OTL Log Code:
OTL logfile created on: 07.01.2012 13:12:00 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Medion\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,40% Memory free
6,19 Gb Paging File | 4,97 Gb Available in Paging File | 80,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,32 Gb Total Space | 138,10 Gb Free Space | 49,62% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 6,87 Gb Free Space | 34,78% Space Free | Partition Type: FAT32
Computer Name: MEDION-PC | User Name: Medion | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.01.07 12:20:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Medion\Desktop\OTL.exe
PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011.10.19 16:56:15 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.30 17:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.08.15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.01.07 21:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.03.03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.08.04 15:45:56 | 000,304,688 | ---- | M] (EgisTec Inc.) -- C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2008.08.04 15:45:54 | 000,334,384 | ---- | M] (EgisTec Inc.) -- C:\Programme\EgisTec\MyWinLocker 3\x86\mwlNotifyIcon.exe
PRC - [2008.08.04 15:45:52 | 000,326,192 | ---- | M] (EgisTec Inc.) -- C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2008.02.28 17:07:14 | 001,801,216 | ---- | M] (Buhl Data Service GmbH) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2001.11.12 12:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.08 21:46:02 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (IAANTMON) Intel(R)
SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.12.14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.30 17:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.08.15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.01.07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2008.08.04 15:45:56 | 000,304,688 | ---- | M] () [Auto | Running] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2008.02.28 17:07:14 | 001,801,216 | ---- | M] (Buhl Data Service GmbH) [Auto | Running] -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe -- (srvcPVR)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2001.11.12 12:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
========== Driver Services (SafeList) ==========
DRV - [2011.12.30 06:14:56 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.12.08 21:54:46 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.19 16:56:15 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.01.08 04:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.11.12 00:10:52 | 000,122,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.08.28 13:27:57 | 000,066,856 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\FPWinIo.sys -- (FPWinIo)
DRV - [2008.08.28 13:27:45 | 000,026,920 | ---- | M] (LTT) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\FPSensor.sys -- (FPSensor) LTT-Corp Fingerprint Reader Driver (FPSensor.sys)
DRV - [2008.08.06 15:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.08.04 15:46:06 | 000,059,952 | ---- | M] (Egis Incorporated.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2008.08.04 15:46:04 | 000,019,504 | ---- | M] (Egis Incorporated.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2008.08.04 15:46:04 | 000,016,432 | ---- | M] (Egis Incorporated.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2008.07.10 10:12:56 | 001,753,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.04.28 05:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2007.07.31 10:58:18 | 000,908,896 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PhilCap.sys -- (PhilCap)
DRV - [2007.03.27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006.11.30 14:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006.11.17 09:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "google.de"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.10 19:15:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.01.03 17:07:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2011.10.21 19:44:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Medion\AppData\Roaming\mozilla\Extensions
[2011.12.20 22:22:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Medion\AppData\Roaming\mozilla\Firefox\Profiles\gx6q39fm.default\extensions
[2011.12.20 22:22:22 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Medion\AppData\Roaming\mozilla\Firefox\Profiles\gx6q39fm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.15 19:23:04 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.11.15 19:23:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.11.05 08:10:35 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.05 04:38:54 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.05 04:32:18 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.11.05 04:38:54 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.05 04:38:54 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.05 04:38:54 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.05 04:38:54 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe (Google)
O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe File not found
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnp2uvc] C:\Windows\tsnp2uvc.exe ()
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Medion\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\EgisTec\VITAKEY\PwdBank.exe File not found
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\EgisTec\VITAKEY\PwdBank.exe File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{228BBEBE-E967-411B-B950-8E7B8C6843A4}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{770313F6-C778-4A84-8FB1-F697B1721686}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.08.21 11:50:32 | 000,000,672 | RH-- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{2d0108d6-32a0-11e1-9eed-001f160b7c43}\Shell - "" = AutoRun
O33 - MountPoints2\{2d0108d6-32a0-11e1-9eed-001f160b7c43}\Shell\AutoRun\command - "" = E:\DDFSetup.exe
O33 - MountPoints2\{5821826c-eda0-11e0-b7fd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5821826c-eda0-11e0-b7fd-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.01.07 12:20:04 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Medion\Desktop\OTL.exe
[2012.01.05 16:00:51 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Malwarebytes
[2012.01.05 16:00:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.05 16:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.05 16:00:36 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.01.05 16:00:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.01.05 15:44:49 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Medion\Desktop\mbam-setup-1.60.0.1800.exe
[2012.01.05 15:21:59 | 000,000,000 | ---D | C] -- C:\Users\Medion\Desktop\steve
[2012.01.04 20:48:02 | 000,000,000 | ---D | C] -- C:\Users\Medion\Desktop\img
[2012.01.04 18:07:16 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends
[2012.01.04 13:33:25 | 000,000,000 | ---D | C] -- C:\xampp
[2012.01.03 17:07:37 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Thunderbird
[2012.01.03 17:07:37 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\Thunderbird
[2012.01.03 17:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012.01.03 14:06:22 | 000,000,000 | ---D | C] -- C:\Users\Medion\Desktop\htdocs
[2012.01.03 14:05:36 | 000,000,000 | ---D | C] -- C:\Users\Medion\Desktop\data
[2012.01.01 20:53:59 | 000,000,000 | ---D | C] -- C:\Users\Medion\Desktop\jMint-ET
[2012.01.01 19:39:27 | 000,000,000 | ---D | C] -- C:\Users\Medion\Desktop\J1.7
[2011.12.31 06:17:19 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011.12.31 06:17:19 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2011.12.31 06:17:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die drei Fragezeichen und das Gold der Inkas
[2011.12.31 06:17:06 | 000,000,000 | ---D | C] -- C:\Program Files\Die drei Fragezeichen und das Gold der Inkas
[2011.12.30 06:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011.12.30 06:14:56 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.12.30 06:14:48 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011.12.30 06:13:02 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\DAEMON Tools Lite
[2011.12.30 06:13:00 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.12.28 14:25:08 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\FileZilla
[2011.12.28 14:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2011.12.28 14:24:28 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011.12.24 03:53:17 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\CyberLink
[2011.12.24 03:53:13 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\CyberLink
[2011.12.22 18:02:32 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2011.12.22 18:02:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.12.22 18:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.12.21 19:45:09 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\FreePDF_XP
[2011.12.21 19:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF
[2011.12.21 19:44:34 | 000,000,000 | ---D | C] -- C:\Program Files\FreePDF_XP
[2011.12.21 19:44:34 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\FreePDF
[2011.12.21 19:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
[2011.12.21 19:44:17 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[2011.12.20 22:22:26 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\DVDVideoSoft
[2011.12.20 22:22:20 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.12.20 22:22:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.12.20 22:22:02 | 000,000,000 | ---D | C] -- C:\Users\Medion\Documents\DVDVideoSoft
[2011.12.20 22:22:02 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2011.12.20 22:22:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2011.12.20 17:09:09 | 000,000,000 | ---D | C] -- C:\Users\Medion\Documents\GFDOutDir
[2011.12.20 17:04:39 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUI for dvdauthor
[2011.12.20 17:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GUI for dvdauthor
[2011.12.20 17:04:36 | 000,000,000 | ---D | C] -- C:\Program Files\GUI for dvdauthor
[2011.12.20 16:05:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD-lab PRO 2
[2011.12.20 16:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\DVDlabPro2
[2011.12.20 15:39:03 | 000,000,000 | ---D | C] -- C:\Users\Medion\Documents\NeroVision
[2011.12.20 15:20:13 | 000,000,000 | ---D | C] -- C:\Users\Medion\Documents\My Downloads
[2011.12.20 15:05:23 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\AVS4YOU
[2011.12.20 15:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2011.12.20 15:04:57 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011.12.20 15:04:54 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2011.12.20 15:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011.12.20 15:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2011.12.20 15:04:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVSDVDAuthoring
[2011.12.20 14:55:54 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\gtk-2.0
[2011.12.20 14:55:05 | 000,000,000 | ---D | C] -- C:\Users\Medion\.thumbnails
[2011.12.20 14:50:55 | 000,000,000 | ---D | C] -- C:\Users\Medion\Documents\gegl-0.0
[2011.12.20 14:50:55 | 000,000,000 | ---D | C] -- C:\Users\Medion\.gimp-2.6
[2011.12.20 14:50:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2011.12.20 14:50:16 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2011.12.20 00:31:25 | 000,000,000 | ---D | C] -- C:\Users\Medion\Desktop\c
[2011.12.19 19:48:40 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Canneverbe Limited
[2011.12.19 19:48:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2011.12.19 19:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2011.12.19 19:24:07 | 000,000,000 | ---D | C] -- C:\Users\Medion\Documents\Nero
[2011.12.19 19:21:07 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\Ahead
[2011.12.19 19:20:52 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Nero
[2011.12.19 02:06:31 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\TempDIR
[2011.12.19 02:06:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDStyler
[2011.12.19 02:06:26 | 000,000,000 | ---D | C] -- C:\Program Files\DVDStyler
[2011.12.18 19:40:01 | 000,000,000 | ---D | C] -- C:\Users\Medion\Desktop\Eine himmlische Familie
[2011.12.12 13:44:20 | 000,094,208 | R--- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2.dll
[2011.12.12 13:44:20 | 000,016,384 | R--- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2L.dll
[2011.12.12 13:44:20 | 000,012,288 | R--- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2S.dll
[2011.12.12 13:44:17 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BroSNMP.dll
[2011.12.12 13:43:52 | 000,126,976 | ---- | C] (Brother Industries,LTD) -- C:\Windows\System32\BrfxD05a.dll
[2011.12.11 14:15:36 | 000,057,856 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\System32\brinsstr.dll
[2011.12.11 14:15:17 | 000,163,840 | ---- | C] (brother) -- C:\Windows\System32\NSSearch.dll
[2011.12.11 14:15:17 | 000,034,816 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\System32\BrWiaNCp.dll
[2011.12.11 14:15:16 | 000,061,952 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrNetSti.dll
[2011.12.11 14:15:16 | 000,037,376 | ---- | C] (Brother Industries,Ltd) -- C:\Windows\System32\Brnsplg.dll
[2011.12.11 14:15:16 | 000,018,944 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\System32\BrnStiCp.cpl
[2011.12.11 14:15:12 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrSti07a.dll
[2011.12.11 14:15:09 | 000,131,072 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\brunin03.dll
[2011.12.11 14:15:09 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2011.12.11 14:13:21 | 000,000,000 | ---D | C] -- C:\Users\Medion\Desktop\mflpro
[2011.12.10 03:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2011.12.09 00:23:09 | 000,000,000 | ---D | C] -- C:\Users\Medion\Desktop\Dragonball Z PS2 Game
[2011.12.08 15:02:51 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011.12.08 14:49:52 | 000,000,000 | ---D | C] -- C:\Users\Medion\Documents\PCSX2
[2008.08.28 10:58:13 | 000,180,224 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2008.08.28 10:58:13 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2007.03.12 11:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005.11.23 12:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.01.07 13:15:00 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
[2012.01.07 12:33:28 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\kdhow.sys
[2012.01.07 12:20:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Medion\Desktop\OTL.exe
[2012.01.07 12:15:23 | 000,628,730 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.07 12:15:23 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.07 12:15:23 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.07 12:15:23 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.07 12:09:21 | 000,000,680 | ---- | M] () -- C:\Users\Medion\AppData\Local\d3d9caps.dat
[2012.01.07 12:08:31 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.07 12:08:31 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.07 12:08:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.07 12:08:18 | 3215,855,616 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.07 09:48:04 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.01.05 16:00:40 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.05 15:47:33 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Medion\Desktop\mbam-setup-1.60.0.1800.exe
[2012.01.05 00:42:59 | 000,000,273 | ---- | M] () -- C:\Users\Medion\Desktop\lieder.rtf
[2012.01.04 21:46:40 | 000,000,032 | ---- | M] () -- C:\Users\Medion\Desktop\pfad.php
[2012.01.04 21:25:34 | 000,001,570 | ---- | M] () -- C:\Users\Medion\Desktop\index.html
[2012.01.04 21:24:17 | 000,014,597 | ---- | M] () -- C:\Users\Medion\.recently-used.xbel
[2012.01.04 21:10:06 | 000,013,936 | ---- | M] () -- C:\Users\Medion\Desktop\Agupo.png
[2012.01.04 18:07:16 | 000,000,562 | ---- | M] () -- C:\Users\Medion\Desktop\XAMPP Control Panel.lnk
[2012.01.03 21:32:58 | 000,179,128 | ---- | M] () -- C:\Users\Medion\Desktop\minimizetotray_revived-1.0-fx+tb+sm-windows.xpi
[2012.01.03 17:07:35 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012.01.02 12:52:09 | 000,407,390 | ---- | M] () -- C:\Users\Medion\Desktop\Bildschirmfoto 2012-01-02 um 12.51.03.png
[2012.01.01 17:03:25 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011.12.30 16:48:32 | 000,074,196 | ---- | M] () -- C:\Users\Medion\Desktop\Überweisungsbeleg K. Gresel.pdf
[2011.12.30 06:14:56 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.12.28 16:02:14 | 003,431,534 | ---- | M] () -- C:\Users\Medion\Desktop\testdisk-6.14-WIP.win.zip
[2011.12.28 14:29:52 | 000,003,711 | ---- | M] () -- C:\Users\Medion\Desktop\Hyrule TwinkBOT.rtf
[2011.12.27 22:49:41 | 005,286,289 | ---- | M] () -- C:\Users\Medion\Desktop\php-kurs-ebook-ohne-sicherheitskapitel.pdf
[2011.12.21 22:52:44 | 000,013,312 | ---- | M] () -- C:\Users\Medion\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.21 19:45:12 | 000,064,939 | ---- | M] () -- C:\Users\Medion\Desktop\Überweisungsbeleg Salzgrotte Dortmund.pdf
[2011.12.21 18:25:16 | 000,324,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.12.12 13:49:02 | 000,000,212 | ---- | M] () -- C:\Windows\Brpfx04a.ini
[2011.12.12 13:49:02 | 000,000,093 | ---- | M] () -- C:\Windows\brpcfx.ini
[2011.12.12 13:49:02 | 000,000,050 | ---- | M] () -- C:\Windows\System32\bridf07a.dat
[2011.12.11 23:37:43 | 000,138,520 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.12.11 23:36:57 | 000,234,536 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.12.11 15:12:30 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2011.12.11 15:12:30 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.12.08 21:54:46 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.01.07 12:33:28 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\kdhow.sys
[2012.01.07 09:46:07 | 3215,855,616 | -HS- | C] () -- C:\hiberfil.sys
[2012.01.05 16:00:40 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.05 00:42:59 | 000,000,273 | ---- | C] () -- C:\Users\Medion\Desktop\lieder.rtf
[2012.01.04 21:46:28 | 000,000,032 | ---- | C] () -- C:\Users\Medion\Desktop\pfad.php
[2012.01.04 21:24:17 | 000,014,597 | ---- | C] () -- C:\Users\Medion\.recently-used.xbel
[2012.01.04 21:10:05 | 000,013,936 | ---- | C] () -- C:\Users\Medion\Desktop\Agupo.png
[2012.01.04 20:31:16 | 000,063,624 | ---- | C] () -- C:\Users\Medion\Desktop\tlac.ttf
[2012.01.04 20:26:27 | 000,001,570 | ---- | C] () -- C:\Users\Medion\Desktop\index.html
[2012.01.04 18:07:16 | 000,000,562 | ---- | C] () -- C:\Users\Medion\Desktop\XAMPP Control Panel.lnk
[2012.01.03 21:32:56 | 000,179,128 | ---- | C] () -- C:\Users\Medion\Desktop\minimizetotray_revived-1.0-fx+tb+sm-windows.xpi
[2012.01.03 17:07:33 | 000,001,891 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012.01.03 17:07:32 | 000,001,903 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012.01.03 16:41:04 | 000,002,130 | ---- | C] () -- C:\Users\Medion\Desktop\settings.xml
[2012.01.02 12:51:28 | 000,407,390 | ---- | C] () -- C:\Users\Medion\Desktop\Bildschirmfoto 2012-01-02 um 12.51.03.png
[2011.12.30 16:48:32 | 000,074,196 | ---- | C] () -- C:\Users\Medion\Desktop\Überweisungsbeleg K. Gresel.pdf
[2011.12.28 16:01:46 | 003,431,534 | ---- | C] () -- C:\Users\Medion\Desktop\testdisk-6.14-WIP.win.zip
[2011.12.28 13:40:14 | 004,913,522 | ---- | C] () -- C:\Users\Medion\Desktop\g3382_maximus_extreme.pdf
[2011.12.27 22:48:42 | 005,286,289 | ---- | C] () -- C:\Users\Medion\Desktop\php-kurs-ebook-ohne-sicherheitskapitel.pdf
[2011.12.21 19:45:11 | 000,064,939 | ---- | C] () -- C:\Users\Medion\Desktop\Überweisungsbeleg Salzgrotte Dortmund.pdf
[2011.12.21 19:44:35 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011.12.21 19:44:35 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2011.12.21 02:11:56 | 000,003,711 | ---- | C] () -- C:\Users\Medion\Desktop\Hyrule TwinkBOT.rtf
[2011.12.19 19:48:15 | 000,001,688 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2011.12.16 18:07:49 | 000,000,971 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2011.12.12 13:49:02 | 000,000,212 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011.12.12 13:49:02 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011.12.12 13:43:54 | 000,006,224 | ---- | C] () -- C:\Windows\CVRPAGE.bmp
[2011.12.12 13:43:53 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2011.12.11 14:19:46 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf07a.dat
[2011.12.11 14:15:16 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2011.12.10 03:01:49 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.12.10 03:01:48 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.12.08 22:54:39 | 000,001,755 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.12.08 22:54:39 | 000,001,734 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2011.12.08 22:54:39 | 000,001,713 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.11.13 17:40:41 | 000,013,312 | ---- | C] () -- C:\Users\Medion\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.09 23:20:51 | 000,000,680 | ---- | C] () -- C:\Users\Medion\AppData\Local\d3d9caps.dat
[2011.11.05 02:37:17 | 000,138,520 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.11.05 02:36:29 | 000,234,536 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.11.05 02:35:55 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.11.03 18:20:47 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
[2011.10.13 21:30:24 | 000,042,392 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2008.09.02 12:45:19 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2008.08.28 13:27:57 | 000,066,856 | ---- | C] () -- C:\Windows\System32\drivers\FPWinIo.sys
[2008.08.28 13:15:44 | 000,628,730 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.08.28 13:15:44 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.08.28 13:15:44 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.08.28 13:15:44 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.08.28 13:02:32 | 000,299,008 | ---- | C] () -- C:\Windows\System32\midas.dll
[2008.08.28 13:02:32 | 000,120,320 | ---- | C] () -- C:\Windows\System32\UnzDll.dll
[2008.08.28 11:33:16 | 000,000,381 | ---- | C] () -- C:\Windows\WISO.INI
[2008.08.28 10:58:13 | 001,753,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008.08.28 10:58:13 | 000,233,472 | ---- | C] () -- C:\Windows\tsnp2uvc.exe
[2008.08.28 10:58:13 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008.08.28 10:58:13 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2008.08.28 10:35:46 | 000,119,296 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2008.08.28 09:31:15 | 000,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008.08.28 09:31:15 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\29563E424B.sys
[2008.08.28 03:21:34 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.08.28 02:43:57 | 000,009,824 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll
[2008.01.21 03:24:14 | 000,100,043 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2007.06.05 12:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,324,056 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.09.19 09:07:28 | 000,827,392 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2004.02.27 16:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
========== LOP Check ==========
[2011.12.19 19:48:40 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\Canneverbe Limited
[2011.12.31 06:15:49 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\DAEMON Tools Lite
[2011.12.20 23:13:52 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\DVDVideoSoft
[2011.12.20 22:22:20 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.01.05 15:59:41 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\FileZilla
[2011.12.21 19:44:34 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\FreePDF
[2012.01.04 21:24:18 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\gtk-2.0
[2011.12.15 19:13:29 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\TeamViewer
[2012.01.03 17:07:37 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\Thunderbird
[2011.12.11 22:40:04 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\TS3Client
[2012.01.07 09:48:04 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.01.07 13:15:00 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.10.03 09:34:06 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2008.08.28 13:16:34 | 000,000,000 | -HSD | M] -- C:\Boot
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.10.03 09:29:52 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2008.08.28 04:50:19 | 000,000,000 | ---D | M] -- C:\Intel
[2011.11.05 04:17:40 | 000,000,000 | ---D | M] -- C:\Medion
[2008.08.28 09:52:31 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.01.05 16:00:36 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.01.05 16:00:38 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.10.03 09:29:52 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.10.04 07:33:51 | 000,000,000 | ---D | M] -- C:\report
[2012.01.07 13:13:53 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.10.03 09:33:46 | 000,000,000 | R--D | M] -- C:\Users
[2012.01.05 17:19:46 | 000,000,000 | ---D | M] -- C:\Windows
[2012.01.04 17:59:33 | 000,000,000 | ---D | M] -- C:\xampp
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.manifest /3 >
< MD5 for: AFD.SYS >
[2011.04.21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys
[2011.04.21 14:16:42 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=48EB99503533C27AC6135648E5474457 -- C:\Windows\System32\drivers\afd.sys
[2011.04.21 14:16:42 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=48EB99503533C27AC6135648E5474457 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys
[2011.04.21 14:28:53 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=70EE0FC7A0F384DBD929A01384AEEB4B -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys
[2008.01.21 03:24:17 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=763E172A55177E478CB419F88FD0BA03 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[2009.04.11 05:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=A201207363AA900ABF1A388468688570 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
[2011.04.21 14:12:21 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=C8AF25017CECB75906A571AC70D2D306 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: REGEDIT.EXE >
[2008.01.21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WININIT.EXE >
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-01-07 11:15:47
< End of report >
Extras-Log Code:
OTL Extras logfile created on: 07.01.2012 13:12:00 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Medion\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,40% Memory free
6,19 Gb Paging File | 4,97 Gb Available in Paging File | 80,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,32 Gb Total Space | 138,10 Gb Free Space | 49,62% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 6,87 Gb Free Space | 34,78% Space Free | Partition Type: FAT32
Computer Name: MEDION-PC | User Name: Medion | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0815046E-324B-4155-8545-D5BB7603C454}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{461ED946-5410-4984-9DC0-9C3CC882EB87}" = rport=137 | protocol=17 | dir=out | app=system |
"{4AF721BA-4EE6-4F58-882A-5126824F80D2}" = rport=138 | protocol=17 | dir=out | app=system |
"{77EFBD27-7801-4CE9-95FA-C5E502CF4D15}" = lport=138 | protocol=17 | dir=in | app=system |
"{7B3C3A14-B6CA-49D9-A233-F036E0F4552C}" = lport=445 | protocol=6 | dir=in | app=system |
"{80380AB8-9C04-4E90-87D2-2F1619B4FBB4}" = lport=139 | protocol=6 | dir=in | app=system |
"{A1822F71-1510-4AA8-AD88-4B8F657E9B61}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A3328D39-FD4F-4DF6-BA77-ABE85A36C3E7}" = rport=445 | protocol=6 | dir=out | app=system |
"{A369371B-C08C-4E50-958F-F1FEEB0FE0FC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AA44BB9B-354B-4D7C-917B-2C4C5A6A7AFA}" = rport=139 | protocol=6 | dir=out | app=system |
"{B100512D-7F34-47BB-8F62-61282C1D5F16}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BEB35B3E-5E16-4924-8229-EB676684EC22}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02258C4D-EBF5-444A-A933-28F07FF1F3C5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{150EA0D5-5B30-40B9-88C0-434E496D2967}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{158B9A38-A788-4BBE-B523-BB162CD7700C}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{31463359-C09A-4D00-B616-DFC8711A570A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{386676C0-CEB9-4F6E-8071-599FA7E7684E}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{38E64B9A-FEA1-4827-9034-F864C12FE89A}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{3B33BEFE-E7D1-4F8A-8CC6-3B0D5E8C833B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{407F1DD8-BE32-4BDD-8763-132B3E1A0FF0}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{52AF912D-542A-46FF-856A-6F79446E2E00}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{74735CE7-5024-4C37-A486-479F7410DCC1}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{7F12D708-E9D3-44CB-A2F3-F205FECD04D4}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{80549CA2-C551-42A2-AB89-5125176A92DC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8082A0D1-CEE1-4A5C-9C42-F4B0DD34E687}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{91CE1C6E-E84E-4D0C-A7F6-39976959CE63}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{92DC2E67-240D-476A-8C0A-FCF79D838AE1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B416B237-B199-4A74-8AED-45FFDEDBAE7C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CFBDF621-2C22-45F8-81DF-C9DB0EE8CFD6}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe |
"{D4D50CC3-2FA1-4D06-B49F-54964E80420E}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{D56F3A26-2D4F-4E5C-9280-B250D2FD91E8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D8FB8F8D-8F98-43A6-B850-E2A6A4E0B283}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe |
"{DFF2BEBD-7ED8-42BD-8E23-1122EB6EC9FC}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{E295DE7A-C19A-4790-A0B5-1FBA01A07760}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F45A1D01-4D73-4115-8CE2-0B9970D6BF54}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{FAA1B7D3-0C44-4FE5-8E76-2C964CD3B24F}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"TCP Query User{1089B5D5-D2D5-4359-98AB-44C49217473E}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"TCP Query User{50E91C62-B05D-477B-8955-6A3C119F3B03}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{5CED3243-71E2-4A7D-BC0E-2C10C2A7F56F}C:\users\medion\appdata\local\temp\rar$ex19.800\commonfiles\java\bin\javaw.exe" = protocol=6 | dir=in | app=c:\users\medion\appdata\local\temp\rar$ex19.800\commonfiles\java\bin\javaw.exe |
"TCP Query User{6FE58BF8-BA62-42EB-80E3-4749D096226C}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{AE541B2E-3576-4C1E-BCE2-2BFC6DBB5386}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{BC48F59D-346D-41CF-947E-2B9D4CC37466}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{FC1AFCA3-0488-4975-BE0D-BE286614EC22}C:\users\medion\appdata\local\temp\rar$ex41.992\wow-dede-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\medion\appdata\local\temp\rar$ex41.992\wow-dede-installer-downloader.exe |
"UDP Query User{14A44178-3AB9-4AC5-A7B9-1AB3F23D155C}C:\users\medion\appdata\local\temp\rar$ex41.992\wow-dede-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\medion\appdata\local\temp\rar$ex41.992\wow-dede-installer-downloader.exe |
"UDP Query User{65EC10AC-C8DB-4872-B949-2DE13331638C}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{7B968BCD-582F-40C1-B953-A384636F6FCA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{89BB4E22-B531-4F12-814D-D4E3A7B71D01}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{97516DDD-2595-4A83-A79A-43D24C91BF91}C:\users\medion\appdata\local\temp\rar$ex19.800\commonfiles\java\bin\javaw.exe" = protocol=17 | dir=in | app=c:\users\medion\appdata\local\temp\rar$ex19.800\commonfiles\java\bin\javaw.exe |
"UDP Query User{A30A0841-85BD-4672-AA2B-605B7A85ED85}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"UDP Query User{CCDF1506-88FD-4D45-AC99-2A1639DE2C2E}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0ED47137-C071-46CC-A243-E5E33271E10E}" = Windows Live Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Foxlink Webcam
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{47948554-90C6-4AAC-8CFA-D23CE11C1031}" = Nero 8 Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{588D9F5F-8C62-4421-BAE9-CCAA57D4E4EE}" = TVsweeper 3
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker 3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{82F2B38B-1426-443D-874C-AC25675E7BEB}" = Windows Live Mail
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A1D08B90-AE1A-4885-AC29-731496FD397E}" = Windows Live Fotogalerie
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B8D42C3A-3CFF-4A8A-A7DA-4F44474D12C5}" = Windows Live Writer
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D8D22773-14BF-4178-A683-3DBA515C2A26}" = WISO Mein Geld 2008 Professional
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS DVD Authoring_is1" = AVS DVD Authoring
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"DAEMON Tools Lite" = DAEMON Tools Lite
"Die drei Fragezeichen und das Gold der Inkas_is1" = Die drei Fragezeichen und das Gold der Inkas
"DVD-lab PRO 2.5_is1" = DVD-lab PRO 2.5
"DVDStyler_is1" = DVDStyler v2.0.1
"FileZilla Client" = FileZilla Client 3.5.2
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.3.1206
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"FreePDF_XP" = FreePDF (Remove only)
"GameSpy Arcade" = GameSpy Arcade
"GPL Ghostscript 9.04" = GPL Ghostscript
"GUI for dvdauthor" = GUI for dvdauthor 1.07
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"mIRC" = mIRC
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Mozilla Thunderbird 9.0.1 (x86 de)" = Mozilla Thunderbird 9.0.1 (x86 de)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"PremiumSoft Navicat Lite_is1" = PremiumSoft Navicat Lite 10.0
"PSPad editor_is1" = PSPad editor
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Revo Uninstaller" = Revo Uninstaller 1.93
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 1.1.11
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"X10Hardware" = X10 Hardware(TM)
"xampp" = XAMPP 1.7.7
"Xfire" = Xfire (remove only)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 04.01.2012 12:12:59 | Computer Name = Medion-PC | Source = MySQL | ID = 100
Description = Fatal error: Can't open and lock privilege tables: Incorrect key file
for table 'user'; try to repair it For more information, see Help and Support Center
at hxxp://www.mysql.com.
Error - 04.01.2012 12:13:10 | Computer Name = Medion-PC | Source = MySQL | ID = 100
Description = Fatal error: Can't open and lock privilege tables: Incorrect key file
for table 'user'; try to repair it For more information, see Help and Support Center
at hxxp://www.mysql.com.
Error - 04.01.2012 12:27:31 | Computer Name = Medion-PC | Source = MySQL | ID = 100
Description = Fatal error: Can't open and lock privilege tables: Incorrect key file
for table 'user'; try to repair it For more information, see Help and Support Center
at hxxp://www.mysql.com.
Error - 04.01.2012 12:27:51 | Computer Name = Medion-PC | Source = VSS | ID = 8194
Description =
Error - 05.01.2012 08:23:48 | Computer Name = Medion-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.01.2012 12:18:36 | Computer Name = Medion-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.01.2012 04:42:26 | Computer Name = Medion-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.01.2012 04:47:48 | Computer Name = Medion-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.01.2012 07:09:57 | Computer Name = Medion-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.01.2012 07:33:51 | Computer Name = Medion-PC | Source = VSS | ID = 8194
Description =
[ System Events ]
Error - 31.12.2011 05:11:58 | Computer Name = Medion-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0016EAD0C51E zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 31.12.2011 10:52:43 | Computer Name = Medion-PC | Source = HTTP | ID = 15016
Description =
Error - 31.12.2011 10:54:11 | Computer Name = Medion-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 31.12.2011 10:54:11 | Computer Name = Medion-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 31.12.2011 13:34:16 | Computer Name = Medion-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0016EAD0C51E zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 01.01.2012 07:06:12 | Computer Name = Medion-PC | Source = HTTP | ID = 15016
Description =
Error - 01.01.2012 07:07:41 | Computer Name = Medion-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 01.01.2012 07:07:41 | Computer Name = Medion-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 01.01.2012 12:08:40 | Computer Name = Medion-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0016EAD0C51E zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 01.01.2012 12:21:08 | Computer Name = Medion-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0016EAD0C51E zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
< End of report >
|
