012 Deluxe
"Free Studio_is1" = Free Studio version 5.7.2.825
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.31.916
"GFWL_{434D083E-7E9A-4D3A-914B-121000008100}" = Operation Flashpoint ®: Red River
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NetCologne" = NetCologne-Installationsdateien entfernen
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"OpenAL" = OpenAL
"PC-Doctor 5 for Windows" = Hardware Diagnose Tools
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Real Heroes - Firefighter_is1" = Real Heroes Firefighter
"Stellar Phoenix Outlook PST Repair_is1" = Stellar Phoenix Outlook PST Repair v4.0
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.5
"WinDSL" = WinDSL
"WinPcapInst" = WinPcap 4.1.1
"Zoo Tycoon 1.0" = Zoo Tycoon: Complete Collection
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.12.2012 19:25:36 | Computer Name = JanGerdes-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 23.12.2012 19:25:37 | Computer Name = JanGerdes-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 23.12.2012 19:25:37 | Computer Name = JanGerdes-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 23.12.2012 19:25:37 | Computer Name = JanGerdes-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 23.12.2012 19:25:37 | Computer Name = JanGerdes-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 23.12.2012 19:25:37 | Computer Name = JanGerdes-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 23.12.2012 19:25:37 | Computer Name = JanGerdes-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 23.12.2012 19:35:07 | Computer Name = JanGerdes-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.0.6001.18164 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 734 Anfangszeit: 01cde0f5e219ee25 Zeitpunkt
der Beendigung: 0
Error - 23.12.2012 20:08:18 | Computer Name = JanGerdes-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 23.12.2012 20:08:18 | Computer Name = JanGerdes-PC | Source = Windows Search Service | ID = 3013
Description =
[ Media Center Events ]
Error - 11.10.2012 08:29:22 | Computer Name = JanGerdes-PC | Source = Mcx2Dvcs | ID = 401
Description =
[ System Events ]
Error - 25.12.2012 08:26:04 | Computer Name = JanGerdes-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 25.12.2012 09:45:20 | Computer Name = JanGerdes-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 25.12.2012 09:48:43 | Computer Name = JanGerdes-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.12.2012 um 14:43:10 unerwartet heruntergefahren.
Error - 25.12.2012 09:48:46 | Computer Name = JanGerdes-PC | Source = HTTP | ID = 15016
Description =
Error - 25.12.2012 09:48:58 | Computer Name = JanGerdes-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\hardlock.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 25.12.2012 09:48:59 | Computer Name = JanGerdes-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\lirsgt.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 25.12.2012 09:49:22 | Computer Name = JanGerdes-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.12.2012 09:49:22 | Computer Name = JanGerdes-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.12.2012 09:50:09 | Computer Name = JanGerdes-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 25.12.2012 09:50:53 | Computer Name = JanGerdes-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
| OTL.Txt: Zitat:
OTL logfile created on: 25.12.2012 14:53:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jan Gerdes\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 45,72% Memory free
8,18 Gb Paging File | 5,76 Gb Available in Paging File | 70,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584,61 Gb Total Space | 260,88 Gb Free Space | 44,62% Space Free | Partition Type: NTFS
Drive D: | 11,56 Gb Total Space | 1,56 Gb Free Space | 13,46% Space Free | Partition Type: NTFS
Drive E: | 680,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 962,70 Mb Total Space | 585,77 Mb Free Space | 60,85% Space Free | Partition Type: FAT
Computer Name: JANGERDES-PC | User Name: Jan Gerdes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2012.12.24 12:24:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jan Gerdes\Downloads\OTL.exe
PRC - [2012.12.05 17:53:32 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.10.31 14:01:25 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.03.07 01:08:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2011.10.16 17:08:56 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.05.24 11:22:44 | 002,033,488 | ---- | M] (Comfort Software Group) -- C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe
PRC - [2011.02.25 20:54:00 | 000,046,592 | ---- | M] (AlcaTech) -- C:\Windows\SysWOW64\mmrtkrnl.exe
PRC - [2007.04.18 16:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
========== Modules (No Company Name) ==========
MOD - [2012.12.05 17:53:31 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.04.24 22:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll
MOD - [2011.04.24 22:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll
MOD - [2011.04.24 22:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll
MOD - [2011.04.24 22:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll
MOD - [2011.04.24 22:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll
MOD - [2011.04.24 22:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll
MOD - [2011.04.20 18:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
========== Services (SafeList) ==========
SRV:64bit: - [2008.05.08 00:29:38 | 000,122,880 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\Crypserv.exe -- (Crypkey License)
SRV - [2012.12.05 17:53:32 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.31 14:01:25 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.03.07 01:08:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.16 17:08:56 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.20 19:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008.07.27 19:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.02.03 11:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.22 18:35:52 | 000,103,808 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.04.20 13:50:08 | 000,615,728 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\klif.sys -- (KLIF)
DRV:64bit: - [2011.03.10 17:36:24 | 000,029,488 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\klim6.sys -- (KLIM6)
DRV:64bit: - [2011.03.04 12:23:28 | 000,011,864 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kl2.sys -- (kl2)
DRV:64bit: - [2011.03.04 12:23:24 | 000,460,888 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\kl1.sys -- (kl1)
DRV:64bit: - [2010.06.17 14:19:50 | 000,035,840 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2009.11.02 19:27:10 | 000,022,544 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.10.20 19:19:54 | 000,047,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009.03.18 15:35:42 | 000,033,856 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.01.28 13:10:14 | 000,134,880 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\acedrv09.sys -- (acedrv09)
DRV:64bit: - [2008.05.10 02:58:09 | 000,140,288 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\RMCAST.sys -- (RMCAST)
DRV:64bit: - [2008.03.17 18:12:26 | 000,028,664 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\ckldrv.sys -- (NetworkX)
DRV:64bit: - [2008.01.21 03:51:07 | 000,016,384 | ---- | M] () [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2008.01.21 03:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2007.09.17 15:53:34 | 000,029,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007.02.27 02:15:20 | 000,092,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xusb21.sys -- (xusb21)
DRV - [2010.11.28 20:30:12 | 000,018,048 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.12.26 13:40:19 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.03.31 09:39:36 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2006.11.28 21:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PDNMp50.sys -- (PDNMp50)
DRV - [2006.11.28 21:46:22 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PDNSp50.sys -- (PDNSp50)
DRV - [2004.07.14 12:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\hardlock.sys -- (Hardlock)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {45D381B0-F1F6-4B62-B4C4-FE6ECE08B149}
IE:64bit: - HKLM\..\SearchScopes\{45D381B0-F1F6-4B62-B4C4-FE6ECE08B149}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE:64bit: - HKLM\..\SearchScopes\{61131C64-FDD7-42E4-8A00-9BAC3634F08B}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cndt
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{45D381B0-F1F6-4B62-B4C4-FE6ECE08B149}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKLM\..\SearchScopes\{61131C64-FDD7-42E4-8A00-9BAC3634F08B}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.internetcologne.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=8D4CDE90-8D36-4DE4-9375-A9741605B19D&apn_sauid=C2528B57-96C3-40C2-9841-E07D7A9D66E5
IE - HKCU\..\SearchScopes\{45D381B0-F1F6-4B62-B4C4-FE6ECE08B149}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKCU\..\SearchScopes\{61131C64-FDD7-42E4-8A00-9BAC3634F08B}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = nc-gerdesfr@netcologne.de
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039
FF - prefs.js..extensions.enabledAddons: moveplayer%40movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0034-ABCDEFFEDCBA%7D:6.0.34
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.556
FF - prefs.js..keyword.URL: "hxxp://radiobar.toolbarhome.com/search.aspx?srch=ku&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.10.31 14:02:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.10.31 14:02:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.10.31 14:02:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.05 17:53:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.12.05 17:53:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.05 17:53:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.12.05 17:53:08 | 000,000,000 | ---D | M]
[2009.03.26 20:22:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan Gerdes\AppData\Roaming\mozilla\Extensions
[2012.12.15 13:23:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan Gerdes\AppData\Roaming\mozilla\Firefox\Profiles\i89zgydx.default\extensions
[2010.05.03 15:45:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jan Gerdes\AppData\Roaming\mozilla\Firefox\Profiles\i89zgydx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.10.05 13:58:48 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Jan Gerdes\AppData\Roaming\mozilla\Firefox\Profiles\i89zgydx.default\extensions\moveplayer@movenetworks.com
[2012.10.22 11:42:46 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Jan Gerdes\AppData\Roaming\mozilla\firefox\profiles\i89zgydx.default\extensions\DivXWebPlayer@divx.com.xpi
[2012.11.24 11:38:16 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Jan Gerdes\AppData\Roaming\mozilla\firefox\profiles\i89zgydx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.02 16:20:54 | 000,002,299 | ---- | M] () -- C:\Users\Jan Gerdes\AppData\Roaming\mozilla\firefox\profiles\i89zgydx.default\searchplugins\askcom.xml
[2010.03.04 18:16:00 | 000,000,881 | ---- | M] () -- C:\Users\Jan Gerdes\AppData\Roaming\mozilla\firefox\profiles\i89zgydx.default\searchplugins\conduit.xml
[2010.08.13 20:23:55 | 000,001,589 | ---- | M] () -- C:\Users\Jan Gerdes\AppData\Roaming\mozilla\firefox\profiles\i89zgydx.default\searchplugins\web-search.xml
[2012.12.05 17:52:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.12.05 17:52:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
[2012.12.05 17:52:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.12.05 17:52:52 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak
[2012.12.05 17:52:53 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
[2012.12.05 17:52:55 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
[2012.12.05 17:52:57 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
[2012.12.05 17:53:32 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009.07.31 19:06:54 | 000,089,600 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\Extras.dll
[2009.07.31 18:47:11 | 000,112,128 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\Movies.dll
[2012.08.25 03:49:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.25 03:49:52 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.08.25 03:49:52 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.08.25 03:49:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.08.25 03:49:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.08.25 03:49:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [Realtime Audio Engine] C:\Windows\SysWow64\mmrtkrnl.exe (AlcaTech)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" File not found
O4 - HKCU..\Run: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe File not found
O4 - HKCU..\Run: [FreeCT] C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe (Comfort Software Group)
O4 - HKCU..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - Startup: C:\Users\Jan Gerdes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Product Registration.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jan Gerdes\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan Gerdes\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jan Gerdes\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan Gerdes\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC43B4D4-EB47-4867-AC3F-B1CC51339A1E}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll ()
O24 - Desktop WallPaper: C:\Users\Jan Gerdes\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jan Gerdes\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - Unable to read "AutoRun" value or value not present!
O32 - AutoRun File - [2006.08.31 16:48:52 | 003,170,304 | R--- | M] () - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.01.23 13:34:28 | 000,000,045 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{1205a735-08f0-11e0-8ebe-002215336a8b}\Shell - "" = AutoRun
O33 - MountPoints2\{1205a735-08f0-11e0-8ebe-002215336a8b}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{343fbcfb-4d0e-11dd-bde4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{343fbcfb-4d0e-11dd-bde4-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2006.08.31 16:48:52 | 003,170,304 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.24 11:49:40 | 000,000,000 | ---D | C] -- C:\Users\Jan Gerdes\AppData\Roaming\Malwarebytes
[2012.12.24 11:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.24 11:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.24 11:49:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.12.24 00:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.12.23 22:36:56 | 000,000,000 | ---D | C] -- C:\Users\Jan Gerdes\Desktop\DVD Video Soft
[2012.12.23 22:36:27 | 000,000,000 | ---D | C] -- C:\Users\Jan Gerdes\Desktop\Emergency
[2012.12.05 17:51:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.11.26 17:42:16 | 000,000,000 | ---D | C] -- C:\Users\Jan Gerdes\Documents\Arktos
[2012.11.26 17:42:16 | 000,000,000 | ---D | C] -- C:\Users\Jan Gerdes\AppData\Local\Arktos
[2012.11.26 17:42:15 | 000,000,000 | ---D | C] -- C:\Users\Jan Gerdes\AppData\Local\CrashRpt
[2012.11.26 17:17:53 | 000,000,000 | ---D | C] -- C:\Users\Jan Gerdes\Documents\The War Z
[2012.11.26 17:17:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The War Z
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Jan Gerdes\*.tmp files -> C:\Users\Jan Gerdes\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.25 14:55:21 | 001,588,314 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.25 14:55:21 | 000,681,838 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.25 14:55:21 | 000,640,868 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.25 14:55:21 | 000,149,302 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.25 14:55:21 | 000,122,752 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.25 14:54:59 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9A904537-B371-47EE-A20C-594D18C043A0}.job
[2012.12.25 14:51:33 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.25 14:48:54 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.25 14:48:53 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.25 14:48:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.25 14:45:24 | 4293,386,240 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.25 14:26:02 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.24 22:12:56 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3A84B897-A39D-439C-8BDD-53E79D2401A0}.job
[2012.12.24 12:23:29 | 000,000,000 | ---- | M] () -- C:\Users\Jan Gerdes\defogger_reenable
[2012.12.24 12:00:53 | 000,002,615 | ---- | M] () -- C:\Users\Jan Gerdes\Desktop\Microsoft Office Word 2007.lnk
[2012.12.24 11:49:30 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.24 00:41:15 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.11.26 17:17:53 | 000,000,799 | ---- | M] () -- C:\Users\Public\Desktop\The War Z.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Jan Gerdes\*.tmp files -> C:\Users\Jan Gerdes\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.24 12:23:29 | 000,000,000 | ---- | C] () -- C:\Users\Jan Gerdes\defogger_reenable
[2012.12.24 11:49:30 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.24 11:49:29 | 000,025,928 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.24 00:41:15 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.24 00:38:26 | 4293,386,240 | -HS- | C] () -- C:\hiberfil.sys
[2012.11.26 17:17:53 | 000,000,799 | ---- | C] () -- C:\Users\Public\Desktop\The War Z.lnk
[2012.11.15 21:09:54 | 000,100,352 | ---- | C] () -- C:\Windows\SysWow64\pg32conv.dll
[2012.11.15 21:09:54 | 000,030,793 | ---- | C] () -- C:\Windows\SysWow64\crtslv.dll
[2012.11.15 21:09:54 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\implode.dll
[2012.09.14 13:43:39 | 000,000,530 | ---- | C] () -- C:\Users\Jan Gerdes\AppData\Roaming\All CPU MeterV3_Settings.ini
[2012.03.25 16:14:02 | 000,017,408 | ---- | C] () -- C:\Users\Jan Gerdes\AppData\Local\WebpageIcons.db
[2012.02.17 23:36:25 | 000,000,098 | ---- | C] () -- C:\Users\Jan Gerdes\AppData\Local\fusioncache.dat
[2012.02.17 23:34:09 | 001,566,640 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.10 18:43:20 | 000,055,356 | R--- | C] () -- C:\Users\Jan Gerdes\verkleinert.jpg
[2011.04.01 13:12:21 | 000,281,656 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.04.01 13:11:58 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.01.29 15:45:10 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.12.19 19:49:24 | 000,002,528 | ---- | C] () -- C:\Users\Jan Gerdes\AppData\Roaming\$_hpcst$.hpc
[2010.08.04 18:41:07 | 000,000,205 | ---- | C] () -- C:\Users\Jan Gerdes\AppData\Roaming\mdbu.bin
[2009.12.22 13:55:23 | 000,021,259 | ---- | C] () -- C:\Users\Jan Gerdes\AppData\Roaming\UserTile.png
[2009.03.29 10:35:12 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009.03.01 13:57:52 | 000,003,072 | ---- | C] () -- C:\Users\Jan Gerdes\AppData\Roaming\wklnhst.dat
[2009.01.10 21:35:55 | 000,000,680 | ---- | C] () -- C:\Users\Jan Gerdes\AppData\Local\d3d9caps.dat
[2008.12.27 14:24:25 | 000,024,576 | ---- | C] () -- C:\Users\Jan Gerdes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006.11.02 16:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2011.01.21 16:56:31 | 012,898,304 | ---- | M] ()
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.03.03 05:53:36 | 000,891,392 | ---- | M] ()
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 05:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 03:50:58 | 000,513,024 | ---- | M] ()
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2009.10.07 15:30:29 | 000,000,000 | -HSD | M] -- C:\Users\Jan Gerdes\AppData\Roaming\.#
[2012.06.26 19:20:06 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\.minecraft
[2012.06.19 17:59:42 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\AlcaTech
[2009.01.13 17:39:55 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\Disney Interactive Studios
[2012.09.16 21:28:58 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\DVDVideoSoft
[2012.04.29 20:28:16 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.02 18:07:51 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\Engelmann Media
[2010.08.01 10:53:54 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\Feuerwache
[2010.12.03 16:57:00 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\GetRightToGo
[2010.08.12 09:55:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\Leadertech
[2011.10.05 19:32:41 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\LeitSim4
[2010.02.05 17:53:12 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\lennox
[2009.03.03 14:33:24 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\muvee Technologies
[2011.02.20 18:38:46 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\My Games
[2012.12.25 15:03:38 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\NetSpeedMonitor
[2012.02.15 15:04:12 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\ObviousIdea
[2010.12.20 17:41:56 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\PC Suite
[2009.03.03 14:48:38 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\PlayFirst
[2011.01.23 14:47:33 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\ProtectDisc
[2011.04.01 13:11:47 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\PunkBuster
[2011.01.05 16:23:11 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\RigNRoll_ger
[2011.11.27 13:17:30 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\Rovio
[2012.10.14 22:18:45 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\Samsung
[2011.09.22 16:33:46 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\Subversion
[2009.03.01 13:58:43 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\Template
[2012.12.24 00:43:48 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\TS3Client
[2012.12.23 22:09:56 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\Ubisoft
[2011.03.04 09:56:55 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\WinBatch
[2012.09.15 22:26:13 | 000,000,000 | -HSD | M] -- C:\Users\Jan Gerdes\AppData\Roaming\wyUpdate AU
[2012.11.14 11:08:46 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\XnView
[2010.04.26 16:56:45 | 000,000,000 | ---D | M] -- C:\Users\Jan Gerdes\AppData\Roaming\YoudaGames
========== Purity Check ==========
< End of report >
|
Ich hoffe das ich nix vergessen hab und schonmal Danke im vorraus für die Hilfe.
Und wie oben schon geschrieben, bin ich nicht sonderlich bewandert was Computerwissen angeht, von daher wäre es nett wenn ihr ein bisschen Rücksicht nehmt 
Grüße Jan
PS: Frohe Weihnachten
|
25.12.2012, 15:31
Baum-Darstellung