Hallo!
War doch etwas mehr ...
SystemLook-Scan: Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 20:49 on 03/04/2013 by Stefan
Administrator - Elevation successful
========== filefind ==========
Searching for "*bProtector*"
C:\Windows\System32\Tasks\bProtector --a---- 3338 bytes [09:39 21/03/2013] [11:03 21/03/2013] 84BF1040ED7D58612A1691AD66F5131F
========== folderfind ==========
Searching for "*bProtector*"
C:\bProtectorForWindows d------ [08:56 18/09/2012]
C:\028400ff82ebe131fa4ddb\bProtectorForWindows d------ [15:51 23/11/2012]
C:\04f306920f957153640e166e24\bProtectorForWindows d------ [11:45 25/09/2012]
C:\1070ab2172b984fda4\bProtectorForWindows d------ [15:06 20/11/2012]
C:\144a34f9014e5a04ed565c636d\bProtectorForWindows d------ [12:26 11/09/2012]
C:\29bd94c6368a461105db\bProtectorForWindows d------ [07:54 28/07/2012]
C:\2c5bc8a548f55b6e74166070e2\bProtectorForWindows d------ [12:52 05/01/2013]
C:\37d7b130e47b51ef6ab1b4a7a893bda5\bProtectorForWindows d------ [15:29 21/09/2012]
C:\3ce31d4563a9032f7a1695dc91\bProtectorForWindows d------ [12:29 05/10/2012]
C:\41322c52a401c9771995\bProtectorForWindows d------ [12:03 04/09/2012]
C:\497c50009f4d943ea04e\bProtectorForWindows d------ [15:47 19/10/2012]
C:\4c95bf441978a49f4e959b9286\bProtectorForWindows d------ [13:57 17/07/2012]
C:\505d135c245ac49998\bProtectorForWindows d------ [15:48 19/10/2012]
C:\5079e70917c8c1ae1f\bProtectorForWindows d------ [09:52 18/01/2013]
C:\530ba9c8fad932f9358a1324\bProtectorForWindows d------ [16:57 15/07/2012]
C:\5d3cd820d23d38204b1f50803608\bProtectorForWindows d------ [17:13 07/12/2012]
C:\630dc4c59e58d39240234ae8\bProtectorForWindows d------ [16:57 16/11/2012]
C:\637779ce29fabb2b072e868c\bProtectorForWindows d------ [15:41 23/01/2013]
C:\6434b20709812de8465309a0de\bProtectorForWindows d------ [12:52 09/10/2012]
C:\72ee744f4ea283cefa9ea2\bProtectorForWindows d------ [18:33 18/10/2012]
C:\788a1c8d5697a210a7\bProtectorForWindows d------ [10:13 18/09/2012]
C:\7909414813e615744eac\bProtectorForWindows d------ [08:15 07/09/2012]
C:\79a538ecf621240df134\bProtectorForWindows d------ [11:13 26/07/2012]
C:\82d0d7a58f91d6f543d33d\bProtectorForWindows d------ [14:59 02/11/2012]
C:\86cc027f15c92c73789210e35360ba\bProtectorForWindows d------ [09:34 03/08/2012]
C:\87bfbef07d97463aaa26979f943585aa\bProtectorForWindows d------ [08:19 01/12/2012]
C:\87cb6e9bf70b6adda316d2a93226853a\bProtectorForWindows d------ [16:00 13/11/2012]
C:\9383f6469f2b42ffcc43bcc2\bProtectorForWindows d------ [13:06 20/07/2012]
C:\9448ee8ea0acdbb7f0d0217900\bProtectorForWindows d------ [16:04 09/11/2012]
C:\977b324f966c710b3a2ca9706a7b254d\bProtectorForWindows d------ [12:10 10/07/2012]
C:\a57ebd56f0ff7aea7d446a396bbb\bProtectorForWindows d------ [11:05 02/10/2012]
C:\a61cb58f46d80aaf6874a7ab8c609e\bProtectorForWindows d------ [13:44 01/08/2012]
C:\a9e57554d4565affc23c\bProtectorForWindows d------ [13:57 23/10/2012]
C:\ad7961677f5c4817098ff628804a\bProtectorForWindows d------ [19:58 03/01/2013]
C:\b3932403f1f740cef70ba005\bProtectorForWindows d------ [17:14 17/08/2012]
C:\b44e8dc639c80aeac0a076cb7e\bProtectorForWindows d------ [10:06 06/11/2012]
C:\c00f737d3b6ba838f4\bProtectorForWindows d------ [10:53 24/08/2012]
C:\c8615056f13303404f\bProtectorForWindows d------ [13:53 19/12/2012]
C:\d6b0378eabefe90263ce1478b92796\bProtectorForWindows d------ [19:11 30/12/2012]
C:\e2f4d2fbe0b96c60f45f0d\bProtectorForWindows d------ [07:07 30/08/2012]
C:\e486b76e32143330e605fbabdb\bProtectorForWindows d------ [11:57 28/09/2012]
C:\eceedb9faf0ada27dfc1d456fa\bProtectorForWindows d------ [09:13 06/09/2012]
C:\efb932a808458c293935c879f422d675\bProtectorForWindows d------ [16:38 08/01/2013]
C:\f24f6388f31fd1971adbb8\bProtectorForWindows d------ [17:03 16/11/2012]
C:\f2f891b9c806289f198083\bProtectorForWindows d------ [12:28 12/10/2012]
C:\f463bd2e88e7bd909ad379f4a1\bProtectorForWindows d------ [08:20 21/08/2012]
C:\fb2ce738514d20f2b6f3c6f8\bProtectorForWindows d------ [10:16 31/08/2012]
C:\fe1c11490544867598f939a27c8a0f\bProtectorForWindows d------ [13:55 30/10/2012]
C:\Fraps\bProtectorForWindows d------ [17:46 08/07/2012]
C:\GAMIGO\LastChaosGER\bProtectorForWindows d------ [14:32 09/07/2012]
C:\Program Files\Common Files\Mcafee\HackerWatch\bProtectorForWindows d------ [11:02 09/07/2012]
C:\Program Files\Common Files\Mcafee\McSvcHost\bProtectorForWindows d------ [11:00 09/07/2012]
C:\Program Files\EA Games\bProtectorForWindows d------ [17:29 17/08/2012]
C:\Program Files\EA Games\Need for Speed Underground 2\bProtectorForWindows d------ [10:13 22/08/2012]
C:\Program Files\EA Games\NFS Underground\bProtectorForWindows d------ [17:20 25/09/2012]
C:\Program Files\Electronic Arts\Need For Speed III\3dSetup\bProtectorForWindows d------ [18:06 09/11/2012]
C:\Program Files\Google\bProtectorForWindows d------ [16:21 26/11/2012]
C:\Program Files\Google\Picasa3\bProtectorForWindows d------ [18:49 22/09/2012]
C:\Program Files\Malwarebytes' Anti-Malware\bProtectorForWindows d------ [12:46 04/09/2012]
C:\Program Files\Maxis\Die Sims\bProtectorForWindows d------ [11:00 22/07/2012]
C:\Program Files\McAfee\MPF\bProtectorForWindows d------ [11:18 29/07/2012]
C:\Program Files\McAfee\MPS\bProtectorForWindows d------ [13:02 22/09/2012]
C:\Program Files\McAfee\MQS\bProtectorForWindows d------ [13:02 22/09/2012]
C:\Program Files\McAfee\MSC\bProtectorForWindows d------ [11:02 09/07/2012]
C:\Program Files\McAfee\SiteAdvisor\bProtectorForWindows d------ [10:09 22/07/2012]
C:\Program Files\McAfee\VirusScan\bProtectorForWindows d------ [11:02 09/07/2012]
C:\Program Files\McAfee.com\Agent\bProtectorForWindows d------ [11:02 09/07/2012]
C:\Program Files\PC Performer\bProtectorForWindows d------ [13:30 09/07/2012]
C:\Program Files\Samsung\Samsung New PC Studio\bProtectorForWindows d------ [14:33 22/09/2012]
C:\Program Files\T-Online\T-Online_Software_6\Banking\bProtectorForWindows d------ [19:25 21/09/2012]
C:\Program Files\T-Online\T-Online_Software_6\Browser\bProtectorForWindows d------ [18:47 22/09/2012]
C:\Program Files\TuneUp Utilities 2011\bProtectorForWindows d------ [15:07 30/07/2012]
C:\Program Files\Ubisoft\Detection\bProtectorForWindows d------ [09:35 11/09/2012]
C:\Program Files\Ubisoft\Register\bProtectorForWindows d------ [09:26 11/09/2012]
C:\ProgramData\bProtectorForWindows d------ [17:33 08/07/2012]
C:\ProgramData\Electronic Arts\Need For Speed World\bProtectorForWindows d------ [09:59 31/08/2012]
C:\ProgramData\T-Online\T-Online_Software_6\Basis-Software\update\clone\bProtectorForWindows d------ [19:25 21/09/2012]
C:\Team17\Worms 3D\bProtectorForWindows d------ [12:22 12/10/2012]
C:\Users\All Users\bProtectorForWindows d------ [17:33 08/07/2012]
C:\Users\All Users\Electronic Arts\Need For Speed World\bProtectorForWindows d------ [09:59 31/08/2012]
C:\Users\All Users\T-Online\T-Online_Software_6\Basis-Software\update\clone\bProtectorForWindows d------ [19:25 21/09/2012]
C:\Users\EMail und InterNet\AppData\Local\VirtualStore\Program Files\Aldi Süd Foto Service\bProtectorForWindows d------ [12:44 22/09/2012]
C:\Users\EMail und InterNet\AppData\Local\VirtualStore\Program Files\McAfee Online Backup\bProtectorForWindows d------ [09:13 02/10/2012]
C:\Users\EMail und InterNet\AppData\Local\VirtualStore\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\bProtectorForWindows d------ [14:24 30/07/2012]
C:\Users\EMail und InterNet\AppData\Local\VirtualStore\Windows\bProtectorForWindows d------ [14:54 21/10/2012]
C:\Users\EMail und InterNet\Documents\Pfarrei Hl. Engel\bProtectorForWindows d------ [16:55 26/01/2013]
C:\Users\EMail und InterNet\Documents\Privat\bProtectorForWindows d------ [17:56 11/12/2012]
C:\Users\EMail und InterNet\Downloads\bProtectorForWindows d------ [12:42 05/01/2013]
C:\Users\EMail und InterNet\Pictures\bProtectorForWindows d------ [14:47 09/10/2012]
C:\Users\EMail und InterNet\Pictures\Diashow Stefan\bProtectorForWindows d------ [15:12 22/09/2012]
C:\Users\EMail und InterNet\Videos\bProtectorForWindows d------ [14:49 10/10/2012]
C:\Users\Public\Pictures\Sample Pictures\bProtectorForWindows d------ [20:12 20/12/2012]
C:\Users\Stefan\AppData\Local\VirtualStore\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\bProtectorForWindows d------ [18:03 19/07/2012]
C:\Users\Stefan\Downloads\bProtectorForWindows d------ [13:11 04/09/2012]
C:\Windows\Microsoft.NET\Framework\v4.0.30319\bProtectorForWindows d------ [16:59 16/11/2012]
========== regfind ==========
Searching for "bProtector"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"="{404962F6-6290-47B0-9B38-12EDABF8D24E}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{231D934E-8C9B-481E-AA46-9342C6B0E23E}]
"Path"="\bProtector"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bProtector]
[HKEY_USERS\.DEFAULT\Software\bProtector]
[HKEY_USERS\S-1-5-21-3386111443-1739343494-374529350-1000\Software\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"="{404962F6-6290-47B0-9B38-12EDABF8D24E}"
[HKEY_USERS\S-1-5-21-3386111443-1739343494-374529350-1002\Software\530dbdeb56eea42]
"SERVICE_NAME"="bProtector"
[HKEY_USERS\S-1-5-21-3386111443-1739343494-374529350-1002\Software\530dbdeb56eea42]
"INSTALL_FOLDER_NAME"="bProtectorForWindows"
[HKEY_USERS\S-1-5-21-3386111443-1739343494-374529350-1002\Software\Microsoft\Internet Explorer\Main]
"bProtector Start Page"="n*b~�µ¸QÆ€'h·8+þ�°N±hvªddKyÛ�0LˆIK�껀*Üîw¯ÓüÍoÂOð�J�nøÛ¸Iï*NÞ�tÅ�s‘¿E|l?Û�mõZîìèˆ×—:Ïm–z8x5ÕÈs¨ài"Å0ížÃ,î*„}:<Ê—¨ôT}»€Z‘exˆÒ*Ä6ƒW÷�XŸ�»kÕ9ΞÂõ¨&ç0��*��÷l›x�äP™xzêÝzÍÝy�*�•’ØØ7ÝÒÎ*!:]/S¶Ç·$œN/‚Y��.ÂKâש6á�c¢:ð�ð_°O�ë�gø"�EÚÐõØ%˜×)â³Xê¯ò�¤Ò�¼˜�ŽžOÇѶÍ>¥ûdAäŒNÈ!Ü_T�úàAŽ·>qJL�r�+j¬¯‡îrDÚß�$q®g‚v9Ê&QŸË¦JpQ°-»N<��û�|/½…aÏBÈбöü��ƒ¤,¨ç2�¹YûC¨Q’¦¢ù
—¿R\xƒ,f�«ºÜ!§�ØËÀ¶v�1N2ˆ°ð¼FŽ~Øm–ØAóÏ�X�Êèj&ÌE)^A)(;<ˆ�ž¼È¿'/‹ÝAt B�
“/"9ÙkÒÌA‰¸ÿã&dUÅ‚î�*(v�?
£¨š�²È�Í)�κç$‹,£
©²næÒŽ>"
[HKEY_USERS\S-1-5-18\Software\bProtector]
Searching for " "
[HKEY_LOCAL_MACHINE\SOFTWARE\Canon\ScanGear\12.1\Devices\MP600]
"ProductId"="MP600 "
[HKEY_LOCAL_MACHINE\SOFTWARE\Canon\WIA\1.2\Devices\MP600]
"ProductId"="MP600 "
[HKEY_LOCAL_MACHINE\SOFTWARE\Canon\WIA\Devices\MG6100 series]
"ProductId"="MG6100 "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{813DD25A-94A1-4879-945F-55E5800FAD78}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{18CD34B7-7AA3-42b9-A303-5A729B2FF228}">
<Descriptor descriptorID="{9BE7B916-F237-4328-8157-24282DA66151}"/>
</Rating>
</Ratings>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{D5CA9378-7AEB-4B38-8FDD-11825DA6AFD2}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{EC290BBB-D618-4cb9-9963-1CAAE515443E}" ratingID="{5098B1DF-486F-4e79-A6D6-6E0879A63811}">
</Rating>
<Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}">
</Rating>
<Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{9DD9B30C-E89F-4d1c-AEC4-174D7432C39B}">
</Rating>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{97D9239C-2BA3-4e1d-A710-B626DC4602A6}">
</Rating>
</Ratings>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" > <InitializationParameters> <Param Name="PSVersion" Value="2.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/> <Capability Type="Shell"/> </Resource> </Res
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}\0003]
"FriendlyName"="CCR-60 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_&REV_0.00#081212509AF1A9&0#]
"DeviceDesc"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_CCR-60&REV_9412#09022831000A&0#]
"FriendlyName"="CCR-60 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Si3531\ProblemDevices]
"Maxtor 4D060H3 DAK05GK0"="MaxMode = UDMA-5"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Si3531\ProblemDevices]
"HDS724040KLSA80 KFAOA32A"="DisableAtaQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Si3531\ProblemDevices]
"HDS722525VLSA80 V36OA6MA"="DisableAtaQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Si3531\ProblemDevices]
"HDS722516VLSA80 V34OA6MA"="DisableAtaQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Si3531\ProblemDevices]
"Maxtor 7B250S0 BANC1B70"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Si3531\ProblemDevices]
"HTS541060G9SA00 MB3OC60D"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Si3531\ProblemDevices]
"HTS541080G9SA00 MB4OC60D"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Si3531\ProblemDevices]
"HTS541010G9SA00 MBZOC60D"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}\0003]
"FriendlyName"="CCR-60 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_&REV_0.00#081212509AF1A9&0#]
"DeviceDesc"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_&REV_0.00#6&CFB0E7E&0&081212509AF1A9&0#]
"DeviceDesc"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_CCR-60&REV_9412#09022831000A&0#]
"FriendlyName"="CCR-60 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Si3531\ProblemDevices]
"Maxtor 4D060H3 DAK05GK0"="MaxMode = UDMA-5"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Si3531\ProblemDevices]
"HDS724040KLSA80 KFAOA32A"="DisableAtaQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Si3531\ProblemDevices]
"HDS722525VLSA80 V36OA6MA"="DisableAtaQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Si3531\ProblemDevices]
"HDS722516VLSA80 V34OA6MA"="DisableAtaQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Si3531\ProblemDevices]
"Maxtor 7B250S0 BANC1B70"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Si3531\ProblemDevices]
"HTS541060G9SA00 MB3OC60D"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Si3531\ProblemDevices]
"HTS541080G9SA00 MB4OC60D"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Si3531\ProblemDevices]
"HTS541010G9SA00 MBZOC60D"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}\0003]
"FriendlyName"="CCR-60 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_&REV_0.00#081212509AF1A9&0#]
"DeviceDesc"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_&REV_0.00#6&CFB0E7E&0&081212509AF1A9&0#]
"DeviceDesc"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_CCR-60&REV_9412#09022831000A&0#]
"FriendlyName"="CCR-60 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Si3531\ProblemDevices]
"Maxtor 4D060H3 DAK05GK0"="MaxMode = UDMA-5"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Si3531\ProblemDevices]
"HDS724040KLSA80 KFAOA32A"="DisableAtaQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Si3531\ProblemDevices]
"HDS722525VLSA80 V36OA6MA"="DisableAtaQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Si3531\ProblemDevices]
"HDS722516VLSA80 V34OA6MA"="DisableAtaQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Si3531\ProblemDevices]
"Maxtor 7B250S0 BANC1B70"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Si3531\ProblemDevices]
"HTS541060G9SA00 MB3OC60D"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Si3531\ProblemDevices]
"HTS541080G9SA00 MB4OC60D"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Si3531\ProblemDevices]
"HTS541010G9SA00 MBZOC60D"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}\0003]
"FriendlyName"="CCR-60 "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_&REV_0.00#081212509AF1A9&0#]
"DeviceDesc"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_&REV_0.00#6&CFB0E7E&0&081212509AF1A9&0#]
"DeviceDesc"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_CCR-60&REV_9412#09022831000A&0#]
"FriendlyName"="CCR-60 "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Si3531\ProblemDevices]
"Maxtor 4D060H3 DAK05GK0"="MaxMode = UDMA-5"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Si3531\ProblemDevices]
"HDS724040KLSA80 KFAOA32A"="DisableAtaQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Si3531\ProblemDevices]
"HDS722525VLSA80 V36OA6MA"="DisableAtaQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Si3531\ProblemDevices]
"HDS722516VLSA80 V34OA6MA"="DisableAtaQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Si3531\ProblemDevices]
"Maxtor 7B250S0 BANC1B70"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Si3531\ProblemDevices]
"HTS541060G9SA00 MB3OC60D"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Si3531\ProblemDevices]
"HTS541080G9SA00 MB4OC60D"="DisableSataQueueing"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Si3531\ProblemDevices]
"HTS541010G9SA00 MBZOC60D"="DisableSataQueueing"
-= EOF =-
OTL-Scan: Code:
OTL logfile created on: 03.04.2013 21:13:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stefan\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 0,62 Gb Available Physical Memory | 31,10% Memory free
4,21 Gb Paging File | 2,16 Gb Available in Paging File | 51,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 122,59 Gb Total Space | 67,94 Gb Free Space | 55,42% Space Free | Partition Type: NTFS
Drive D: | 26,45 Gb Total Space | 17,17 Gb Free Space | 64,93% Space Free | Partition Type: FAT32
Computer Name: STEFAN-PC | User Name: Stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.03 21:11:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stefan\Desktop\OTL.exe
PRC - [2013.02.19 15:12:14 | 000,172,416 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2013.02.19 15:08:52 | 000,169,320 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2013.02.19 15:06:50 | 000,203,840 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2013.02.07 14:31:22 | 001,223,704 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2013.02.07 14:31:20 | 000,660,504 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2013.02.07 14:31:18 | 000,575,000 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psi_tray.exe
PRC - [2013.01.14 19:00:22 | 001,278,064 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee.com\Agent\mcagent.exe
PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.16 13:25:20 | 000,545,552 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programme\Sandboxie\SbieCtrl.exe
PRC - [2012.12.16 13:25:18 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programme\Sandboxie\SbieSvc.exe
PRC - [2012.12.14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 17:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.10 22:08:30 | 000,513,888 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MAT\McPvTray.exe
PRC - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2012.04.12 17:12:56 | 004,212,344 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe
PRC - [2011.11.08 21:51:22 | 000,796,080 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\profilemgr.exe
PRC - [2011.11.08 21:51:22 | 000,111,960 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe
PRC - [2011.11.08 21:51:20 | 001,226,152 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe
PRC - [2010.04.13 20:11:16 | 003,045,176 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Online Backup\MOBKstat.exe
PRC - [2010.04.13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Online Backup\MOBKbackup.exe
PRC - [2010.04.08 17:59:26 | 000,286,720 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Programme\DAEMON Tools Lite\DTLite.exe
PRC - [2009.07.20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe
PRC - [2009.06.24 21:10:00 | 002,559,888 | ---- | M] (Salfeld Computer) -- C:\Windows\System32\ccsync.exe
PRC - [2009.06.24 21:10:00 | 002,243,472 | ---- | M] (Salfeld Computer) -- C:\Windows\System32\cchservice.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008.06.23 18:34:02 | 000,361,072 | ---- | M] (Auslogics) -- C:\Programme\Auslogics\AusLogics BoostSpeed\BoostSpeed.exe
PRC - [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.10.22 13:34:20 | 000,421,888 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\Common Files\Marmiko Shared\MInfraIS\MInfraIS.exe
PRC - [2007.01.09 14:39:58 | 000,368,640 | ---- | M] (fun communications GmbH, hxxp://www.fun.de) -- C:\Programme\T-Online\T-Online_Software_6\Notifier\Notifier.exe
========== Modules (No Company Name) ==========
MOD - [2012.10.12 14:51:21 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
MOD - [2007.05.29 00:13:42 | 000,145,920 | ---- | M] () -- C:\Programme\Auslogics\AusLogics BoostSpeed\madBasic_.bpl
MOD - [2007.05.29 00:13:42 | 000,041,984 | ---- | M] () -- C:\Programme\Auslogics\AusLogics BoostSpeed\madDisAsm_.bpl
MOD - [2007.05.29 00:13:40 | 000,316,928 | ---- | M] () -- C:\Programme\Auslogics\AusLogics BoostSpeed\madExcept_.bpl
MOD - [2005.07.20 13:34:08 | 000,700,497 | ---- | M] () -- C:\Programme\T-Online\T-Online_Software_6\Notifier\libcurl.dll
MOD - [2004.04.16 16:45:52 | 000,143,360 | ---- | M] () -- C:\Programme\T-Online\T-Online_Software_6\Notifier\libexpat.dll
========== Services (SafeList) ==========
SRV - [2013.03.07 16:29:15 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.19 15:12:14 | 000,172,416 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2013.02.19 15:08:52 | 000,169,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2013.02.19 15:06:50 | 000,203,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2013.02.07 14:31:22 | 001,223,704 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2013.02.07 14:31:20 | 000,660,504 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.16 13:25:18 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012.12.14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.11.16 22:07:20 | 000,279,048 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.08.25 09:56:38 | 000,765,592 | ---- | M] (Salfeld Computer) [Auto | Stopped] -- C:\Windows\System32\ksupmgr.exe -- (ksupmgr)
SRV - [2010.04.13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2009.07.20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009.02.06 18:08:58 | 000,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008.04.07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva401.sys -- (XDva401)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva400.sys -- (XDva400)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva399.sys -- (XDva399)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva398.sys -- (XDva398)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva397.sys -- (XDva397)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva383.sys -- (XDva383)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva380.sys -- (XDva380)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva375.sys -- (XDva375)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Stefan\AppData\Local\Temp\cdiskdun.sys -- (cdiskdun)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Stefan\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (altnd8vv)
DRV - [2013.02.19 15:15:04 | 000,060,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2013.02.19 15:12:24 | 000,210,608 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2013.02.19 15:10:52 | 000,092,632 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2013.02.19 15:09:52 | 000,565,888 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2013.02.19 15:09:02 | 000,363,080 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2013.02.19 15:08:40 | 000,065,928 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2013.02.19 15:08:20 | 000,235,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2013.02.19 15:07:50 | 000,133,416 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2013.02.07 14:15:22 | 000,016,024 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf_x86.sys -- (PSI)
DRV - [2012.12.16 13:25:16 | 000,157,776 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012.12.14 17:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.09.14 17:26:32 | 000,064,832 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\McPvDrv.sys -- (McPvDrv)
DRV - [2012.04.20 16:40:44 | 000,146,872 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2012.04.20 14:37:41 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012.04.12 17:28:22 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2012.04.12 17:28:21 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.08.27 14:23:08 | 000,019,200 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX)
DRV - [2010.06.23 10:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.05.30 19:09:32 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.05.30 19:08:31 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.05.30 19:08:31 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.04.13 20:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2009.03.31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009.03.20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2009.03.04 19:49:21 | 004,232,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2009.02.05 18:39:08 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2009.02.05 18:39:00 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiRemFil.sys -- (SiRemFil)
DRV - [2009.02.05 18:38:24 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Si3531.sys -- (Si3531)
DRV - [2009.01.19 20:31:56 | 000,277,544 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2007.09.17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.11.30 15:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006.11.02 09:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.02 09:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006.11.02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2004.05.17 12:21:54 | 000,017,280 | ---- | M] (Intellon, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\plcndis5.sys -- (PLCNDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9A 53 8D A2 7B 42 CD 01 [binary data]
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\..\SearchScopes,bProtectorDefaultScope = {404962F6-6290-47B0-9B38-12EDABF8D24E}
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\..\SearchScopes\{1E3CF04C-0EFA-4506-BE81-6DC4D939B9E4}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\..\SearchScopes\{404962F6-6290-47B0-9B38-12EDABF8D24E}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcmcafee&p={SearchTerms}
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = n*b~�µ¸QÆ€'h·8+þ�°N±hvªddKyÛ�0LˆIK�껀*Üîw¯ÓüÍoÂOð�J�nøÛ¸Iï*NÞ�tÅ�s‘¿E|l?Û�mõZîìèˆ×—:Ïm–z8x5ÕÈs¨ài"Å0ížÃ,î*„}:<Ê—¨ôT}»€Z‘exˆÒ*Ä6ƒW÷�XŸ�»kÕ9ΞÂõ¨&ç0��*��÷l›x�äP™xzêÝzÍÝy�*�•’ØØ7ÝÒÎ*!:]/S¶Ç·$œN/‚Y��.ÂKâש6á�c¢:ð�ð_°O�ë�gø"�EÚÐõØ%˜×)â³Xê¯ò�¤Ò�¼˜�ŽžOÇѶÍ>¥ûdAäŒNÈ!Ü_T�úàAŽ·>qJL�r�+j¬¯‡îrDÚß�$q®g‚v9Ê&QŸË¦JpQ°-»N<��û�|/½…aÏBÈбöü��ƒ¤,¨ç2�¹YûC¨Q’¦¢ù
—¿R\xƒ,f�«ºÜ!§�ØËÀ¶v�1N2ˆ°ð¼FŽ~Øm–ØAóÏ�X�Êèj&ÌE)^A)(;<ˆ�ž¼È¿'/‹ÝAt B�
“/"9ÙkÒÌA‰¸ÿã&dUÅ‚î�*(v�?
£¨š�²È�Í)�κç$‹,£
©²næÒŽ>
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.chatzum.com/
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3B 72 7B C5 50 4E CD 01 [binary data]
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\..\SearchScopes\{5924EA94-E19B-4EFF-811F-3C21B3E7B5EE}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_deDE438
IE - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Program Files\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013.01.15 17:49:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2013.04.03 19:09:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.31 16:43:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.03.24 21:28:38 | 000,000,000 | ---D | M]
[2013.03.31 16:43:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefan\AppData\Roaming\mozilla\Extensions
[2013.03.31 16:43:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.03.07 16:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.03.07 17:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.07 17:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.03.07 17:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.07 17:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.07 17:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.07 17:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Protect Disc License Acquisition Plugin (Enabled) = C:\Program Files\ProtectDisc\License Helper\NPPDLicenseHelper.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL
CHR - default_search_provider: McAfee (Enabled)
CHR - default_search_provider: search_url = hxxp://de.search.yahoo.com/search?fr=mcafee&p={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Protect Disc License Acquisition Plugin (Enabled) = C:\Program Files\ProtectDisc\License Helper\NPPDLicenseHelper.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Daten von Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.123.1_0\McChPlg.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Protect Disc License Acquisition Plugin (Enabled) = C:\Program Files\ProtectDisc\License Helper\NPPDLicenseHelper.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
CHR - Extension: SiteAdvisor = C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
O1 HOSTS File: ([2013.03.25 20:07:45 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\Mcafee\SystemCore\ScriptSn.20120627135043.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [ChicoSys] C:\Windows\System32\cc32\webtmr.exe (Salfeld Computer)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ToADiMon.exe] C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKU\.DEFAULT..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)
O4 - HKU\.DEFAULT..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\S-1-5-18..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)
O4 - HKU\S-1-5-18..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000..\Run: [Auslogics BoostSpeed 4] C:\Programme\Auslogics\AusLogics BoostSpeed\BoostSpeed.exe (Auslogics)
O4 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)
O4 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\EMail und InterNet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 1
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 1
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{140C4E26-878B-4F2B-AB13-B1A5B4A59635}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B8B1D7E6-209D-4841-8E3D-32BCC0D76347}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\PROGRA~2\BPROTE~1\261125~1.80\{EAB34~1\protector.dll) - c:\ProgramData\bProtectorForWindows\2.6.1125.80\{eab34bca-99d8-4192-8f3b-58b53f6d08e7}\protector.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-3386111443-1739343494-374529350-1000\...com [@ = comfile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.03 21:11:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Stefan\Desktop\OTL.exe
[2013.04.03 18:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2013.04.03 18:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2013.04.03 17:48:45 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Secunia PSI
[2013.04.03 17:00:53 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2013.03.31 16:43:30 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Mozilla
[2013.03.31 16:43:30 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Mozilla
[2013.03.31 16:43:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.03.31 16:43:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.03.31 16:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.03.30 12:56:41 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\System-Sicherheit
[2013.03.29 14:07:29 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013.03.29 13:42:49 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.03.25 22:39:46 | 004,546,560 | ---- | C] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[2013.03.25 20:11:05 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.03.25 20:11:04 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\temp
[2013.03.24 19:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013.03.24 19:30:55 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013.03.21 20:19:12 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.03.21 14:21:02 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\McAfee Anti-Theft
[2013.03.21 14:14:14 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.03.17 17:43:50 | 000,103,680 | ---- | C] (GMER) -- C:\ugdiqpob.sys
[2013.03.16 10:27:09 | 000,064,832 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\McPvDrv.sys
[2013.03.16 10:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.03.15 19:57:48 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.03.15 19:57:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.03.15 19:57:43 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.03.15 19:57:43 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.03.15 19:57:42 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.03.15 19:57:40 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.03.15 19:57:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.03.15 19:57:37 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.03.05 19:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\devolo
[2013.03.05 19:33:10 | 000,000,000 | ---D | C] -- C:\Program Files\devolo
[2011.12.12 15:13:32 | 009,734,240 | ---- | C] (McAfee, Inc.) -- C:\ProgramData\TempMOBK-update-6f587c3c1a49f2fdf5254a3e5ed05791.exe
[2011.11.03 18:33:23 | 005,006,472 | ---- | C] (Electronic Arts ) -- C:\Users\Stefan\setup_659.exe
[4 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.04.03 21:19:15 | 004,823,142 | ---- | M] () -- C:\Windows\System32\ccsync.err
[2013.04.03 21:19:00 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7E0FFB30-A1EA-45D9-AE1C-BE220B81E5B8}.job
[2013.04.03 21:19:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4ACB5E34-87B0-41B7-A8D4-2B06E96F0430}.job
[2013.04.03 21:11:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stefan\Desktop\OTL.exe
[2013.04.03 21:05:12 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.03 21:05:12 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.03 20:46:16 | 000,139,264 | ---- | M] () -- C:\Users\Stefan\Desktop\SystemLook.exe
[2013.04.03 20:37:05 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.03 20:28:33 | 000,003,290 | ---- | M] () -- C:\Windows\MOBK.blk
[2013.04.03 20:28:33 | 000,000,424 | ---- | M] () -- C:\Windows\MOBK.flt
[2013.04.03 20:27:23 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.03 19:12:54 | 000,628,992 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.04.03 19:12:54 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.03 19:12:54 | 000,126,510 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.04.03 19:12:54 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.03 19:05:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.03 18:49:02 | 000,001,482 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013.04.03 17:00:56 | 000,000,903 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013.03.31 16:43:22 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.30 18:36:49 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2013.03.25 22:39:46 | 004,546,560 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[2013.03.25 20:07:45 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.03.21 13:26:56 | 000,000,192 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.03.21 13:14:45 | 000,035,189 | ---- | M] () -- C:\Windows\System32\cchservice.err
[2013.03.17 17:43:50 | 000,103,680 | ---- | M] (GMER) -- C:\ugdiqpob.sys
[4 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.03 20:46:13 | 000,139,264 | ---- | C] () -- C:\Users\Stefan\Desktop\SystemLook.exe
[2013.04.03 18:38:51 | 000,001,482 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013.04.03 17:00:56 | 000,000,903 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013.04.03 17:00:56 | 000,000,866 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2013.03.31 16:43:22 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.03.31 16:43:22 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.30 18:36:49 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2013.03.21 13:20:34 | 000,000,192 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2012.11.09 19:54:29 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI
[2012.09.21 21:36:16 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012.04.12 17:28:22 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2012.04.12 17:28:21 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2012.02.12 16:45:17 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012.02.12 16:44:43 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.02.12 16:44:39 | 000,183,112 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.12.25 14:06:44 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011.12.25 14:06:44 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011.12.15 18:23:51 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.06.17 11:16:37 | 000,000,307 | ---- | C] () -- C:\Windows\game.ini
[2011.05.02 22:43:32 | 000,000,647 | ---- | C] () -- C:\Windows\et.ini
[2011.05.02 22:19:03 | 000,001,233 | ---- | C] () -- C:\Windows\System32\excltmp~.dat
[2011.05.02 22:18:43 | 000,155,536 | ---- | C] () -- C:\Windows\System32\dllcinx.exe
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.02.09 16:25:09 | 000,000,552 | ---- | C] () -- C:\Users\Stefan\AppData\Local\d3d8caps.dat
[2010.12.08 21:43:23 | 000,091,022 | ---- | C] () -- C:\Users\Stefan\AppData\Roaming\mdbu.bin
[2009.06.29 08:44:04 | 000,000,680 | RHS- | C] () -- C:\Users\Stefan\ntuser.pol
[2009.06.21 17:38:51 | 000,004,608 | ---- | C] () -- C:\Users\Stefan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.20 19:52:04 | 000,001,356 | ---- | C] () -- C:\Users\Stefan\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
OTL-Extra-Scan: Code:
OTL Extras logfile created on: 03.04.2013 21:13:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stefan\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 0,62 Gb Available Physical Memory | 31,10% Memory free
4,21 Gb Paging File | 2,16 Gb Available in Paging File | 51,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 122,59 Gb Total Space | 67,94 Gb Free Space | 55,42% Space Free | Partition Type: NTFS
Drive D: | 26,45 Gb Total Space | 17,17 Gb Free Space | 64,93% Space Free | Partition Type: FAT32
Computer Name: STEFAN-PC | User Name: Stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3386111443-1739343494-374529350-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-3386111443-1739343494-374529350-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0145C7E1-8983-4D68-9D04-C9062CDAAB4F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{01C53FAC-0827-43B6-8D2A-7D2E18716952}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1C704A87-702D-4A5C-915F-517D989842F1}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{483681D5-0A82-4695-A8A7-5C5F3A19F272}" = rport=10243 | protocol=6 | dir=out | app=system |
"{76AFB169-44A5-46A9-9456-644D8747417B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7A5335C5-56D7-41EF-950A-EAA303ED85D2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{899024B7-EFB0-417A-86D5-3EADEA536BE7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8C6A853A-F33A-460A-B679-92F3A53D006A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{91990706-62C2-46D3-A06B-21E5D7E55DE1}" = lport=49165 | protocol=6 | dir=in | name=akamai netsession interface |
"{9CA08100-EA2E-4011-9CB9-12931D00F8D9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B510CE45-62C4-43D9-ACC1-D15857D07B36}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{080E517A-FDF6-4754-965D-39DDE8B42209}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0B87D39A-4BA8-4678-A6A9-FB1D83B039C2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0DAB411E-803B-4A4C-A34B-8768AC200FBC}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{126ED8EF-C4BB-4E6B-8498-5F65ADE44AB2}" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{1A786A39-E707-40F3-A01B-96FE9E82C091}" = protocol=17 | dir=in | app=c:\users\daten von johannes\appdata\local\akamai\netsession_win.exe |
"{1D884647-A403-4CC5-97A5-7229CD6DDB16}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{30480CB7-87E1-4A80-A2CA-0F3E81BCC4DF}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{308F4466-62C0-4D13-81DB-2D4207D61EDF}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassinscreed_dx9.exe |
"{35D6331D-214C-4BAD-A28B-E33EAA88E1AD}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3674F87F-8A41-47E2-BA8D-725E49335D5C}" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{40AF031D-908F-4A10-AA7E-C2C99943F094}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassinscreed_dx10.exe |
"{41540FA7-EF4D-4922-886D-CC33F851326C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{43439346-3D78-45E0-90E4-BDAD7DAEDBFB}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{47929918-5760-4DE5-9FA8-877FDBFA0634}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{48229996-3446-4FAE-9A81-FC0E07149DCC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4BD947BD-F98B-4247-84D0-202BB828FEE5}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{51453716-F487-4D49-91CF-59F578019062}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{516D7DE4-60E8-403D-9198-9C16EC7DFC41}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5B2A5C6E-7D24-40E4-8A49-2281268C5D15}" = protocol=6 | dir=in | app=c:\users\daten von johannes\appdata\local\akamai\netsession_win.exe |
"{5B774F1A-EA78-4C38-9A9F-7CAD58C74B5C}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassinscreed_dx9.exe |
"{6288564D-0BFF-4DA6-9E43-587AA834CD11}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{6F23D108-7100-4329-94F8-874A378184F3}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{6F259344-EF0A-47E1-B54C-D05982718841}" = protocol=6 | dir=out | app=system |
"{702C373A-AB5F-4B1E-BFA2-646B0AC067BA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{970EACCC-ADBE-45C1-908C-EF1D89CB1CB7}" = protocol=17 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{A09FB11C-F40D-4ADF-B579-DF68AF20005A}" = dir=in | app=c:\program files\iminent\iminent.exe |
"{A6BCDB2B-C71D-4E3F-9719-570CCFB0B6BF}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{AEC6B6EE-D338-4C12-A8F5-4F8A72F79943}" = protocol=6 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{AFF64449-2AF8-48F0-A3E9-E5D42C199D17}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B6D4CF7E-426D-460F-91E3-D7E210724063}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C4E92764-9CBC-4BD1-BB4A-CA9C759AACE1}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassinscreed_launcher.exe |
"{CC21D245-799E-4AA7-9B33-790764D061C6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D176E26B-6756-4FE9-A41B-2D41584D548C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4450CBB-AE96-4CEB-8D56-E06BA184F9AB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DEFE8609-CD0D-4B44-A0E1-D30C3ECC55CF}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassinscreed_dx10.exe |
"{E5AD4699-61CA-4BB8-84E9-5A3C34B718E5}" = dir=in | app=c:\program files\iminent\iminent.messengers.exe |
"{F1844879-9522-4601-80C4-98773E9D1C8F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassinscreed_launcher.exe |
"{F8882568-8598-4C12-B368-4E937ABFE551}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FA1B4501-AF75-4702-9BB3-7EFDFD150830}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FDED7EDB-ED02-41FD-8C82-012399764F05}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"TCP Query User{138386ED-FBE9-4043-8F4A-9D45A5BFF71D}G:\aoe\aoe ii\empires2.exe" = protocol=6 | dir=in | app=g:\aoe\aoe ii\empires2.exe |
"TCP Query User{7477FBC8-6222-41AD-AA89-B929C2187753}G:\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=g:\tmnationsforever\tmforever.exe |
"TCP Query User{7B9D994D-7226-4608-846A-265036CE8A19}C:\program files\t-online\t-online_software_6\notifier\notifier.exe" = protocol=6 | dir=in | app=c:\program files\t-online\t-online_software_6\notifier\notifier.exe |
"UDP Query User{0F6FC8D0-75CE-4742-A2BF-D11ECA40256B}G:\aoe\aoe ii\empires2.exe" = protocol=17 | dir=in | app=g:\aoe\aoe ii\empires2.exe |
"UDP Query User{5F1FDEBE-49C9-43E1-9A79-F60C68DED1F2}C:\program files\t-online\t-online_software_6\notifier\notifier.exe" = protocol=17 | dir=in | app=c:\program files\t-online\t-online_software_6\notifier\notifier.exe |
"UDP Query User{798E6F84-410F-41CA-B63C-D472DD39DF3F}G:\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=g:\tmnationsforever\tmforever.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series" = Canon MG6100 series MP Drivers
"{119B7481-0216-40D2-A5CC-C3E1F461ECC1}" = Windows Live Fotogalerie
"{11AE6807-50D2-4F59-82B3-2C3E695E94C2}" = NVIDIA PhysX v8.05.26
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{54B1E5A3-1B29-4582-A226-172A1FC7BA6C}" = Windows Live Family Safety
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{636A7142-586A-4DF7-9207-191A2AF5610C}_is1" = AusLogics BoostSpeed
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D18E9DB2-AC98-4399-8878-C1059403144D}" = Iminent
"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Aldi Süd Foto Service" = Aldi Süd Foto Service 4.6
"ALDI Sued Fotoservice_is1" = Aldi Sued Fotoservice 2.7
"ALDI Süd Online Druck Service" = ALDI Süd Online Druck Service 4.6
"Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data
"Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data
"Canon MG6100 series Benutzerregistrierung" = Canon MG6100 series Benutzerregistrierung
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"easyclean" = devolo EasyClean
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Easy-PhotoPrint Pro
"easyshare" = devolo EasyShare
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Google Chrome" = Google Chrome
"HaaliMkx" = Haali Media Splitter
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"Kindersicherung_is1" = Kindersicherung 2011
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSC" = McAfee Total Protection
"Picasa 3" = Picasa 3
"Protect Disc License Helper" = Protect Disc License Helper 1.0.118
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Sandboxie" = Sandboxie 3.76 (32-bit)
"Secunia PSI" = Secunia PSI (3.0.0.6005)
"Update Service" = Update Service
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31.03.2013 06:35:11 | Computer Name = Stefan-PC | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2664 (0xa68) Thread address : 0x77115CD4 Thread message : Build VSCORE.15.1.0.520
/ 5500.1093 Object being scanned = \Device\HarddiskVolume1\Program Files\McAfee\MSC\mcsvrcnt.exe
by C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 4(0)(0) 4(0)(0)
7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)
Error - 31.03.2013 09:08:32 | Computer Name = Stefan-PC | Source = VSS | ID = 8194
Description =
Error - 31.03.2013 09:09:32 | Computer Name = Stefan-PC | Source = VSS | ID = 8194
Description =
Error - 31.03.2013 09:35:10 | Computer Name = Stefan-PC | Source = MsiInstaller | ID = 10005
Description =
Error - 31.03.2013 10:24:26 | Computer Name = Stefan-PC | Source = MsiInstaller | ID = 10005
Description =
Error - 01.04.2013 14:15:35 | Computer Name = Stefan-PC | Source = VSS | ID = 8194
Description =
Error - 01.04.2013 14:20:22 | Computer Name = Stefan-PC | Source = VSS | ID = 8194
Description =
Error - 03.04.2013 14:28:00 | Computer Name = Stefan-PC | Source = VSS | ID = 8194
Description =
Error - 03.04.2013 14:29:57 | Computer Name = Stefan-PC | Source = VSS | ID = 8194
Description =
Error - 03.04.2013 15:25:27 | Computer Name = Stefan-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe_WinDefend, Version 6.0.6001.18000,
Zeitstempel 0x47918b89, fehlerhaftes Modul mpengine.dll, Version 1.1.9302.0, Zeitstempel
0x5142c9ca, Ausnahmecode 0xc0000006, Fehleroffset 0x001f1638, Prozess-ID 0x460,
Anwendungsstartzeit 01ce308d66b5e570.
Error - 03.04.2013 15:25:27 | Computer Name = Stefan-PC | Source = Application Error | ID = 1005
Description = Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen
werden: Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit
der gespeicherten Datei bzw. den auf dem Computer installierten Speichertreibern;
oder der Datenträger fehlt. Das Programm Hostprozess für Windows-Dienste wurde
wegen dieses Fehlers geschlossen. Programm: Hostprozess für Windows-Dienste Datei:
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet. Benutzeraktion
1.
Öffnen Sie die Datei erneut. Diese Situation ist eventuell ein temporäres Problem,
das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird. 2. Wenn
Sie weiterhin nicht auf die Datei zugreifen können und - diese sich im Netzwerk
befindet, dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem
besteht und dass eine Verbindung mit dem Server hergestellt werden kann. - diese
sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet,
überprüfen Sie, ob der Datenträger richtig in der Computer eingelegt ist. 3. Überprüfen
und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu
im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben
Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4.
Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin
besteht. 5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet
werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware,
um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt. Zusätzliche
Daten Fehlerwert: C0000185 Datenträgertyp: 0
[ OSession Events ]
Error - 22.07.2011 08:18:55 | Computer Name = Stefan-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 21
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 03.04.2013 14:50:38 | Computer Name = Stefan-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort2 gefunden.
Error - 03.04.2013 14:50:38 | Computer Name = Stefan-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort2 gefunden.
Error - 03.04.2013 14:53:29 | Computer Name = Stefan-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort2 gefunden.
Error - 03.04.2013 14:53:29 | Computer Name = Stefan-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort2 gefunden.
Error - 03.04.2013 14:53:29 | Computer Name = Stefan-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort2 gefunden.
Error - 03.04.2013 15:23:56 | Computer Name = Stefan-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort2 gefunden.
Error - 03.04.2013 15:23:56 | Computer Name = Stefan-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort2 gefunden.
Error - 03.04.2013 15:23:56 | Computer Name = Stefan-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort2 gefunden.
Error - 03.04.2013 15:25:26 | Computer Name = Stefan-PC | Source = WinDefend | ID = 5008
Description = Das %%827-Modul wurde aufgrund eines unerwarteten Fehlers beendet.
Fehlertyp:
%%830 Ausnahmecode: 0xc0000006 Ressource: process:pid:6044
Error - 03.04.2013 15:25:39 | Computer Name = Stefan-PC | Source = Service Control Manager | ID = 7031
Description =
< End of report >
Die Endmeldung gefällt mir gar nicht ...
Grüße
SMC36 |
Hinweise zum Ablauf