Home » Viren, Trojaner & Malware Forum » Laptop sehr langsam, Virenscanner findet nichts, Internet-Seiten bauen sich lang » Themenansicht
Laptop sehr langsam, Virenscanner findet nichts, Internet-Seiten bauen sich lang |
||
|---|---|---|
| #0
| ||
|
13.08.2011, 15:59
Member
Beiträge: 15 |
||
 
|
|
|
|
13.08.2011, 16:48
Member
Themenstarter Beiträge: 15 |
#2
Hallo,
leider kann ich kein Logfile des Scans von Gmer posten, da das Programm jedesmal mittendrin beendet wurde; einmal fuhr Windows sich sogar selbst herunter. Bin für jeden Rat dankbar.... Grüße, Heritage |
|
|
|
|
|
|
13.08.2011, 17:13
Moderator
Beiträge: 5694 |
#3
Hallo und herzlich Willkommen auf Protecus.de
Um ein infiziertes System zu bereinigen bedarf es neben Zeit auch die Beachtung folgender Punkte: • Halte Dich an die Anweisungen des jeweiligen Helfers. • Falls Du externen Speichermedien (USB Sticks, Festplatten) hast, dann schliesse die vor der Reinigung an. • Während der Reinigung solltest Du weder Programme installieren noch deinstallieren, welche nicht ausdrücklich verlangt werden. • Bitte arbeite jeden Schritt der Reihe nach ab. • Falls bei einem Schritt Probleme auftauchen, poste was du bereits hast und melde Dich mit dem Problembeschreiben. • Die Bereinigung ist erst beendet wenn der jeweilige Helfer das OK gibt. • Wenn die Kiste wieder flott läuft heisst das nicht, dass das Sytem auch sauber ist. • Bei geschäftlich genutzten Rechner sollte der zuständige IT Verantwortliche beigezogen werden. • Ein Support unsererseits kann unter Umständen bei einem Firmenrechner abgelehnt werden. • Bei illegaler Software besteht die Möglichkeit, dass der Support eingestellt wird. • Jegliche Cracks oder Keygens werden weder gefördert noch akzeptiert. • Bei stark infizierten Systemen vorallem wenn Backdoors oder Rootkits involviert sind kann es vorkommen, dass ein Helfer zum Neuaufsetzen rät. • In letzter Instanz ist dann immer der User welcher entscheidet. Vista und Win7 User: Alle Programme und Tools, die wir anordnen, immer mit Rechtsklick und Als Administrator ausführen. Schritt 1 Malwarebytes Anti-Malware Lade MBAM herunter, installiere es und wähle bei Reiter: -> “Update“> “Suche nach Aktualisierungen“ -> “Einstellungen“> “Beende Internet Explorer während des Löschvorgangs“ -> “Scanner”> "Quickscan durchfuehren". Wenn am Ende Infizierungen gefunden werden, diese anhaken und entfernen lassen. Starte dein Rechner neu |
|
|
|
|
|
|
14.08.2011, 16:06
Member
Themenstarter Beiträge: 15 |
#4
Hallo, Swiss,
und danke für Deine Hilfe! MBAM hat keine Infizierungen gefunden.... alwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Datenbank Version: 7465 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 14.08.2011 16:02:42 mbam-log-2011-08-14 (16-02-42).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 173856 Laufzeit: 6 Minute(n), 56 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Ganz viele Grüße, Heritage |
|
|
|
|
|
|
14.08.2011, 23:59
Moderator
Beiträge: 5694 |
#5
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren. Lade ComboFix von einem der unten aufgeführten Links herunter. Du musst diese umbenennen, bevor Du es auf den Desktop speicherst. Speichere ComboFix auf deinen Desktop. • BleepingComputer • ForoSpyware**NB: Es ist wichtig, das ComboFix.exe auf dem Desktop gespeichert wird**   • Deaktivere Deine Anti-Virus- und Anti-Spyware-Programme. Normalerweise kannst Du dies über einen Rechtsklick auf das Systemtray-Icon tun. Die Programme könnten sonst eventuell unsere Programme bei deren Arbeit stören. • Doppel-klicke auf ComboFix.exe und folge den Aufforderungen. • Wenn ComboFix fertig ist, wird es ein Log für dich erstellen. • Bitte poste mir den Inhalt von C:\ComboFix.txt hier in de Thread. |
|
|
|
|
|
|
28.08.2011, 08:38
Member
Themenstarter Beiträge: 15 |
#6
Hallo Swiss,
und vielen Dank für Deine Antwort! Sorry, daß ich mich jetzt erst melde, ich war einige Tage außer Gefecht gesetzt. Ich habe COmboFix heruntergeladen und auf den Desktop gespeichert (übrigens wurde es gleich als "ComboFix" gespeichert, ich mußte nichts umbenennen!). Anitvirus-Programme etc habe ich deaktiviert und dann auf ComboFix geklickt. Beim ersten Durchlauf stoppte das Programm irgendwann (es erschien die Meldung "Keine Rückmeldung" und "ComboFix NSIS Installer reagiert nicht"). Ich habe das Programm dann beendet und nochmal gestartet, dann lief der Prüfvorgang durch, allerdings kamen mehrmals Rückmeldungen, daß eine bestimmte Datei nicht bearbeitet werden könne und ob der Durchlauf abgebrochen werden solle, der Konflikt ignoriert werden solle oder die Datei übersprungen werden solle. Ich habe auf Ignorieren geklickt, ComboFix lief weiter, aber ich habe nirgends eine File entdeckt, die ich posten könnte - auch bei einem zweiten Durchlauf nicht, bei dem wieder entsprechende Meldungen kamen (Abbruch/ Ignorieren/ Überspringen). Was soll ich jetzt machen? Viele Grüße, und nochmals vielen Dank! Heritage |
|
|
|
|
|
|
30.08.2011, 21:53
Moderator
Beiträge: 5694 |
#7
Versuche CF nochmals.
|
|
|
|
|
|
|
04.10.2011, 17:53
...neu hier
Beiträge: 9 |
#8
Hi ma an alle
tut mir leid falls ich in nem falschne thema bin aber wusste nich wo ich sonst hin schreiben soll also hab mir einen laptop gekauft und ihn über wlan mit meinem router verbunden und jetzt ist mein problem wenn ich nur meinen router eingeschalten habe is mein inet so langsam das eine seite wie FB z.B. bestimmt 5 min braucht um aufzubaun aber sobald ich meinen PC auch anschalte is das inet an meinem laptop schneller habe vollen empfang am laptop und weis nicht woran es liegen könnte bin nicht so der fachmann dafür danke im vorraus 
|
|
|
|
|
|
|
04.10.2011, 18:27
Moderator
Beiträge: 5694 |
#9
Wichtig ist einfach ein neues Thema eröffnen und nicht in einem anderen zu posten.
Eröffne hier ein neues Thema: http://board.protecus.de/newtopic.php?boardid=3 und arbeite folgendes ab: http://board.protecus.de/t40182.htm |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
- » Internet Seiten bauen sich sehr langsam auf
- » laptop sehr langsam, boottime viel zu lang, manche internetseiten ersch.komisch
- » Internetseiten bauen sich nur sehr langsam auf bzw. gar nicht
- » Laptop sehr langsam!!! Nichts funktioniert mehr richtig!!!
- » Internet sehr langsam, Browser leitet auf seltsame Seiten weiter
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
1. Problembeschreibung:
seit wir aus unserem Urlaub wieder da sind, ist unser Medion-Laptop sehr langsam; Internet-Seiten bauen sich langsam auf und unsere Anti-Viren-Softwate (bitdefender) findet nichts. Aufällig war, daß der Laptop nach unserer Rückkehr aus dem Urlaub anfangs nicht richtig hochgefahren ist; wir mußten ihn mehrfach aus- und wieder einschalten, um ihn hochfahren zu können. Während des Urlaubs konnte übrigens niemand dran, er war im Safe.
2. Systemscan mit OTL
OTL logfile created on: 13.08.2011 15:16:53 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\AdMin Medion Slim\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 47,32% Memory free
6,18 Gb Paging File | 4,31 Gb Available in Paging File | 69,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 282,27 Gb Total Space | 183,08 Gb Free Space | 64,86% Space Free | Partition Type: NTFS
Drive D: | 15,81 Gb Total Space | 4,26 Gb Free Space | 26,96% Space Free | Partition Type: FAT32
Computer Name: MEDION-S5610 | User Name: AdMin Medion Slim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - C:\Users\AdMin Medion Slim\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
PRC - C:\Programme\BitDefender\BitDefender 2011\seccenter.exe (BitDefender S.R.L.)
PRC - C:\Programme\BitDefender\BitDefender 2011\vsserv.exe (BitDefender S.R.L.)
PRC - C:\Programme\BitDefender\BitDefender 2011\pchooklaunch32.exe (BitDefender S.R.L.)
PRC - C:\Programme\BitDefender\BitDefender 2011\updatesrv.exe (BitDefender S.R.L.)
PRC - C:\Programme\WISO\Steuersoftware 2011\mshaktuell.exe ()
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktopIndex.exe (Google)
PRC - C:\Programme\Softex\OmniPass\scureapp.exe ()
PRC - C:\Programme\Softex\OmniPass\opvapp.exe ()
PRC - C:\Programme\Softex\OmniPass\OmniServ.exe (Softex Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
PRC - C:\Windows\System32\iscsrv.exe (Giesecke & Devrient GmbH)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\Programme\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\Programme\Palm\Hotsync.exe (PalmSource, Inc)
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - C:\Users\AdMin Medion Slim\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00094_009\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00094_009\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00094_009\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00094_009\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00094_009\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00094_009\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00094_009\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe (BitDefender S.R.L.)
SRV - (Updatesrv) -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe (BitDefender S.R.L.)
SRV - (Update Server) -- C:\Programme\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (BitDefender)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (GoogleDesktopManager) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe (Google)
SRV - (omniserv) -- C:\Programme\Softex\OmniPass\OmniServ.exe (Softex Inc.)
SRV - (TOSHIBA Bluetooth Service) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (Isc_Service) -- C:\Windows\System32\\iscsrv.exe ()
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - (bdselfpr) -- C:\Programme\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender LLC)
DRV - (Trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (bdfsfltr) -- C:\Windows\system32\DRIVERS\bdfsfltr.sys (BitDefender)
DRV - (Bdftdif) -- C:\Programme\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (Bdfndisf) -- c:\Programme\Common Files\BitDefender\BitDefender Firewall\bdfndisf6.sys (BitDefender)
DRV - (avckf) -- C:\Windows\System32\drivers\avckf.sys (BitDefender)
DRV - (avc3) -- C:\Windows\System32\drivers\avc3.sys (BitDefender)
DRV - (BDFM) -- C:\Windows\System32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (PalmUSBD) -- C:\Windows\System32\drivers\PalmUSBD.sys (PalmSource, Inc.)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (JRAID) -- C:\Windows\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (circlass) -- C:\Windows\system32\drivers\circlass.sys ()
DRV - (Wd) -- C:\Windows\system32\drivers\wd.sys ()
DRV - (kbdhid) -- C:\Windows\system32\drivers\kbdhid.sys ()
DRV - (sffdisk) -- C:\Windows\system32\drivers\sffdisk.sys ()
DRV - (sffp_mmc) -- C:\Windows\system32\drivers\sffp_mmc.sys ()
DRV - (sffp_sd) -- C:\Windows\system32\drivers\sffp_sd.sys ()
DRV - (IPMIDRV) -- C:\Windows\system32\drivers\ipmidrv.sys ()
DRV - (gagp30kx) -- C:\Windows\system32\drivers\gagp30kx.sys ()
DRV - (uagp35) -- C:\Windows\system32\drivers\uagp35.sys ()
DRV - (msdsm) -- C:\Windows\system32\drivers\msdsm.sys ()
DRV - (mpio) -- C:\Windows\system32\drivers\mpio.sys ()
DRV - (sermouse) -- C:\Windows\system32\drivers\sermouse.sys ()
DRV - (i2omp) -- C:\Windows\system32\drivers\i2omp.sys ()
DRV - (rdpdr) -- C:\Windows\system32\drivers\rdpdr.sys ()
DRV - (nv_agp) -- C:\Windows\system32\drivers\nv_agp.sys ()
DRV - (uliagpkx) -- C:\Windows\system32\drivers\uliagpkx.sys ()
DRV - (viaagp) -- C:\Windows\system32\drivers\viaagp.sys ()
DRV - (agp440) -- C:\Windows\system32\drivers\agp440.sys ()
DRV - (isapnp) -- C:\Windows\system32\drivers\isapnp.sys ()
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys ()
DRV - (AmdK8) -- C:\Windows\system32\drivers\amdk8.sys ()
DRV - (ViaC7) -- C:\Windows\system32\drivers\viac7.sys ()
DRV - (AmdK7) -- C:\Windows\system32\drivers\amdk7.sys ()
DRV - (Processor) -- C:\Windows\system32\drivers\processr.sys ()
DRV - (Crusoe) -- C:\Windows\system32\drivers\crusoe.sys ()
DRV - (intelide) -- C:\Windows\system32\drivers\intelide.sys ()
DRV - (amdide) -- C:\Windows\system32\drivers\amdide.sys ()
DRV - (pciide) -- C:\Windows\system32\drivers\pciide.sys ()
DRV - (WmiAcpi) -- C:\Windows\system32\drivers\wmiacpi.sys ()
DRV - (ErrDev) -- C:\Windows\system32\drivers\errdev.sys ()
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (pcmcia) -- C:\Windows\system32\drivers\pcmcia.sys ()
DRV - (sbp2port) -- C:\Windows\system32\drivers\sbp2port.sys ()
DRV - (BTHMODEM) -- C:\Windows\system32\drivers\bthmodem.sys ()
DRV - (HidBth) -- C:\Windows\system32\drivers\hidbth.sys ()
DRV - (ohci1394) -- C:\Windows\system32\drivers\ohci1394.sys ()
DRV - (usbcir) eHome Infrared Receiver (USBCIR) -- C:\Windows\system32\drivers\usbcir.sys ()
DRV - (usbohci) -- C:\Windows\system32\drivers\usbohci.sys ()
DRV - (HidIr) -- C:\Windows\system32\drivers\hidir.sys ()
DRV - (WacomPen) -- C:\Windows\system32\drivers\wacompen.sys ()
DRV - (sfloppy) -- C:\Windows\system32\drivers\sfloppy.sys ()
DRV - (Serial) -- C:\Windows\system32\drivers\serial.sys ()
DRV - (Parport) -- C:\Windows\system32\drivers\parport.sys ()
DRV - (Serenum) -- C:\Windows\system32\drivers\serenum.sys ()
DRV - (Parvdm) -- C:\Windows\system32\drivers\parvdm.sys ()
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\AdMin Medion Slim\Documents\Dateien ex Medion Laptop alt\14_InfoCom Computer Telefonie\Falk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.tagesschau.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\datavault@ascendo.inc: C:\Program Files\DataVault\firefox [2010.05.01 08:22:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011.06.24 19:14:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdtbext\ [2011.07.28 14:50:57 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DataVault Bar) - {0D792CB2-2654-4E99-A597-7FC317F04D61} - C:\Programme\DataVault\ie.dll (Ascendo Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Programme\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [OmniPass] C:\Programme\Softex\OmniPass\scureapp.exe ()
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\AdMin Medion Slim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save to DataVault - C:\Program Files\DataVault\iemenuext.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\AdMin Medion Slim\Documents\Dateien ex Medion Laptop alt\11_Urlaub\2007 Sommerferien Loire\DSC02617.JPG
O24 - Desktop BackupWallPaper: C:\Users\AdMin Medion Slim\Documents\Dateien ex Medion Laptop alt\11_Urlaub\2007 Sommerferien Loire\DSC02617.JPG
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.08.21 11:50:32 | 000,000,672 | RH-- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{20cee258-64cd-11de-8d74-002220017304}\Shell\verb1\command - "" = F:\desktop.exe
O33 - MountPoints2\{b6887761-1fd5-11df-9c25-002220017304}\Shell - "" = AutoRun
O33 - MountPoints2\{b6887761-1fd5-11df-9c25-002220017304}\Shell\AutoRun\command - "" = F:\iscstart.exe
O33 - MountPoints2\{ba8f8a04-e87d-11dd-94f8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ba8f8a04-e87d-11dd-94f8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\start.exe /auto
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]
[2011.08.13 15:15:00 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\AdMin Medion Slim\Desktop\OTL.exe
[2011.08.11 00:22:51 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.08.11 00:22:48 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.08.11 00:22:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.08.11 00:22:47 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.08.11 00:22:46 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.08.11 00:22:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.08.10 22:10:22 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.08.10 21:48:43 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.08.10 21:48:43 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.07.28 15:13:34 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.07.28 15:13:28 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011.07.04 20:03:15 | 000,000,000 | ---D | C] -- C:\Users\AdMin Medion Slim\AppData\Local\Falk Navi-Manager
[2011.07.04 20:00:04 | 000,000,000 | ---D | C] -- C:\Users\AdMin Medion Slim\Documents\FalkData
[2011.07.04 19:59:30 | 001,089,536 | ---- | C] (eHelp Corporation.) -- C:\Windows\System32\ROBOEX32.DLL
[2011.07.04 19:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Falk
[2011.07.04 19:59:23 | 000,000,000 | ---D | C] -- C:\Program Files\Falk
[2011.06.26 15:21:43 | 000,000,000 | ---D | C] -- C:\Users\AdMin Medion Slim\Documents\Mein Steuer-Sparbuch Heute
[2011.06.26 15:20:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2011
[2011.06.26 13:58:45 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.06.08 06:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.06.01 20:27:55 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[color=#E56717]========== Files - Modified Within 90 Days ==========[/color]
[2011.08.13 15:15:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\AdMin Medion Slim\Desktop\OTL.exe
[2011.08.13 14:51:11 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.13 14:21:29 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.13 14:21:12 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.13 14:21:11 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.13 14:21:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.13 14:20:58 | 3215,859,712 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.13 01:16:17 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.08.11 00:16:27 | 000,632,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.08.11 00:16:27 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.08.11 00:16:27 | 000,127,464 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.08.11 00:16:27 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.07.29 05:55:35 | 000,405,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.07.28 14:32:56 | 000,000,000 | ---- | M] () -- C:\Users\AdMin Medion Slim\AppData\Local\{06BCDE40-6716-4B2E-B35A-A3A60415D211}
[2011.07.22 04:54:43 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.07.22 04:47:24 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.07.22 04:46:48 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.07.22 04:45:41 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.07.22 04:44:36 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.07.22 04:43:07 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.07.04 19:59:24 | 000,001,625 | ---- | M] () -- C:\Users\Public\Desktop\Falk Navi-Manager.lnk
[2011.06.26 15:30:40 | 000,001,311 | ---- | M] () -- C:\Windows\WISO.INI
[2011.06.26 15:21:04 | 000,001,910 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
[2011.06.26 15:21:04 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2011.lnk
[2011.06.26 13:58:39 | 220,204,985 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.06.24 05:46:58 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.06.20 10:54:36 | 003,602,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.06.20 10:54:36 | 003,550,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.06.18 08:31:00 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.06.17 18:03:18 | 000,375,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.06.08 06:48:05 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.06.02 17:09:10 | 000,306,320 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2011.06.02 15:34:49 | 002,043,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011.07.28 14:32:56 | 000,000,000 | ---- | C] () -- C:\Users\AdMin Medion Slim\AppData\Local\{06BCDE40-6716-4B2E-B35A-A3A60415D211}
[2011.07.04 19:59:54 | 000,001,340 | ---- | C] () -- C:\Windows\System32\KMLImportPlugin.tlb
[2011.07.04 19:59:30 | 001,456,640 | ---- | C] () -- C:\Program Files\Common Files\Falk Navi-Manager.msi
[2011.07.04 19:59:30 | 000,003,600 | ---- | C] () -- C:\Windows\System32\FNMPlugin.tlb
[2011.07.04 19:59:24 | 000,001,625 | ---- | C] () -- C:\Users\Public\Desktop\Falk Navi-Manager.lnk
[2011.06.26 15:21:04 | 000,001,910 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
[2011.06.26 15:21:04 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2011.lnk
[2011.06.26 13:58:39 | 220,204,985 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.06.08 06:48:05 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.04.25 19:25:01 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.07.08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2010.06.13 14:12:57 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2010.04.16 21:06:17 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2010.02.17 18:30:39 | 000,000,025 | ---- | C] () -- C:\Users\AdMin Medion Slim\AppData\Roaming\bdfvconp.ini
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010.01.30 09:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010.01.01 13:28:53 | 000,000,127 | ---- | C] () -- C:\Windows\nsnsware.ini
[2009.11.01 10:56:36 | 000,000,567 | ---- | C] () -- C:\Windows\eReg.dat
[2009.09.14 18:09:07 | 000,000,132 | ---- | C] () -- C:\Windows\System32\rezumatenoi.dat
[2009.09.11 06:21:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.11 06:21:23 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.11 06:20:53 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.09.09 21:56:41 | 000,000,016 | ---- | C] () -- C:\Windows\System32\asdict.dat
[2009.09.09 21:56:41 | 000,000,004 | ---- | C] () -- C:\Windows\System32\aspdict-en.dat
[2009.09.09 19:53:18 | 000,000,000 | ---- | C] () -- C:\Windows\System32\wsbl.dat
[2009.09.09 19:53:18 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_white.dat
[2009.09.09 19:53:18 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_summ.dat
[2009.09.09 19:53:18 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_black.dat
[2009.09.09 19:53:18 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords2.dat
[2009.09.09 19:53:18 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords.dat
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.03.25 18:12:54 | 000,006,836 | ---- | C] () -- C:\Users\AdMin Medion Slim\AppData\Local\d3d9caps.dat
[2009.01.31 21:22:45 | 000,007,168 | ---- | C] () -- C:\Users\AdMin Medion Slim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.31 21:00:59 | 000,081,984 | ---- | C] () -- C:\Windows\System32\bdod.bin
[2009.01.30 19:29:07 | 000,000,000 | ---- | C] () -- C:\Users\AdMin Medion Slim\AppData\Roaming\wklnhst.dat
[2008.09.30 16:46:42 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2008.09.30 13:55:26 | 000,001,311 | ---- | C] () -- C:\Windows\WISO.INI
[2008.09.30 13:16:02 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.09.30 13:16:01 | 000,632,252 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.09.30 13:16:01 | 000,127,464 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.09.30 13:16:01 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.09.30 05:04:07 | 000,036,864 | ---- | C] () -- C:\Windows\System32\Hooks.dll
[2008.09.30 04:09:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.09.30 03:57:16 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.09.30 03:57:16 | 000,172,033 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008.09.30 03:57:16 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.09.30 03:57:16 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008.09.30 03:57:01 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.09.30 03:21:38 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.01.21 05:13:20 | 000,006,656 | ---- | C] () -- C:\Windows\System32\drivers\errdev.sys
[2008.01.21 05:11:16 | 000,045,568 | ---- | C] () -- C:\Windows\System32\drivers\blbdrive.sys
[2008.01.21 05:10:19 | 000,386,616 | ---- | C] () -- C:\Windows\System32\drivers\MegaSR.sys
[2008.01.21 04:23:23 | 000,096,312 | ---- | C] () -- C:\Windows\System32\drivers\lsi_scsi.sys
[2008.01.21 04:23:20 | 000,019,968 | ---- | C] () -- C:\Windows\System32\drivers\sermouse.sys
[2008.01.21 04:23:00 | 000,017,976 | ---- | C] () -- C:\Windows\System32\drivers\intelide.sys
[2007.12.21 16:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007.06.05 13:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2007.01.31 14:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,405,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,598,900 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,914 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 11:38:56 | 000,013,568 | ---- | C] () -- C:\Windows\System32\drivers\BrFiltLo.sys
[2006.11.02 11:38:00 | 000,011,904 | ---- | C] () -- C:\Windows\System32\drivers\BrUsbSer.sys
[2006.11.02 11:37:31 | 000,012,160 | ---- | C] () -- C:\Windows\System32\drivers\BrUsbMdm.sys
[2006.11.02 11:37:24 | 000,005,248 | ---- | C] () -- C:\Windows\System32\drivers\BrFiltUp.sys
[2006.11.02 11:36:51 | 000,062,336 | ---- | C] () -- C:\Windows\System32\drivers\BrSerWdm.sys
[2006.11.02 11:22:06 | 000,071,808 | ---- | C] () -- C:\Windows\System32\drivers\BrSerId.sys
[2006.11.02 11:03:00 | 000,248,832 | ---- | C] () -- C:\Windows\System32\drivers\rdpdr.sys
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:55:23 | 000,039,936 | ---- | C] () -- C:\Windows\System32\drivers\bthmodem.sys
[2006.11.02 10:55:22 | 000,029,184 | ---- | C] () -- C:\Windows\System32\drivers\hidbth.sys
[2006.11.02 10:55:16 | 000,062,080 | ---- | C] () -- C:\Windows\System32\drivers\ohci1394.sys
[2006.11.02 10:55:09 | 000,068,608 | ---- | C] () -- C:\Windows\System32\drivers\usbcir.sys
[2006.11.02 10:55:08 | 000,035,328 | ---- | C] () -- C:\Windows\System32\drivers\circlass.sys
[2006.11.02 10:55:05 | 000,019,456 | ---- | C] () -- C:\Windows\System32\drivers\usbohci.sys
[2006.11.02 10:55:01 | 000,021,504 | ---- | C] () -- C:\Windows\System32\drivers\hidir.sys
[2006.11.02 10:54:05 | 000,022,072 | ---- | C] () -- C:\Windows\System32\drivers\wd.sys
[2006.11.02 10:52:52 | 000,020,608 | ---- | C] () -- C:\Windows\System32\drivers\wacompen.sys
[2006.11.02 10:52:40 | 000,094,776 | ---- | C] () -- C:\Windows\System32\drivers\msdsm.sys
[2006.11.02 10:52:38 | 000,105,016 | ---- | C] () -- C:\Windows\System32\drivers\mpio.sys
[2006.11.02 10:51:45 | 000,076,392 | ---- | C] () -- C:\Windows\System32\drivers\sbp2port.sys
[2006.11.02 10:51:40 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\sfloppy.sys
[2006.11.02 10:51:40 | 000,012,288 | ---- | C] () -- C:\Windows\System32\drivers\sffp_mmc.sys
[2006.11.02 10:51:40 | 000,011,776 | ---- | C] () -- C:\Windows\System32\drivers\sffp_sd.sys
[2006.11.02 10:51:38 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\sffdisk.sys
[2006.11.02 10:51:37 | 000,030,264 | ---- | C] () -- C:\Windows\System32\drivers\i2omp.sys
[2006.11.02 10:51:36 | 000,020,024 | ---- | C] () -- C:\Windows\System32\drivers\viaide.sys
[2006.11.02 10:51:36 | 000,017,976 | ---- | C] () -- C:\Windows\System32\drivers\amdide.sys
[2006.11.02 10:51:35 | 000,019,000 | ---- | C] () -- C:\Windows\System32\drivers\cmdide.sys
[2006.11.02 10:51:35 | 000,017,464 | ---- | C] () -- C:\Windows\System32\drivers\aliide.sys
[2006.11.02 10:51:35 | 000,016,440 | ---- | C] () -- C:\Windows\System32\drivers\pciide.sys
[2006.11.02 10:51:30 | 000,083,456 | ---- | C] () -- C:\Windows\System32\drivers\serial.sys
[2006.11.02 10:51:30 | 000,079,360 | ---- | C] () -- C:\Windows\System32\drivers\parport.sys
[2006.11.02 10:51:25 | 000,017,920 | ---- | C] () -- C:\Windows\System32\drivers\serenum.sys
[2006.11.02 10:51:23 | 000,008,704 | ---- | C] () -- C:\Windows\System32\drivers\parvdm.sys
[2006.11.02 10:51:12 | 000,015,872 | ---- | C] () -- C:\Windows\System32\drivers\kbdhid.sys
[2006.11.02 10:42:03 | 000,064,512 | ---- | C] () -- C:\Windows\System32\drivers\IPMIDrv.sys
[2006.11.02 10:35:13 | 000,167,528 | ---- | C] () -- C:\Windows\System32\drivers\pcmcia.sys
[2006.11.02 10:35:11 | 000,049,720 | ---- | C] () -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 10:35:08 | 000,109,112 | ---- | C] () -- C:\Windows\System32\drivers\NV_AGP.SYS
[2006.11.02 10:35:08 | 000,060,984 | ---- | C] () -- C:\Windows\System32\drivers\ULIAGPKX.SYS
[2006.11.02 10:35:07 | 000,061,496 | ---- | C] () -- C:\Windows\System32\drivers\GAGP30KX.SYS
[2006.11.02 10:35:07 | 000,059,448 | ---- | C] () -- C:\Windows\System32\drivers\UAGP35.SYS
[2006.11.02 10:35:07 | 000,056,888 | ---- | C] () -- C:\Windows\System32\drivers\VIAAGP.SYS
[2006.11.02 10:35:06 | 000,057,400 | ---- | C] () -- C:\Windows\System32\drivers\AMDAGP.SYS
[2006.11.02 10:35:06 | 000,056,376 | ---- | C] () -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:35:06 | 000,055,864 | ---- | C] () -- C:\Windows\System32\drivers\SISAGP.SYS
[2006.11.02 10:35:03 | 000,011,264 | ---- | C] () -- C:\Windows\System32\drivers\wmiacpi.sys
[2006.11.02 10:30:19 | 000,041,472 | ---- | C] () -- C:\Windows\System32\drivers\viac7.sys
[2006.11.02 10:30:18 | 000,044,032 | ---- | C] () -- C:\Windows\System32\drivers\amdk8.sys
[2006.11.02 10:30:18 | 000,041,472 | ---- | C] () -- C:\Windows\System32\drivers\amdk7.sys
[2006.11.02 10:30:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\drivers\processr.sys
[2006.11.02 10:30:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\drivers\crusoe.sys
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:36:50 | 000,020,608 | ---- | C] () -- C:\Windows\System32\drivers\ntrigdigi.sys
[2006.11.02 09:36:49 | 000,071,272 | ---- | C] () -- C:\Windows\System32\drivers\djsvs.sys
[2006.11.02 09:36:48 | 000,238,648 | ---- | C] () -- C:\Windows\System32\drivers\uliahci.sys
[2006.11.02 09:36:48 | 000,130,616 | ---- | C] () -- C:\Windows\System32\drivers\vsmraid.sys
[2006.11.02 09:36:48 | 000,106,088 | ---- | C] () -- C:\Windows\System32\drivers\ql40xx.sys
[2006.11.02 09:36:48 | 000,074,808 | ---- | C] () -- C:\Windows\System32\drivers\sisraid4.sys
[2006.11.02 09:36:48 | 000,041,016 | ---- | C] () -- C:\Windows\System32\drivers\sisraid2.sys
[2006.11.02 09:36:47 | 001,122,360 | ---- | C] () -- C:\Windows\System32\drivers\ql2300.sys
[2006.11.02 09:36:47 | 000,096,312 | ---- | C] () -- C:\Windows\System32\drivers\lsi_fc.sys
[2006.11.02 09:36:47 | 000,035,944 | ---- | C] () -- C:\Windows\System32\drivers\symc8xx.sys
[2006.11.02 09:36:47 | 000,034,920 | ---- | C] () -- C:\Windows\System32\drivers\sym_u3.sys
[2006.11.02 09:36:47 | 000,031,848 | ---- | C] () -- C:\Windows\System32\drivers\sym_hi.sys
[2006.11.02 09:36:46 | 000,115,816 | ---- | C] () -- C:\Windows\System32\drivers\ulsata2.sys
[2006.11.02 09:36:46 | 000,102,968 | ---- | C] () -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 09:36:46 | 000,098,408 | ---- | C] () -- C:\Windows\System32\drivers\ulsata.sys
[2006.11.02 09:36:46 | 000,089,656 | ---- | C] () -- C:\Windows\System32\drivers\lsi_sas.sys
[2006.11.02 09:36:46 | 000,045,112 | ---- | C] () -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 09:36:45 | 000,035,944 | ---- | C] () -- C:\Windows\System32\drivers\iteatapi.sys
[2006.11.02 09:36:45 | 000,033,384 | ---- | C] () -- C:\Windows\System32\drivers\Mraid35x.sys
[2006.11.02 09:36:45 | 000,031,288 | ---- | C] () -- C:\Windows\System32\drivers\megasas.sys
[2006.11.02 09:36:44 | 000,342,584 | ---- | C] () -- C:\Windows\System32\drivers\elxstor.sys
[2006.11.02 09:36:44 | 000,235,064 | ---- | C] () -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 09:36:44 | 000,079,928 | ---- | C] () -- C:\Windows\System32\drivers\arcsas.sys
[2006.11.02 09:36:44 | 000,079,416 | ---- | C] () -- C:\Windows\System32\drivers\arc.sys
[2006.11.02 09:36:44 | 000,045,160 | ---- | C] () -- C:\Windows\System32\drivers\nfrd960.sys
[2006.11.02 09:36:44 | 000,041,576 | ---- | C] () -- C:\Windows\System32\drivers\iirsp.sys
[2006.11.02 09:36:44 | 000,040,504 | ---- | C] () -- C:\Windows\System32\drivers\HpCISSs.sys
[2006.11.02 09:36:44 | 000,035,944 | ---- | C] () -- C:\Windows\System32\drivers\iteraid.sys
[2006.11.02 09:36:43 | 000,422,968 | ---- | C] () -- C:\Windows\System32\drivers\adp94xx.sys
[2006.11.02 09:36:43 | 000,300,600 | ---- | C] () -- C:\Windows\System32\drivers\adpahci.sys
[2006.11.02 09:36:43 | 000,149,560 | ---- | C] () -- C:\Windows\System32\drivers\adpu320.sys
[2006.11.02 09:36:43 | 000,101,432 | ---- | C] () -- C:\Windows\System32\drivers\adpu160m.sys
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.07.22 21:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[color=#E56717]========== LOP Check ==========[/color]
[2010.05.01 08:23:31 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\Ascendo
[2011.01.23 11:01:05 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\BitDefender
[2010.04.16 21:18:01 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\Blackberry Desktop
[2009.01.30 19:00:50 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\Buhl Data Service
[2009.01.30 19:00:40 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\Buhl Data Service GmbH
[2009.10.03 09:45:03 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\HotSync
[2009.10.03 10:05:38 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\Leadertech
[2010.02.18 21:00:34 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\Opera
[2011.01.23 10:42:36 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\QuickScan
[2010.11.20 14:44:10 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\Research In Motion
[2009.01.30 19:33:36 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\Template
[2009.01.31 21:25:08 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\Toshiba
[2010.08.10 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\AdMin Medion Slim\AppData\Roaming\Windows Live Writer
[2011.08.13 01:16:18 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 10 bytes -> C:\Users\AdMin Medion Slim\Desktop\OTL.exe:BDU
< End of report >
OTL Extras logfile created on: 13.08.2011 15:16:53 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\AdMin Medion Slim\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 47,32% Memory free
6,18 Gb Paging File | 4,31 Gb Available in Paging File | 69,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 282,27 Gb Total Space | 183,08 Gb Free Space | 64,86% Space Free | Partition Type: NTFS
Drive D: | 15,81 Gb Total Space | 4,26 Gb Free Space | 26,96% Space Free | Partition Type: FAT32
Computer Name: MEDION-S5610 | User Name: AdMin Medion Slim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09CA03FB-1B55-486E-BB5C-95A5A5A5C719}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{30169BA5-18C6-436B-B3EC-A2515E6F1FC2}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{446AC78A-541A-4209-AF75-0FDE1E6F32F1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{66DD7259-5830-43A2-AD8F-EC2CB382082A}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{C64B2283-6A54-4655-8920-F0102320E2C6}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{D5597FFF-0317-4AAC-AC10-58BF1C9FE534}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D91D9775-634A-49B9-9500-630D481340DD}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08D959A9-FB80-4172-800D-6BF3B4478E9C}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{16BF3B58-9289-4178-BF9E-754E1179F541}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{30A42F73-7E41-4AC6-96EE-175A9CEE7D74}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{30F9B9D9-BB1E-466E-84D7-779BFF35996C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{37173AC5-0291-45EE-AA97-18E54EEC4ACB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{51545059-7F1B-497C-B09D-DE358034483C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{8298BC19-EA0B-4E53-909C-9F2179384984}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe |
"{8507C66E-A8B9-4DEB-9AF7-7EB3558364E0}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{895E2B42-9D2D-4834-81B3-9D1CB5A504F4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{8E220577-9716-4C79-9C37-364DEB1117EB}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{9DDE12ED-23F2-4AE0-B6F3-B46F84BB266C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D4E70552-2928-4619-A5F5-DA61FE95CEE3}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}" = WISO Sparbuch 2009
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0CD3CFF0-9A22-4CDA-BF1B-FA73C1D8B95B}" = Palm
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2D438E32-E46F-A3C7-B390-CFC652EE6478}" = Skins
"{3222B0CE-59C5-4CA0-B545-2B88F200756B}" = Falk Navi-Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{340A2AD6-0679-46DA-9180-DABBD5B36FD1}" = BitDefender Internet Security 2011
"{35000C37-2D29-9C85-FCA2-433E6D462851}" = Catalyst Control Center Graphics Full New
"{35AEFC0E-C869-EA72-107A-9F0F630D8C2A}" = Catalyst Control Center Graphics Previews Common
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43141122-99AC-0765-CB34-A8F1BF4978C3}" = CCC Help German
"{44061C54-0775-4AE1-B433-79BCC6431817}" = WISO Mein Geld 2009 Professional
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Sparbuch 2010
"{4737AD9F-13AA-4E4C-B86F-B631D557F6A7}" = e-Wörterbücher
"{478CF179-BFA5-07C9-43A4-301B5DC449D2}" = Catalyst Control Center Graphics Previews Vista
"{47948554-90C6-4AAC-8CFA-D23CE11C1031}" = Nero 8 Essentials
"{4A69FE72-6764-B2CE-C275-89EDCCFC858D}" = Catalyst Control Center Graphics Light
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{616A66CD-D36D-4E24-8B67-33AFDFF48061}" = Palm Outlook Conduits Updater
"{65415AC9-0D2B-4A0F-9786-28748640F781}" = Falk Navi-Manager
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{70020E29-1E80-2F90-B125-30C752B3DFEE}" = CCC Help English
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B80F2CF-3012-41B3-0083-D96E3B923A33}" = Fussball Manager 2003
"{7D3398D2-0A93-E93D-4D3B-D93D1829964B}" = Catalyst Control Center InstallProxy
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D798C7D-933C-4678-28DE-B33A734B4DE9}" = ccc-utility
"{9DC7D0A4-00A8-5D59-B104-A7C82ED9FA7A}" = Catalyst Control Center Localization German
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B50E4F43-69CC-15E3-3BA2-8F4220AE1946}" = ATI Catalyst Install Manager
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BABDF173-48C2-7BFF-CA6D-961CE652123C}" = Catalyst Control Center Core Implementation
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2479F1E-974C-E57E-4D20-40E0C37C80E5}" = ccc-core-static
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E815FB81-995F-4F33-8E25-F16712123AB7}" = AuthenTec Fingerprint Sensor Minimum Install
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}" = OmniPass 5.01.24
"{F50C9048-B456-8BE2-B623-95A48B7F5463}" = Catalyst Control Center Graphics Full Existing
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FEDE400D-3381-4087-ACCB-689DD8A56123}" = Inst5657
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Ascendo Money" = Ascendo Money 3.4.1
"BitDefender" = BitDefender Internet Security 2011
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"cravaches Hermès" = cravaches Hermès Screen Saver
"DataVault" = Ascendo DataVault 4.5.3
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Filofax-Adressbuchsoftware Demo" = Filofax-Adressbuchsoftware Demo
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SplashWallet for BlackBerry" = SplashWallet for BlackBerry 7.15
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite_Wave3" = Windows Live Essentials
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 05.05.2010 23:41:25 | Computer Name = Medion-S5610 | Source = WinMgmt | ID = 10
Description =
Error - 06.05.2010 14:30:31 | Computer Name = Medion-S5610 | Source = WinMgmt | ID = 10
Description =
Error - 06.05.2010 16:36:13 | Computer Name = Medion-S5610 | Source = EventSystem | ID = 4621
Description =
Error - 06.05.2010 23:36:26 | Computer Name = Medion-S5610 | Source = WinMgmt | ID = 10
Description =
Error - 07.05.2010 17:45:17 | Computer Name = Medion-S5610 | Source = WinMgmt | ID = 10
Description =
Error - 08.05.2010 12:27:44 | Computer Name = Medion-S5610 | Source = WinMgmt | ID = 10
Description =
Error - 08.05.2010 15:25:50 | Computer Name = Medion-S5610 | Source = EventSystem | ID = 4621
Description =
Error - 09.05.2010 06:09:21 | Computer Name = Medion-S5610 | Source = WinMgmt | ID = 10
Description =
Error - 09.05.2010 12:17:35 | Computer Name = Medion-S5610 | Source = Application Hang | ID = 1002
Description = Programm OUTLOOK.EXE, Version 12.0.6514.5000 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: bb0 Anfangszeit: 01caef785e0fd95a Zeitpunkt
der Beendigung: 15
Error - 09.05.2010 23:24:37 | Computer Name = Medion-S5610 | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 12.04.2009 12:09:57 | Computer Name = Medion-S5610 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 8255
seconds with 1080 seconds of active time. This session ended with a crash.
Error - 23.11.2009 14:27:28 | Computer Name = Medion-S5610 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 56
seconds with 0 seconds of active time. This session ended with a crash.
Error - 25.11.2009 17:24:27 | Computer Name = Medion-S5610 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5937
seconds with 1260 seconds of active time. This session ended with a crash.
Error - 26.01.2010 16:50:57 | Computer Name = Medion-S5610 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 134
seconds with 120 seconds of active time. This session ended with a crash.
Error - 11.12.2010 10:02:44 | Computer Name = Medion-S5610 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1588
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 08.08.2011 00:35:44 | Computer Name = Medion-S5610 | Source = Service Control Manager | ID = 7000
Description =
Error - 09.08.2011 12:26:37 | Computer Name = Medion-S5610 | Source = Service Control Manager | ID = 7000
Description =
Error - 10.08.2011 12:23:30 | Computer Name = Medion-S5610 | Source = Service Control Manager | ID = 7000
Description =
Error - 10.08.2011 18:25:50 | Computer Name = Medion-S5610 | Source = DCOM | ID = 10005
Description =
Error - 10.08.2011 18:25:50 | Computer Name = Medion-S5610 | Source = Service Control Manager | ID = 7009
Description =
Error - 10.08.2011 18:25:50 | Computer Name = Medion-S5610 | Source = Service Control Manager | ID = 7000
Description =
Error - 11.08.2011 00:18:36 | Computer Name = Medion-S5610 | Source = Service Control Manager | ID = 7000
Description =
Error - 11.08.2011 12:09:27 | Computer Name = Medion-S5610 | Source = Service Control Manager | ID = 7000
Description =
Error - 11.08.2011 23:54:57 | Computer Name = Medion-S5610 | Source = Service Control Manager | ID = 7000
Description =
Error - 13.08.2011 08:21:37 | Computer Name = Medion-S5610 | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Schritt drei (Rootkit-Suche) folgt gleich...
Grüße uns schon mal vielen Dank im Voraus, Heritage