| |
| |||||||
Log-Analyse und Auswertung: Iminent Programm lässt sich nicht deinstallierenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.06.2013, 15:59
| #1 |
| |  Iminent Programm lässt sich nicht deinstallieren Hallo trojaner Board Heut habe ich in meinem Programme-und-Funktionen Fenster ein Programm gefunden, das ich nicht installiert habe. es heisst Iminent. Ich habe versucht es zu deinstallieren. Aber das hat nicht funktioniert. Hier die LogFiles die Sie möchten: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:17 on 27/06/2013 (Administrator)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter OTL logfile created on: 27.06.2013 16:21:09 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peitz\Desktop\Virus 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 56,26% Memory free 7,82 Gb Paging File | 6,02 Gb Available in Paging File | 76,92% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,58 Gb Total Space | 397,52 Gb Free Space | 87,83% Space Free | Partition Type: NTFS Drive Q: | 11,72 Gb Total Space | 1,87 Gb Free Space | 15,95% Space Free | Partition Type: NTFS Computer Name: PEITZHAUSI | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.27 16:18:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Peitz\Desktop\Virus\OTL.exe PRC - [2013.05.16 14:12:21 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.01.31 11:33:45 | 002,620,016 | ---- | M] (Iminent) -- C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe PRC - [2012.12.19 11:05:40 | 001,074,888 | ---- | M] (Iminent) -- C:\Program Files (x86)\Iminent\Iminent.exe PRC - [2012.12.19 11:05:40 | 000,884,936 | ---- | M] (Iminent) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe PRC - [2012.08.13 11:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2012.08.13 11:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2012.05.11 17:02:38 | 000,034,104 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe PRC - [2011.10.20 13:09:32 | 000,363,584 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe PRC - [2011.10.20 13:09:18 | 000,269,376 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe PRC - [2011.10.20 13:09:16 | 000,134,208 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe PRC - [2011.09.27 14:17:40 | 000,386,408 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\AutoLock\ALCKRESI.exe PRC - [2011.09.01 20:27:08 | 000,446,800 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe PRC - [2011.08.31 20:03:00 | 000,062,824 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe PRC - [2011.08.11 12:04:16 | 000,328,552 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe PRC - [2011.07.22 13:21:34 | 000,060,264 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe PRC - [2011.07.22 13:21:32 | 000,042,344 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TpKnrres.exe PRC - [2011.07.22 13:21:18 | 000,041,832 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe PRC - [2011.07.13 00:57:58 | 000,082,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe PRC - [2011.07.12 09:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\micmute.exe PRC - [2011.07.12 09:53:20 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe PRC - [2011.06.24 08:25:50 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2011.02.24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe PRC - [2011.02.22 05:19:12 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2011.02.22 05:19:08 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2011.01.07 05:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe PRC - [2010.08.31 14:56:16 | 001,028,096 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe PRC - [2010.03.11 15:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009.05.27 23:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe PRC - [2008.10.15 18:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) -- C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe PRC - [2008.01.10 13:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe ========== Modules (No Company Name) ========== MOD - [2013.06.25 07:47:17 | 001,925,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\6df422cd8f4aae708665038e50b1bedf\System.Web.Services.ni.dll MOD - [2013.05.16 09:14:55 | 001,078,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\6ff6bd832b03b5d6ea275ba9bee2d3ef\System.IdentityModel.ni.dll MOD - [2013.05.16 09:14:54 | 018,080,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\be692307d47b83000bba8bb6b484aff0\System.ServiceModel.ni.dll MOD - [2013.05.16 09:13:11 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\019ed4a55ecc7d1f5b933c27970dce9b\System.Runtime.DurableInstancing.ni.dll MOD - [2013.05.16 09:13:10 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2609614ca03927f7a99418c74844059b\System.Runtime.Serialization.ni.dll MOD - [2013.05.15 16:17:39 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll MOD - [2013.05.15 16:17:25 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll MOD - [2013.05.15 16:17:24 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6f120c76113dc5166d2a5a5d21900f39\System.Data.ni.dll MOD - [2013.05.15 16:17:21 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll MOD - [2013.05.15 16:17:17 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll MOD - [2013.05.15 16:17:13 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll MOD - [2013.05.15 16:17:10 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll MOD - [2013.02.15 09:10:02 | 000,148,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\12630df9abc4ebf7ff67de989b8e8123\System.Configuration.Install.ni.dll MOD - [2013.01.10 09:03:46 | 000,787,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.ni.dll MOD - [2013.01.10 09:03:46 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.Wrapper.dll MOD - [2013.01.10 09:03:45 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll MOD - [2013.01.10 09:03:44 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll MOD - [2013.01.10 09:03:09 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll MOD - [2013.01.09 16:58:42 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll MOD - [2013.01.09 16:58:38 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll MOD - [2013.01.09 16:58:36 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll MOD - [2013.01.09 16:58:31 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll MOD - [2012.10.11 22:56:46 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012.10.11 22:56:22 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2012.08.10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2011.09.26 15:22:42 | 002,085,888 | ---- | M] () -- C:\Programme\Lenovo\AutoLock\cv210.dll MOD - [2011.09.26 15:22:40 | 002,201,088 | ---- | M] () -- C:\Programme\Lenovo\AutoLock\cxcore210.dll MOD - [2011.06.24 08:25:49 | 000,329,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\ppGoogleNaClPluginChrome.dll MOD - [2011.06.24 08:25:47 | 003,649,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\pdf.dll MOD - [2011.06.24 08:24:21 | 000,104,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\avutil-50.dll MOD - [2011.06.24 08:24:20 | 000,203,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\avformat-52.dll MOD - [2011.06.24 08:24:18 | 001,846,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\avcodec-52.dll MOD - [2011.06.24 05:20:43 | 006,333,088 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\gcswf32.dll MOD - [2011.06.24 05:20:43 | 006,333,088 | ---- | M] () -- C:\PROGRA~2\Google\Chrome\APPLIC~1\120742~1.112\gcswf32.dll MOD - [2009.05.27 23:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe MOD - [2009.02.27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ========== Services (SafeList) ========== SRV:64bit: - [2011.08.11 04:20:42 | 000,045,928 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC) SRV:64bit: - [2011.03.29 20:15:36 | 000,047,728 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC) SRV:64bit: - [2010.12.17 00:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.06.12 14:24:27 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.01.31 11:33:45 | 002,620,016 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe -- (SProtection) SRV - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012.08.08 11:01:03 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.05.11 17:02:38 | 000,034,104 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService) SRV - [2011.10.20 13:09:18 | 000,269,376 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe -- (AcSvc) SRV - [2011.10.20 13:09:16 | 000,134,208 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc) SRV - [2011.10.17 16:48:24 | 000,970,016 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2011.09.01 20:27:08 | 000,446,800 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe -- (SROSVC) SRV - [2011.08.31 20:03:00 | 000,173,416 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE -- (PwmEWSvc) SRV - [2011.08.31 20:03:00 | 000,087,400 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service) SRV - [2011.07.27 22:04:48 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2011.07.27 21:48:34 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2011.07.27 21:44:18 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2011.07.22 13:21:34 | 000,060,264 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC) SRV - [2011.07.22 13:21:18 | 000,041,832 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE) SRV - [2011.07.13 00:57:58 | 000,082,544 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService) SRV - [2011.07.12 09:54:00 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC) SRV - [2011.07.12 09:53:42 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD) SRV - [2011.07.12 09:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE) SRV - [2011.07.12 09:53:20 | 000,142,696 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC) SRV - [2011.07.08 18:53:20 | 000,144,232 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc) SRV - [2011.02.24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service) SRV - [2011.02.22 05:19:12 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2011.02.22 05:19:08 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2011.01.07 05:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService) SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.08.31 14:56:16 | 001,028,096 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service) SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.11 15:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.10.15 18:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4) SRV - [2008.01.10 13:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.09.28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.12.27 03:10:44 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd) DRV:64bit: - [2011.11.16 21:41:07 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.11.16 21:41:07 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.10.17 17:24:50 | 000,437,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL) DRV:64bit: - [2011.10.17 17:24:44 | 000,164,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2011.10.17 17:24:44 | 000,146,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2011.10.17 17:24:44 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2011.10.17 17:24:44 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2011.09.30 19:16:50 | 000,393,264 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011.08.31 20:03:00 | 000,014,960 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF) DRV:64bit: - [2011.08.19 07:20:36 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2011.08.19 07:20:10 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011.08.11 04:20:42 | 000,039,024 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV) DRV:64bit: - [2011.08.03 18:28:32 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:64bit: - [2011.06.21 16:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2011.06.21 16:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2011.06.16 14:55:18 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:64bit: - [2011.06.16 14:55:18 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.05.30 09:48:04 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvti2c.sys -- (TVTI2C) DRV:64bit: - [2011.05.25 18:23:00 | 000,101,888 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc) DRV:64bit: - [2011.03.29 20:13:40 | 000,139,888 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf) DRV:64bit: - [2011.03.29 20:11:48 | 000,023,664 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN) DRV:64bit: - [2011.03.24 08:36:20 | 001,576,064 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2011.03.04 19:18:42 | 000,166,016 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.10.19 09:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.09.07 07:09:36 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2011.07.08 18:53:24 | 000,032,104 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Programme\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE) DRV - [2011.06.27 17:06:54 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Programme\PC-Doctor\pcdsrvc_x64.pkms -- (PCDSRVC{127174DC-C366ED8B-06020200}_0) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE468 IE - HKCU\..\SearchScopes\{A106E6AE-B359-4A24-9794-AA5C61DF3B03}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=762A9FC4-8CE8-41DD-851C-1552DC308CC7&apn_sauid=2884DC5D-E71A-45A2-9BB9-173CCFF745EC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: webbooster@iminent.com:5.49.4.0 FF - prefs.js..extensions.enabledAddons: YoutubeDownloader@PeterOlayev.com:2.0.9 FF - prefs.js..extensions.enabledAddons: adblockpopups@jessehakanen.net:0.7 FF - prefs.js..keyword.URL: "" FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2012.02.01 12:00:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com [2013.01.10 08:25:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.21 12:19:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.08 10:59:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions [2013.06.27 15:22:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\62qg19cl.default\extensions [2013.06.27 15:21:55 | 000,134,804 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\62qg19cl.default\extensions\adblockpopups@jessehakanen.net.xpi [2013.06.27 15:09:55 | 000,033,312 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\62qg19cl.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2013.06.27 14:59:49 | 000,221,336 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\62qg19cl.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2012.08.23 07:41:21 | 000,002,299 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\62qg19cl.default\searchplugins\askcom.xml [2012.11.21 12:23:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.08.23 07:30:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2012.11.21 12:23:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012.02.09 08:39:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions [2012.02.09 08:39:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012.08.08 11:01:04 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.08.08 11:00:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.08 11:00:25 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.08.08 11:00:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.08.08 11:00:25 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.08.08 11:00:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.08.08 11:00:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\gcswf32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Iminent = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\5.51.3.3_0\ CHR - Extension: Iminent = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.21.4.1_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent) O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo) O4:64bit: - HKLM..\Run: [ALCKRESI.EXE] C:\Programme\Lenovo\AutoLock\ALCKRESI.exe (Lenovo Group Limited) O4:64bit: - HKLM..\Run: [ForteConfig] C:\Programme\CONEXANT\ForteConfig\fmapp.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Programme\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant Systems, Inc.) O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent) O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent) O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.) O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found O4 - HKLM..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.) O4 - HKCU..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe File not found O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.16.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7289B41E-F30B-426A-BF99-FAC432A663E7}: DhcpNameServer = 10.16.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7451574F-2AB0-41F0-8E3B-72C333478F94}: DhcpNameServer = 10.16.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.06.10 18:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ] O33 - MountPoints2\{e09a05c6-103f-11e1-94f9-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{e09a05c6-103f-11e1-94f9-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009.08.10 23:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.27 15:55:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2013.06.27 15:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions [2013.06.19 08:25:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USB DataLogger [2012.06.18 10:56:10 | 000,733,344 | ---- | C] (Microsoft Corporation) -- C:\Program Files\HHUpd.Exe [2012.06.18 10:56:01 | 000,640,000 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dbghelp.dll [2012.06.18 10:56:01 | 000,557,056 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\TEXTKD.dll [2012.06.18 10:56:01 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp71.dll [2012.06.18 10:56:01 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr71.dll [2012.06.18 10:56:01 | 000,299,008 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\proxytrap.dll [2012.06.18 10:56:00 | 001,638,400 | ---- | C] (Siemens AG) -- C:\Program Files\CLCAPI.dll [2012.06.18 10:56:00 | 001,474,604 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\TCheckLic.dll [2012.06.18 10:55:59 | 000,618,496 | ---- | C] (Apache Software Foundation) -- C:\Program Files\xerces12.dll [2012.06.18 10:55:59 | 000,561,152 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Texd22.dll [2012.06.18 10:55:59 | 000,225,326 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\TCheckReg.dll [2012.06.18 10:55:59 | 000,122,925 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Compress.dll [2012.06.18 10:55:58 | 009,699,373 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Ass_150e.exe [2012.06.18 10:55:58 | 008,552,448 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Tbitmap.dll [2012.06.18 10:55:58 | 000,843,776 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Tres3001.dll [2012.06.18 10:55:58 | 000,360,492 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Tcomm32.dll [2012.06.18 10:55:57 | 001,351,724 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\AssCkds.dll [2012.06.18 10:55:57 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mfc42.dll [2012.06.18 10:55:57 | 000,947,712 | ---- | C] (Siemens Enterprise Communications GmbH & Co. KG) -- C:\Program Files\mdfprint.dll [2012.06.18 10:55:57 | 000,278,581 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcrt.dll [2012.06.18 10:55:57 | 000,026,768 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ctl3d.dll [2012.06.18 10:55:56 | 000,294,957 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6005.dll [2012.06.18 10:55:56 | 000,294,957 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6004.dll [2012.06.18 10:55:56 | 000,294,957 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6003.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6806.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6805.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6804.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6406.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6405.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6404.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6403.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6206.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6205.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6204.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6203.dll [2012.06.18 10:55:56 | 000,286,765 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5804.dll [2012.06.18 10:55:56 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5803.dll [2012.06.18 10:55:56 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5802.dll [2012.06.18 10:55:55 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5801.dll [2012.06.18 10:55:55 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5314.dll [2012.06.18 10:55:55 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5313.dll [2012.06.18 10:55:55 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5312.dll [2012.06.18 10:55:55 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5311.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5204.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5203.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5202.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5201.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5114.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5113.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5112.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5111.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5104.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5103.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5102.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5101.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5004.dll [2012.06.18 10:55:54 | 001,028,141 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6805.dll [2012.06.18 10:55:54 | 001,019,949 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6405.dll [2012.06.18 10:55:54 | 000,978,989 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6806.dll [2012.06.18 10:55:54 | 000,970,797 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6804.dll [2012.06.18 10:55:54 | 000,966,701 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6406.dll [2012.06.18 10:55:54 | 000,962,605 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6404.dll [2012.06.18 10:55:54 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5002.dll [2012.06.18 10:55:54 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5001.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5003.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4304.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4302.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4301.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4204.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4202.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4201.dll [2012.06.18 10:55:54 | 000,258,093 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4303.dll [2012.06.18 10:55:54 | 000,253,997 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4203.dll [2012.06.18 10:55:54 | 000,241,709 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form3001.dll [2012.06.18 10:55:54 | 000,225,280 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\FORM4002.dll [2012.06.18 10:55:54 | 000,225,280 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4001.dll [2012.06.18 10:55:54 | 000,225,280 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\FORM3002.dll [2012.06.18 10:55:54 | 000,221,184 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\FORM4003.dll [2012.06.18 10:55:54 | 000,221,184 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\FORM3003.dll [2012.06.18 10:55:53 | 000,970,797 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6205.dll [2012.06.18 10:55:53 | 000,970,797 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6005.dll [2012.06.18 10:55:53 | 000,917,549 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6206.dll [2012.06.18 10:55:53 | 000,913,453 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6204.dll [2012.06.18 10:55:53 | 000,913,453 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6004.dll [2012.06.18 10:55:53 | 000,835,629 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6403.dll [2012.06.18 10:55:53 | 000,802,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6003.dll [2012.06.18 10:55:53 | 000,798,765 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6203.dll [2012.06.18 10:55:53 | 000,643,117 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5802.dll [2012.06.18 10:55:53 | 000,643,117 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5312.dll [2012.06.18 10:55:53 | 000,639,021 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5804.dll [2012.06.18 10:55:53 | 000,639,021 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5801.dll [2012.06.18 10:55:53 | 000,639,021 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5314.dll [2012.06.18 10:55:53 | 000,639,021 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5311.dll [2012.06.18 10:55:53 | 000,614,445 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5803.dll [2012.06.18 10:55:53 | 000,614,445 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5313.dll [2012.06.18 10:55:53 | 000,512,045 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5204.dll [2012.06.18 10:55:53 | 000,487,469 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5203.dll [2012.06.18 10:55:52 | 000,585,773 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5112.dll [2012.06.18 10:55:52 | 000,581,677 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5114.dll [2012.06.18 10:55:52 | 000,581,677 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5111.dll [2012.06.18 10:55:52 | 000,565,293 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5113.dll [2012.06.18 10:55:52 | 000,557,101 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5104.dll [2012.06.18 10:55:52 | 000,557,101 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5101.dll [2012.06.18 10:55:52 | 000,548,909 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5102.dll [2012.06.18 10:55:52 | 000,536,621 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5103.dll [2012.06.18 10:55:52 | 000,512,045 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5201.dll [2012.06.18 10:55:52 | 000,503,853 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5202.dll [2012.06.18 10:55:52 | 000,491,565 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5004.dll [2012.06.18 10:55:52 | 000,491,565 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5001.dll [2012.06.18 10:55:52 | 000,487,469 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5002.dll [2012.06.18 10:55:52 | 000,471,085 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5003.dll [2012.06.18 10:55:52 | 000,466,989 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4304.dll [2012.06.18 10:55:52 | 000,462,893 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4302.dll [2012.06.18 10:55:52 | 000,446,509 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4303.dll [2012.06.18 10:55:51 | 000,466,989 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4301.dll [2012.06.18 10:55:51 | 000,466,989 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4204.dll [2012.06.18 10:55:51 | 000,466,989 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4201.dll [2012.06.18 10:55:51 | 000,462,893 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4202.dll [2012.06.18 10:55:51 | 000,446,509 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4203.dll [2012.06.18 10:55:51 | 000,405,549 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs4001.dll [2012.06.18 10:55:51 | 000,401,453 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4002.dll [2012.06.18 10:55:51 | 000,385,069 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4003.dll [2012.06.18 10:55:51 | 000,372,781 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs3001.dll [2012.06.18 10:55:51 | 000,368,685 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs3002.dll [2012.06.18 10:55:51 | 000,360,493 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs3003.dll [2012.06.18 10:55:51 | 000,213,037 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\tebrantk.dll [2012.06.18 10:55:51 | 000,213,037 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\tebransi.dll [2012.06.18 10:55:51 | 000,213,037 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\tebranft.dll ========== Files - Modified Within 30 Days ========== [2013.06.27 16:20:45 | 000,031,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.27 16:20:45 | 000,031,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.27 16:19:00 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2013.06.27 16:18:00 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2013.06.27 16:17:49 | 006,721,470 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.27 16:17:49 | 002,472,438 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.27 16:17:49 | 002,077,742 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.27 16:17:49 | 001,861,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.27 16:17:49 | 000,006,248 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.27 16:17:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.27 16:16:55 | 000,000,000 | ---- | M] () -- C:\Users\Administrator\defogger_reenable [2013.06.27 16:13:41 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.27 16:13:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.27 16:13:07 | 3151,417,344 | -HS- | M] () -- C:\hiberfil.sys [2013.06.27 16:03:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.19 08:25:18 | 000,001,992 | ---- | M] () -- C:\Users\Administrator\Desktop\USB DataLogger.lnk ========== Files Created - No Company Name ========== [2013.06.27 16:16:55 | 000,000,000 | ---- | C] () -- C:\Users\Administrator\defogger_reenable [2012.06.18 10:56:13 | 000,012,697 | ---- | C] () -- C:\Windows\ASS_150E.INI [2012.06.18 10:56:11 | 000,048,784 | ---- | C] () -- C:\Program Files\octo.mib [2012.06.18 10:56:11 | 000,041,922 | ---- | C] () -- C:\Program Files\KDS6804.BIN [2012.06.18 10:56:11 | 000,041,604 | ---- | C] () -- C:\Program Files\KDS6404.BIN [2012.06.18 10:56:11 | 000,041,241 | ---- | C] () -- C:\Program Files\KDS6004.BIN [2012.06.18 10:56:11 | 000,041,235 | ---- | C] () -- C:\Program Files\KDS6204.BIN [2012.06.18 10:56:11 | 000,033,750 | ---- | C] () -- C:\Program Files\KDS6806.BIN [2012.06.18 10:56:11 | 000,033,432 | ---- | C] () -- C:\Program Files\KDS6406.BIN [2012.06.18 10:56:11 | 000,033,060 | ---- | C] () -- C:\Program Files\KDS6206.BIN [2012.06.18 10:56:11 | 000,030,681 | ---- | C] () -- C:\Program Files\KDS5804.BIN [2012.06.18 10:56:11 | 000,030,681 | ---- | C] () -- C:\Program Files\KDS5801.BIN [2012.06.18 10:56:11 | 000,030,681 | ---- | C] () -- C:\Program Files\KDS5314.BIN [2012.06.18 10:56:11 | 000,030,681 | ---- | C] () -- C:\Program Files\KDS5311.BIN [2012.06.18 10:56:11 | 000,026,901 | ---- | C] () -- C:\Program Files\KDS5802.BIN [2012.06.18 10:56:11 | 000,026,901 | ---- | C] () -- C:\Program Files\KDS5312.BIN [2012.06.18 10:56:11 | 000,024,717 | ---- | C] () -- C:\Program Files\KDS5104.BIN [2012.06.18 10:56:11 | 000,024,717 | ---- | C] () -- C:\Program Files\KDS5101.BIN [2012.06.18 10:56:11 | 000,024,141 | ---- | C] () -- C:\Program Files\KDS5114.BIN [2012.06.18 10:56:11 | 000,024,141 | ---- | C] () -- C:\Program Files\KDS5111.BIN [2012.06.18 10:56:11 | 000,023,976 | ---- | C] () -- C:\Program Files\KDS6403.BIN [2012.06.18 10:56:11 | 000,023,961 | ---- | C] () -- C:\Program Files\KDS6003.BIN [2012.06.18 10:56:11 | 000,023,955 | ---- | C] () -- C:\Program Files\KDS6203.BIN [2012.06.18 10:56:11 | 000,022,434 | ---- | C] () -- C:\Program Files\KDS5204.BIN [2012.06.18 10:56:11 | 000,022,434 | ---- | C] () -- C:\Program Files\KDS5201.BIN [2012.06.18 10:56:11 | 000,021,849 | ---- | C] () -- C:\Program Files\KDS5112.BIN [2012.06.18 10:56:11 | 000,021,840 | ---- | C] () -- C:\Program Files\KDS5102.BIN [2012.06.18 10:56:11 | 000,021,834 | ---- | C] () -- C:\Program Files\KDS5202.BIN [2012.06.18 10:56:11 | 000,021,693 | ---- | C] () -- C:\Program Files\KDS5004.BIN [2012.06.18 10:56:11 | 000,021,693 | ---- | C] () -- C:\Program Files\KDS5001.BIN [2012.06.18 10:56:11 | 000,021,642 | ---- | C] () -- C:\Program Files\KDS4304.BIN [2012.06.18 10:56:11 | 000,021,642 | ---- | C] () -- C:\Program Files\KDS4301.BIN [2012.06.18 10:56:11 | 000,021,618 | ---- | C] () -- C:\Program Files\KDS4204.BIN [2012.06.18 10:56:11 | 000,021,618 | ---- | C] () -- C:\Program Files\KDS4201.BIN [2012.06.18 10:56:11 | 000,021,438 | ---- | C] () -- C:\Program Files\KDS4001.BIN [2012.06.18 10:56:11 | 000,021,336 | ---- | C] () -- C:\Program Files\KDS3001.BIN [2012.06.18 10:56:11 | 000,021,093 | ---- | C] () -- C:\Program Files\KDS5002.BIN [2012.06.18 10:56:11 | 000,021,042 | ---- | C] () -- C:\Program Files\KDS4302.BIN [2012.06.18 10:56:11 | 000,021,018 | ---- | C] () -- C:\Program Files\KDS4202.BIN [2012.06.18 10:56:11 | 000,020,838 | ---- | C] () -- C:\Program Files\KDS4002.BIN [2012.06.18 10:56:11 | 000,020,736 | ---- | C] () -- C:\Program Files\KDS3002.BIN [2012.06.18 10:56:11 | 000,019,017 | ---- | C] () -- C:\Program Files\KDS5803.BIN [2012.06.18 10:56:11 | 000,019,017 | ---- | C] () -- C:\Program Files\KDS5313.BIN [2012.06.18 10:56:11 | 000,016,989 | ---- | C] () -- C:\Program Files\KDS5113.BIN [2012.06.18 10:56:11 | 000,016,980 | ---- | C] () -- C:\Program Files\KDS5103.BIN [2012.06.18 10:56:11 | 000,016,974 | ---- | C] () -- C:\Program Files\KDS5203.BIN [2012.06.18 10:56:11 | 000,016,713 | ---- | C] () -- C:\Program Files\KDS5003.BIN [2012.06.18 10:56:11 | 000,016,662 | ---- | C] () -- C:\Program Files\KDS4303.BIN [2012.06.18 10:56:11 | 000,016,638 | ---- | C] () -- C:\Program Files\KDS4203.BIN [2012.06.18 10:56:11 | 000,016,458 | ---- | C] () -- C:\Program Files\KDS4003.BIN [2012.06.18 10:56:11 | 000,016,356 | ---- | C] () -- C:\Program Files\KDS3003.BIN [2012.06.18 10:56:11 | 000,006,984 | ---- | C] () -- C:\Program Files\managerc4inv.xml [2012.06.18 10:56:03 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_usa.dll [2012.06.18 10:56:02 | 001,413,120 | ---- | C] () -- C:\Program Files\text_all.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_tsc.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_swe.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_srl.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_src.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_spa.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_slw.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_slo.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_rus.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_rom.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_por.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_pol.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_ndl.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_mkd.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_lit.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_let.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_kat.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_itl.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_hun.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_gre.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_fra.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_fin.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_est.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_dan.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_cro.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_brd.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_bgr.dll [2012.06.18 10:56:02 | 000,086,016 | ---- | C] () -- C:\Program Files\Text_tur.dll [2012.06.18 10:56:02 | 000,086,016 | ---- | C] () -- C:\Program Files\Text_nor.dll [2012.06.18 10:56:02 | 000,086,016 | ---- | C] () -- C:\Program Files\Text_gbr.dll [2012.06.18 10:56:02 | 000,081,920 | ---- | C] () -- C:\Program Files\Text_chn.dll [2012.06.18 10:56:01 | 000,131,072 | ---- | C] () -- C:\Program Files\REV_D.dll [2012.06.18 10:56:01 | 000,045,056 | ---- | C] () -- C:\Program Files\StatViewRes.dll [2012.06.18 10:55:59 | 000,077,868 | ---- | C] () -- C:\Program Files\pingsk2.dll [2012.06.18 10:55:57 | 000,299,051 | ---- | C] () -- C:\Program Files\comspy.dll [2012.06.18 10:55:57 | 000,217,088 | ---- | C] () -- C:\Program Files\widge32.dll [2012.06.18 10:55:57 | 000,110,653 | ---- | C] () -- C:\Program Files\ISDNTRA.EXE [2012.06.18 10:55:57 | 000,006,546 | ---- | C] () -- C:\Program Files\FINDCOMP.ANI [2012.06.18 10:55:57 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgTHA.xml [2012.06.18 10:55:57 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgSGP.xml [2012.06.18 10:55:57 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgSAF.xml [2012.06.18 10:55:57 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgRP.xml [2012.06.18 10:55:57 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgRA.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgUKR.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgTUR.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgTSC.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgSPA.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgSCH.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgRUS.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgPOR.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgPOL.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgPAK.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgOES.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgNOR.xml [2012.06.18 10:55:56 | 001,149,287 | ---- | C] () -- C:\Program Files\k_sample.kds [2012.06.18 10:55:56 | 000,012,697 | ---- | C] () -- C:\Program Files\ass_150e.ini [2012.06.18 10:55:56 | 000,001,476 | ---- | C] () -- C:\Program Files\RNAssCfgFRA.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgUSA.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgMAL.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgINT.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgIND.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgHGK.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgCHI.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgBRA.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgWRU.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgNDL.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgKOR.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgITA.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgIRL.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgHUN.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgGRE.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgGBR.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgFIN.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgDAN.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgCH.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgBRD.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgBEL.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgAUS.xml [2012.06.18 10:55:54 | 000,208,896 | ---- | C] () -- C:\Program Files\hascoder.dll [2012.06.18 10:55:54 | 000,180,224 | ---- | C] () -- C:\Program Files\hasdecoder.dll [2012.06.18 10:55:54 | 000,118,784 | ---- | C] () -- C:\Program Files\Coder_2.dll [2012.06.18 10:55:54 | 000,045,056 | ---- | C] () -- C:\Program Files\Coder_1.dll [2012.06.18 10:55:51 | 000,000,007 | ---- | C] () -- C:\Program Files\ass_150e.aiv [2012.02.14 11:47:49 | 000,001,025 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2012.02.14 11:47:49 | 000,000,160 | ---- | C] () -- C:\Windows\brpcfx.ini [2012.02.14 11:47:22 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.02.14 11:47:22 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7820N.DAT [2012.02.14 11:42:32 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2012.02.14 11:42:31 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2012.02.14 11:42:31 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2011.11.16 13:04:10 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.11.16 13:04:10 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.11.16 13:04:10 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.11.16 13:04:09 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011.11.16 13:04:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.11.16 12:55:39 | 000,006,438 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.06.18 10:59:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Deutsche Telekom AG [2013.01.31 11:09:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Iminent [2012.01.25 15:28:42 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Leadertech [2012.09.12 12:06:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mactracker [2012.08.24 11:07:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org [2012.01.25 15:30:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PCDr [2012.01.25 15:31:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PwrMgr [2012.05.22 16:00:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TeamViewer ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 27.06.2013 16:21:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peitz\Desktop\Virus
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 56,26% Memory free
7,82 Gb Paging File | 6,02 Gb Available in Paging File | 76,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,58 Gb Total Space | 397,52 Gb Free Space | 87,83% Space Free | Partition Type: NTFS
Drive Q: | 11,72 Gb Total Space | 1,87 Gb Free Space | 15,95% Space Free | Partition Type: NTFS
Computer Name: PEITZHAUSI | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{019C3D07-63BB-4BEF-BB92-AA8BAE77A587}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0320AD0E-25CB-4974-971B-36CCD0873D52}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{15755F6E-544B-4509-8F63-2CED248425C9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{189956F4-675A-4F9C-B239-58DD136122DC}" = rport=137 | protocol=17 | dir=out | app=system |
"{1CC2F000-61BB-430F-A4CB-55B02CD48E30}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{22528AFA-A510-4DD1-A81C-C39C24126C6B}" = lport=138 | protocol=17 | dir=in | app=system |
"{28CF833D-FC5B-4296-A2CF-7212DBC8A6AF}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FD13F71-B5CE-4AA8-AA0A-55510A957269}" = rport=445 | protocol=6 | dir=out | app=system |
"{409D321E-F54E-4569-823C-D78AE76B30CE}" = lport=137 | protocol=17 | dir=in | app=system |
"{55778DD8-F63E-45F9-AF56-D4CDFC71AFF7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{627705D5-EA0D-4D2A-A1E0-38B50BA3E25F}" = lport=139 | protocol=6 | dir=in | app=system |
"{6BB558D7-74C7-4099-9862-1FEAD694D0AE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6E63790A-33E3-4B9D-AC81-EE5E927D08A2}" = rport=138 | protocol=17 | dir=out | app=system |
"{74A20741-478E-4D69-9DF2-EF823AD135BC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{790A8CC2-C9D5-4D2B-9867-F5699307C18A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7B6202C7-9166-4C78-9380-550957BA231F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7F6BD209-169B-4BA0-9196-EAEE68DA0558}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8E4F4D39-4C99-40A3-89C9-2A8E41A1551F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9659A3CC-F1C5-4C28-ADD5-6457F5E3857C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B9616B8-5373-4AEB-8D83-2208ED9A6779}" = rport=139 | protocol=6 | dir=out | app=system |
"{AD81B638-3BB6-4215-BABF-E8F5954E2506}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C1E368F9-7F34-4187-A2CD-84ACD6D12203}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F46BD45B-5E7E-4688-9287-D591AF0379E6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F5BC1E4-CCAD-4B11-AE9C-EB2CC19E4182}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1522BC7F-BCF2-4A88-81F9-7437F667BE8D}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{2736C9C2-7C86-4D16-905F-2554C1C6BE56}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2CEB0CCD-3BA3-485F-B5CB-8E54D0C26397}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{36637283-840B-42AF-B624-B29B37C08310}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4D81BE44-43FC-4D64-9BC1-3661A1745C8B}" = dir=in | app=c:\program files (x86)\iminent\iminent.exe |
"{5A7F8E4D-D13D-4F0F-AAC1-BAC59F71EE53}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5FE4426A-0196-4B8F-9E6E-286C983AD3CD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{84434705-CEBE-4477-9A89-98488BB5F918}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9BC8FA8B-4529-40F0-8889-DF3593E99B43}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{A9254B9F-D599-4C9F-93CA-284AE8A52B06}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B6043AB3-99A9-4A8F-A263-0BB0ACEC3AA1}" = dir=in | app=c:\program files (x86)\iminent\iminent.messengers.exe |
"{B8F0C91B-2BBA-4C50-8770-57E7FF2AA29E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BA3B0DC4-98BF-429B-90B2-D84369928FE3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BD17B80A-BEE3-47A6-907F-AE3FDBDE04A7}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{C47B687B-2953-47D2-9FA6-01E23D8826E2}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D8344FCB-1F6D-4E65-91F4-37A35CA2E002}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E79FA992-A172-4143-9393-4B2658E30821}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F01FC456-15E7-40C6-B82B-1A98BB44350B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F4E28B27-7D58-44DD-9D24-88A190A5341D}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{25FBDA9A-E868-4B3B-B9FF-D923818511A1}" = Intel(R) PROSet/Wireless WiFi-Software
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
"{39A04221-294E-4D90-A0F2-CCB1EF15CB56}" = Lenovo Patch Utility 64 bit
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1" = ThinkVantage AutoLock
"{EFC9FE7C-ECE8-4282-8F77-FEDCAD374C77}" = Lenovo SimpleTap
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"01E3B64834B04ABAC85D8E1D3EBDC567D83AD29B" = Windows-Treiberpaket - Lenovo 1.64.00.00 (07/28/2011 1.64.00.00)
"73C6BE3E3B6FC5418F2B47E6C75F6C8F9552DC12" = Windows-Treiberpaket - Intel (iaStor) hdc (11/06/2010 10.1.0.1008)
"828B05D2B647CDAEA22493F7BFB96847265EE596" = Windows-Treiberpaket - Realtek (RTL8167) Net (12/29/2010 7.037.1229.2010)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"DDD8A532E361E9A878EBEF69C338B306810DF059" = Windows-Treiberpaket - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0)
"DisableAMTPopup" = Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7
"EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"OnScreenDisplay" = Anzeige am Bildschirm
"PC-Doctor for Windows" = Lenovo ThinkVantage Toolbox
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = ThinkPad UltraNav Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{24E92E7A-6848-4747-A3EA-3AAC0576BE52}" = Lenovo Patch Utility
"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
"{26A24AE4-039D-4CA4-87B4-2F83216034FF}" = Java(TM) 6 Update 37
"{2DBAD634-0032-42E8-8A04-B4CFC5062EB0}" = Iminent
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CC0E398-BF90-11D4-8E44-000102A1C932}" = Kunden Manager 68.50.652.0
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory 7
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{656C56F0-7B3D-401E-BEC3-FFCC674ACB1F}" = Keyvi3
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{781A93CD-1608-427D-B7F0-D05C07795B25}" = Intel(R) WiDi
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ThinkVantage Access Connections
"{91A29166-4E1B-4664-B70B-4C4A3B6B3372}" = Lenovo Screen Reading Optimizer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}" = Integrated Camera TWAIN
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Burn.Now 4.5
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2CA6F37-1602-4823-81B5-0384B6888AA6}" = Integrated Camera Driver Installer Package Ver.1.1.0.1147
"{B64B2351-10AE-4890-9D5E-F9BDC292801D}_is1" = Dietrich's AG PlanCAD-L
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}" = Rescue and Recovery
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}" = Brother MFL-Pro Suite MFC-7820N
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Energie-Manager
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E8D46836-CD55-453C-A107-A59EC51CB8DC}" = VIP Access
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.14.18.01
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Google Chrome" = Google Chrome
"IMBoosterARP" = Iminent
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory Lenovo Edition
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Corel Burn.Now Lenovo Edition
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"Lenovo Welcome_is1" = Lenovo Welcome
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"ProInst" = Intel PROSet Wireless
"RealVNC_is1" = VNC Free Edition 4.1.3
"USB DataLogger_is1" = 1.10
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31.05.2013 01:52:24 | Computer Name = PeitzHausi | Source = WinMgmt | ID = 10
Description =
Error - 31.05.2013 01:56:34 | Computer Name = PeitzHausi | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 31.05.2013 01:56:34 | Computer Name = PeitzHausi | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 31.05.2013 01:56:34 | Computer Name = PeitzHausi | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 31.05.2013 03:31:42 | Computer Name = PeitzHausi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 31.05.2013 03:31:42 | Computer Name = PeitzHausi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1030
Error - 31.05.2013 03:31:42 | Computer Name = PeitzHausi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1030
Error - 31.05.2013 03:31:43 | Computer Name = PeitzHausi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 31.05.2013 03:31:43 | Computer Name = PeitzHausi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2028
Error - 31.05.2013 03:31:43 | Computer Name = PeitzHausi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2028
[ Lenovo-Lenovo Patch Utility/Admin Events ]
Error - 25.01.2012 09:29:27 | Computer Name = PeitzHausi | Source = Lenovo Patch Utility | ID = 2
Description = Can not grant access to Everyone: Manche oder alle Identitätsverweise
konnten nicht übersetzt werden.
Error - 25.01.2012 09:29:29 | Computer Name = PeitzHausi | Source = Lenovo Patch Utility | ID = 1
Description = HttpFileDownloader failed to download the file "hxxp://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches/x64//PM.manifest.xml".
Error message: Der Remoteserver hat einen Fehler zurückgegeben: (404) Nicht gefunden.
[ Lenovo-Message Center Plus/Admin Events ]
Error - 15.05.2013 04:33:50 | Computer Name = PeitzHausi | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt. ->
Exception message: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
[ System Events ]
Error - 12.12.2012 05:48:40 | Computer Name = PeitzHausi | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.141.1580.0 Aktualisierungsquelle:
%%859 Aktualisierungsphase: %%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp:
%%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion:
Vorherige Modulversion: 1.1.9002.0 Fehlercode: 0x8024402c Fehlerbeschreibung: Unerwartetes
Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates
oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Error - 12.12.2012 07:41:50 | Computer Name = PeitzHausi | Source = DCOM | ID = 10010
Description =
Error - 19.12.2012 02:27:19 | Computer Name = PeitzHausi | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147014847
Error - 09.01.2013 10:49:35 | Computer Name = PeitzHausi | Source = DCOM | ID = 10010
Description =
Error - 10.01.2013 02:17:04 | Computer Name = PeitzHausi | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
Error - 10.01.2013 02:25:02 | Computer Name = PeitzHausi | Source = Service Control Manager | ID = 7030
Description = Der Dienst "SProtection" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 16.01.2013 04:51:45 | Computer Name = PeitzHausi | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.141.3926.0 Aktualisierungsquelle:
%%859 Aktualisierungsphase: %%853 Quellpfad: hxxp://www.microsoft.com Signaturtyp:
%%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion:
Vorherige Modulversion: 1.1.9002.0 Fehlercode: 0x80240022 Fehlerbeschreibung: Die
Suche des Programms nach Definitionsaktualisierungen ist nicht möglich.
Error - 16.01.2013 04:51:45 | Computer Name = PeitzHausi | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.141.3926.0 Aktualisierungsquelle:
%%859 Aktualisierungsphase: %%853 Quellpfad: hxxp://www.microsoft.com Signaturtyp:
%%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion:
Vorherige Modulversion: 1.1.9002.0 Fehlercode: 0x80240022 Fehlerbeschreibung: Die
Suche des Programms nach Definitionsaktualisierungen ist nicht möglich.
Error - 23.01.2013 10:29:43 | Computer Name = PeitzHausi | Source = DCOM | ID = 10010
Description =
Error - 23.01.2013 10:29:46 | Computer Name = PeitzHausi | Source = DCOM | ID = 10010
Description =
< End of report >
Ich bedanke mich schonmal im Vorraus für eure Hilfe |
|
27.06.2013, 16:05
| #2 |
| /// Helfer-Team  |  Iminent Programm lässt sich nicht deinstallieren Downloade Dir bitte  AdwCleaner auf deinen Desktop.
dann: Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ |
|
03.07.2013, 10:52
| #3 |
| | Iminent Programm lässt sich nicht deinstallieren Hier beide Dateien zur weiteren Verwendung:
__________________Code:
ATTFilter # AdwCleaner v2.303 - Datei am 03/07/2013 um 11:20:35 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Administrator - PEITZHAUSI
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Peitz\Desktop\Virus\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : SProtection
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
Datei Gelöscht : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\62qg19cl.default\searchplugins\Askcom.xml
Gelöscht mit Neustart : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Iminent
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\ADMINI~1\AppData\Local\Temp\Iminent
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Ordner Gelöscht : C:\Users\Administrator\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Peitz\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Peitz\AppData\Roaming\Iminent
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\436DABD223008E24A8404BFC5C60E20B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\436DABD223008E24A8404BFC5C60E20B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\Software\Umbrella
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DBAD634-0032-42E8-8A04-B4CFC5062EB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16490
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v14.0.1 (de)
Datei : C:\Users\Peitz\AppData\Roaming\Mozilla\Firefox\Profiles\0o2fub7k.default\prefs.js
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_u[...]
Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\62qg19cl.default\prefs.js
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
-\\ Google Chrome v12.0.742.112
Datei : C:\Users\Peitz\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
Datei : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [23853 octets] - [03/07/2013 11:20:35]
########## EOF - \AdwCleaner[S1].txt - [23914 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x64
Ran by Administrator on 03.07.2013 at 11:36:39,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A106E6AE-B359-4A24-9794-AA5C61DF3B03}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.07.2013 at 11:40:43,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Danke weiter für die Hilfe |
|
03.07.2013, 14:44
| #4 |
| /// Helfer-Team | Iminent Programm lässt sich nicht deinstallieren Besteht das Problem noch? Systemscan mit OTL (bebilderte Anleitung) Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe
|
|
04.09.2013, 10:02
| #5 |
| | Iminent Programm lässt sich nicht deinstallieren Hier die beiden Logfiles: Code:
ATTFilter OTL Extras logfile created on: 04.09.2013 10:49:44 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peitz\Desktop\Virus
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,19% Memory free
7,82 Gb Paging File | 5,84 Gb Available in Paging File | 74,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,58 Gb Total Space | 397,45 Gb Free Space | 87,82% Space Free | Partition Type: NTFS
Drive Q: | 11,72 Gb Total Space | 1,87 Gb Free Space | 15,95% Space Free | Partition Type: NTFS
Computer Name: PEITZHAUSI | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-2709154191-1208877422-289750601-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{019C3D07-63BB-4BEF-BB92-AA8BAE77A587}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0320AD0E-25CB-4974-971B-36CCD0873D52}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{15755F6E-544B-4509-8F63-2CED248425C9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{189956F4-675A-4F9C-B239-58DD136122DC}" = rport=137 | protocol=17 | dir=out | app=system |
"{1CC2F000-61BB-430F-A4CB-55B02CD48E30}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{22528AFA-A510-4DD1-A81C-C39C24126C6B}" = lport=138 | protocol=17 | dir=in | app=system |
"{28CF833D-FC5B-4296-A2CF-7212DBC8A6AF}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FD13F71-B5CE-4AA8-AA0A-55510A957269}" = rport=445 | protocol=6 | dir=out | app=system |
"{409D321E-F54E-4569-823C-D78AE76B30CE}" = lport=137 | protocol=17 | dir=in | app=system |
"{55778DD8-F63E-45F9-AF56-D4CDFC71AFF7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{627705D5-EA0D-4D2A-A1E0-38B50BA3E25F}" = lport=139 | protocol=6 | dir=in | app=system |
"{6BB558D7-74C7-4099-9862-1FEAD694D0AE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6E63790A-33E3-4B9D-AC81-EE5E927D08A2}" = rport=138 | protocol=17 | dir=out | app=system |
"{74A20741-478E-4D69-9DF2-EF823AD135BC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{790A8CC2-C9D5-4D2B-9867-F5699307C18A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7B6202C7-9166-4C78-9380-550957BA231F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7F6BD209-169B-4BA0-9196-EAEE68DA0558}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8E4F4D39-4C99-40A3-89C9-2A8E41A1551F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9659A3CC-F1C5-4C28-ADD5-6457F5E3857C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B9616B8-5373-4AEB-8D83-2208ED9A6779}" = rport=139 | protocol=6 | dir=out | app=system |
"{AD81B638-3BB6-4215-BABF-E8F5954E2506}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C1E368F9-7F34-4187-A2CD-84ACD6D12203}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F46BD45B-5E7E-4688-9287-D591AF0379E6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F5BC1E4-CCAD-4B11-AE9C-EB2CC19E4182}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1522BC7F-BCF2-4A88-81F9-7437F667BE8D}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{2736C9C2-7C86-4D16-905F-2554C1C6BE56}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2CEB0CCD-3BA3-485F-B5CB-8E54D0C26397}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{36637283-840B-42AF-B624-B29B37C08310}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4D81BE44-43FC-4D64-9BC1-3661A1745C8B}" = dir=in | app=c:\program files (x86)\iminent\iminent.exe |
"{5A7F8E4D-D13D-4F0F-AAC1-BAC59F71EE53}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5FE4426A-0196-4B8F-9E6E-286C983AD3CD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8D95C748-58DD-4F80-B037-16969F47A73E}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{9505BCA6-7BAA-4F2D-8A48-0C58C9E127DE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{A9254B9F-D599-4C9F-93CA-284AE8A52B06}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B6043AB3-99A9-4A8F-A263-0BB0ACEC3AA1}" = dir=in | app=c:\program files (x86)\iminent\iminent.messengers.exe |
"{B8F0C91B-2BBA-4C50-8770-57E7FF2AA29E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BA3B0DC4-98BF-429B-90B2-D84369928FE3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BD17B80A-BEE3-47A6-907F-AE3FDBDE04A7}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{C47B687B-2953-47D2-9FA6-01E23D8826E2}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D8344FCB-1F6D-4E65-91F4-37A35CA2E002}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E431A956-94AA-427B-B033-44406F343EA7}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{E79FA992-A172-4143-9393-4B2658E30821}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F01FC456-15E7-40C6-B82B-1A98BB44350B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{25FBDA9A-E868-4B3B-B9FF-D923818511A1}" = Intel(R) PROSet/Wireless WiFi-Software
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{39A04221-294E-4D90-A0F2-CCB1EF15CB56}" = Lenovo Patch Utility 64 bit
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1" = ThinkVantage AutoLock
"{EFC9FE7C-ECE8-4282-8F77-FEDCAD374C77}" = Lenovo SimpleTap
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"01E3B64834B04ABAC85D8E1D3EBDC567D83AD29B" = Windows-Treiberpaket - Lenovo 1.64.00.00 (07/28/2011 1.64.00.00)
"73C6BE3E3B6FC5418F2B47E6C75F6C8F9552DC12" = Windows-Treiberpaket - Intel (iaStor) hdc (11/06/2010 10.1.0.1008)
"828B05D2B647CDAEA22493F7BFB96847265EE596" = Windows-Treiberpaket - Realtek (RTL8167) Net (12/29/2010 7.037.1229.2010)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"DDD8A532E361E9A878EBEF69C338B306810DF059" = Windows-Treiberpaket - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0)
"DisableAMTPopup" = Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7
"EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"OnScreenDisplay" = Anzeige am Bildschirm
"PC-Doctor for Windows" = Lenovo ThinkVantage Toolbox
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = ThinkPad UltraNav Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{24E92E7A-6848-4747-A3EA-3AAC0576BE52}" = Lenovo Patch Utility
"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
"{26A24AE4-039D-4CA4-87B4-2F83216034FF}" = Java(TM) 6 Update 37
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CC0E398-BF90-11D4-8E44-000102A1C932}" = Kunden Manager 68.50.652.0
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory 7
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{656C56F0-7B3D-401E-BEC3-FFCC674ACB1F}" = Keyvi3
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{781A93CD-1608-427D-B7F0-D05C07795B25}" = Intel(R) WiDi
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ThinkVantage Access Connections
"{91A29166-4E1B-4664-B70B-4C4A3B6B3372}" = Lenovo Screen Reading Optimizer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}" = Integrated Camera TWAIN
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Burn.Now 4.5
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2CA6F37-1602-4823-81B5-0384B6888AA6}" = Integrated Camera Driver Installer Package Ver.1.1.0.1147
"{B64B2351-10AE-4890-9D5E-F9BDC292801D}_is1" = Dietrich's AG PlanCAD-L
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}" = Rescue and Recovery
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}" = Brother MFL-Pro Suite MFC-7820N
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Energie-Manager
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E8D46836-CD55-453C-A107-A59EC51CB8DC}" = VIP Access
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.14.18.01
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Google Chrome" = Google Chrome
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory Lenovo Edition
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Corel Burn.Now Lenovo Edition
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"Lenovo Welcome_is1" = Lenovo Welcome
"ProInst" = Intel PROSet Wireless
"RealVNC_is1" = VNC Free Edition 4.1.3
"USB DataLogger_is1" = 1.10
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2709154191-1208877422-289750601-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"CopyTrans Suite" = Nur Entfernen der CopyTrans Suite möglich
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 03.09.2013 01:25:15 | Computer Name = PeitzHausi | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 03.09.2013 01:25:15 | Computer Name = PeitzHausi | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 04.09.2013 01:01:50 | Computer Name = PeitzHausi | Source = WinMgmt | ID = 10
Description =
Error - 04.09.2013 01:03:11 | Computer Name = PeitzHausi | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 04.09.2013 01:03:11 | Computer Name = PeitzHausi | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 04.09.2013 01:03:11 | Computer Name = PeitzHausi | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 04.09.2013 01:05:43 | Computer Name = PeitzHausi | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 04.09.2013 01:05:43 | Computer Name = PeitzHausi | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 04.09.2013 01:05:43 | Computer Name = PeitzHausi | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 04.09.2013 02:02:25 | Computer Name = PeitzHausi | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Lenovo\Access Connections\AcCryptHlpr.dll". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dll" in Zeile 0. Ungültige
XML-Syntax.
[ Lenovo-Lenovo Patch Utility/Admin Events ]
Error - 25.01.2012 09:29:27 | Computer Name = PeitzHausi | Source = Lenovo Patch Utility | ID = 2
Description = Can not grant access to Everyone: Manche oder alle Identitätsverweise
konnten nicht übersetzt werden.
Error - 25.01.2012 09:29:29 | Computer Name = PeitzHausi | Source = Lenovo Patch Utility | ID = 1
Description = HttpFileDownloader failed to download the file "hxxp://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches/x64//PM.manifest.xml".
Error message: Der Remoteserver hat einen Fehler zurückgegeben: (404) Nicht gefunden.
[ Lenovo-Message Center Plus/Admin Events ]
Error - 15.05.2013 04:33:50 | Computer Name = PeitzHausi | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt. ->
Exception message: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
[ System Events ]
Error - 30.07.2013 01:31:15 | Computer Name = PeitzHausi | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x8024200d fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
Systeme (KB2835361)
Error - 05.08.2013 09:14:36 | Computer Name = PeitzHausi | Source = DCOM | ID = 10005
Description =
Error - 05.08.2013 09:14:36 | Computer Name = PeitzHausi | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%109
Error - 13.08.2013 00:53:23 | Computer Name = PeitzHausi | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
nicht richtig heruntergefahren werden.
Error - 20.08.2013 08:27:25 | Computer Name = PeitzHausi | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%109
Error - 20.08.2013 08:27:25 | Computer Name = PeitzHausi | Source = DCOM | ID = 10005
Description =
Error - 26.08.2013 01:17:33 | Computer Name = PeitzHausi | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.157.229.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.9800.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 26.08.2013 03:27:31 | Computer Name = PeitzHausi | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.157.229.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.9800.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 26.08.2013 04:10:39 | Computer Name = PeitzHausi | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.157.229.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.9800.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 26.08.2013 05:54:06 | Computer Name = PeitzHausi | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.157.229.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.9800.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
< End of report >
Code:
ATTFilter OTL logfile created on: 04.09.2013 10:49:43 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peitz\Desktop\Virus 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16660) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,19% Memory free 7,82 Gb Paging File | 5,84 Gb Available in Paging File | 74,58% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,58 Gb Total Space | 397,45 Gb Free Space | 87,82% Space Free | Partition Type: NTFS Drive Q: | 11,72 Gb Total Space | 1,87 Gb Free Space | 15,95% Space Free | Partition Type: NTFS Computer Name: PEITZHAUSI | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Peitz\Desktop\Virus\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\Lenovo\System Update\SUService.exe (Lenovo Group Limited) PRC - C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Lenovo) PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Lenovo) PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo) PRC - C:\Programme\Lenovo\AutoLock\ALCKRESI.exe (Lenovo Group Limited) PRC - C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe (Lenovo Group Limited) PRC - C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) PRC - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Symantec Corporation) PRC - C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) PRC - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Windows\SysWOW64\SASrv.exe (Conexant Systems, Inc.) PRC - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe () PRC - C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.) PRC - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\libglesv2.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\libegl.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ffmpegsumo.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Programme\Lenovo\AutoLock\cv210.dll () MOD - C:\Programme\Lenovo\AutoLock\cxcore210.dll () MOD - C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe () MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll () ========== Services (SafeList) ========== SRV:64bit: - (IBMPMSVC) -- C:\Windows\SysNative\ibmpmsvc.exe (Lenovo.) SRV:64bit: - (TPHDEXLGSVC) -- C:\Windows\SysNative\TPHDEXLG64.exe (Lenovo.) SRV:64bit: - (CxAudMsg) -- C:\Windows\SysNative\CxAudMsg64.exe (Conexant Systems Inc.) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (SUService) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe (Lenovo Group Limited) SRV - (AcSvc) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Lenovo) SRV - (AcPrfMgrSvc) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo) SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (SROSVC) -- C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe (Lenovo Group Limited) SRV - (PwmEWSvc) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE (Lenovo Group Limited) SRV - (Power Manager DBC Service) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE (Lenovo) SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe () SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (LENOVO.TPKNRSVC) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) SRV - (LENOVO.CAMMUTE) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) SRV - (VIPAppService) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Symantec Corporation) SRV - (Lenovo.VIRTSCRLSVC) -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe (Lenovo Group Limited) SRV - (TPHKLOAD) -- C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited) SRV - (LENOVO.MICMUTE) -- C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) SRV - (HyperW7Svc) -- C:\Programme\Lenovo\RapidBoot\HyperW7Svc64.exe (Lenovo Group Limited) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (SAService) -- C:\Windows\SysWOW64\SASrv.exe (Conexant Systems, Inc.) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (ThinkVantage Registry Monitor Service) -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (WinVNC4) -- C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.) SRV - (UleadBurningHelper) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (psadd) -- C:\Windows\SysNative\drivers\psadd.sys (Lenovo Information Product(ShenZhen China) Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (TPPWRIF) -- C:\Windows\SysNative\drivers\TPPWR64V.SYS (Lenovo Group Limited) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (IBMPMDRV) -- C:\Windows\SysNative\drivers\ibmpmdrv.sys (Lenovo.) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation) DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation) DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.) DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (TVTI2C) -- C:\Windows\SysNative\drivers\tvti2c.sys (Lenovo Information Product(ShenZhen China) Inc.) DRV:64bit: - (risdxc) -- C:\Windows\SysNative\drivers\risdxc64.sys (REDC) DRV:64bit: - (Shockprf) -- C:\Windows\SysNative\drivers\ApsX64.sys (Lenovo.) DRV:64bit: - (TPDIGIMN) -- C:\Windows\SysNative\drivers\ApsHM64.sys (Lenovo.) DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.) DRV:64bit: - (5U877) -- C:\Windows\SysNative\drivers\5U877.sys (Ricoh co.,Ltd.) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (lenovo.smi) -- C:\Windows\SysNative\drivers\smiifx64.sys (Lenovo Group Limited) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (PHCORE) -- C:\Programme\Lenovo\RapidBoot\PHCORE64.sys (Lenovo Group Limited) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2709154191-1208877422-289750601-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP IE - HKU\S-1-5-21-2709154191-1208877422-289750601-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKU\S-1-5-21-2709154191-1208877422-289750601-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKU\S-1-5-21-2709154191-1208877422-289750601-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP IE - HKU\S-1-5-21-2709154191-1208877422-289750601-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2709154191-1208877422-289750601-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE468 IE - HKU\S-1-5-21-2709154191-1208877422-289750601-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2709154191-1208877422-289750601-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP IE - HKU\S-1-5-21-2709154191-1208877422-289750601-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKU\S-1-5-21-2709154191-1208877422-289750601-500\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKU\S-1-5-21-2709154191-1208877422-289750601-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP IE - HKU\S-1-5-21-2709154191-1208877422-289750601-500\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2709154191-1208877422-289750601-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE468 IE - HKU\S-1-5-21-2709154191-1208877422-289750601-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2709154191-1208877422-289750601-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2012.02.01 12:00:54 | 000,000,000 | ---D | M] [2013.07.03 11:24:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.08.23 07:30:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2012.11.21 12:23:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\gcswf32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-2709154191-1208877422-289750601-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-2709154191-1208877422-289750601-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo) O4:64bit: - HKLM..\Run: [ALCKRESI.EXE] C:\Programme\Lenovo\AutoLock\ALCKRESI.exe (Lenovo Group Limited) O4:64bit: - HKLM..\Run: [ForteConfig] C:\Programme\CONEXANT\ForteConfig\fmapp.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Programme\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant Systems, Inc.) O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.) O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found O4 - HKLM..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2709154191-1208877422-289750601-1000..\Run: [LTT] C:\Programme\PC-Doctor\EnableToolbarW32.exe (PC-Doctor, Inc.) O4 - HKU\S-1-5-21-2709154191-1208877422-289750601-1000..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe File not found O4 - HKU\S-1-5-21-2709154191-1208877422-289750601-500..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Users\Peitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Users\Peitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-2709154191-1208877422-289750601-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.16.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7289B41E-F30B-426A-BF99-FAC432A663E7}: DhcpNameServer = 10.16.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7451574F-2AB0-41F0-8E3B-72C333478F94}: DhcpNameServer = 10.16.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.06.10 18:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ] O33 - MountPoints2\{e09a05c6-103f-11e1-94f9-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{e09a05c6-103f-11e1-94f9-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009.08.10 23:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.08.14 14:53:23 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.08.14 14:53:22 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.08.14 14:53:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.08.14 14:53:21 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.08.14 14:53:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.08.14 14:53:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.08.14 14:53:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.08.14 14:53:21 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.08.14 14:53:21 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.08.14 14:53:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.08.14 14:53:20 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.08.14 14:53:18 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.08.14 14:53:18 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.08.14 14:53:18 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.08.14 14:53:17 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.08.14 07:05:44 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013.08.14 07:05:43 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2013.08.14 07:05:41 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013.08.14 07:05:13 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2013.08.14 07:05:12 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2013.08.14 07:05:11 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll [2013.08.14 07:05:10 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.08.14 07:05:09 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.08.14 07:05:09 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.08.14 07:05:08 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2013.08.14 07:05:08 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013.08.14 07:05:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.08.14 07:05:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.08.14 07:05:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.08.14 07:05:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.08.14 07:05:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.08.12 11:41:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT [2013.08.12 11:41:23 | 000,000,000 | ---D | C] -- C:\47492c4c666f1d827659a3f940982349 [2012.06.18 10:56:10 | 000,733,344 | ---- | C] (Microsoft Corporation) -- C:\Program Files\HHUpd.Exe [2012.06.18 10:56:01 | 000,640,000 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dbghelp.dll [2012.06.18 10:56:01 | 000,557,056 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\TEXTKD.dll [2012.06.18 10:56:01 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp71.dll [2012.06.18 10:56:01 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr71.dll [2012.06.18 10:56:01 | 000,299,008 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\proxytrap.dll [2012.06.18 10:56:00 | 001,638,400 | ---- | C] (Siemens AG) -- C:\Program Files\CLCAPI.dll [2012.06.18 10:56:00 | 001,474,604 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\TCheckLic.dll [2012.06.18 10:55:59 | 000,618,496 | ---- | C] (Apache Software Foundation) -- C:\Program Files\xerces12.dll [2012.06.18 10:55:59 | 000,561,152 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Texd22.dll [2012.06.18 10:55:59 | 000,225,326 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\TCheckReg.dll [2012.06.18 10:55:59 | 000,122,925 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Compress.dll [2012.06.18 10:55:58 | 009,699,373 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Ass_150e.exe [2012.06.18 10:55:58 | 008,552,448 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Tbitmap.dll [2012.06.18 10:55:58 | 000,843,776 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Tres3001.dll [2012.06.18 10:55:58 | 000,360,492 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Tcomm32.dll [2012.06.18 10:55:57 | 001,351,724 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\AssCkds.dll [2012.06.18 10:55:57 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mfc42.dll [2012.06.18 10:55:57 | 000,947,712 | ---- | C] (Siemens Enterprise Communications GmbH & Co. KG) -- C:\Program Files\mdfprint.dll [2012.06.18 10:55:57 | 000,278,581 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcrt.dll [2012.06.18 10:55:57 | 000,026,768 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ctl3d.dll [2012.06.18 10:55:56 | 000,294,957 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6005.dll [2012.06.18 10:55:56 | 000,294,957 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6004.dll [2012.06.18 10:55:56 | 000,294,957 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6003.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6806.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6805.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6804.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6406.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6405.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6404.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6403.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6206.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6205.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6204.dll [2012.06.18 10:55:56 | 000,290,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form6203.dll [2012.06.18 10:55:56 | 000,286,765 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5804.dll [2012.06.18 10:55:56 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5803.dll [2012.06.18 10:55:56 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5802.dll [2012.06.18 10:55:55 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5801.dll [2012.06.18 10:55:55 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5314.dll [2012.06.18 10:55:55 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5313.dll [2012.06.18 10:55:55 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5312.dll [2012.06.18 10:55:55 | 000,282,669 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5311.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5204.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5203.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5202.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5201.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5114.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5113.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5112.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5111.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5104.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5103.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5102.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5101.dll [2012.06.18 10:55:55 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5004.dll [2012.06.18 10:55:54 | 001,028,141 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6805.dll [2012.06.18 10:55:54 | 001,019,949 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6405.dll [2012.06.18 10:55:54 | 000,978,989 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6806.dll [2012.06.18 10:55:54 | 000,970,797 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6804.dll [2012.06.18 10:55:54 | 000,966,701 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6406.dll [2012.06.18 10:55:54 | 000,962,605 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6404.dll [2012.06.18 10:55:54 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5002.dll [2012.06.18 10:55:54 | 000,270,381 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5001.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\form5003.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4304.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4302.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4301.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4204.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4202.dll [2012.06.18 10:55:54 | 000,262,189 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4201.dll [2012.06.18 10:55:54 | 000,258,093 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4303.dll [2012.06.18 10:55:54 | 000,253,997 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4203.dll [2012.06.18 10:55:54 | 000,241,709 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form3001.dll [2012.06.18 10:55:54 | 000,225,280 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\FORM4002.dll [2012.06.18 10:55:54 | 000,225,280 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Form4001.dll [2012.06.18 10:55:54 | 000,225,280 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\FORM3002.dll [2012.06.18 10:55:54 | 000,221,184 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\FORM4003.dll [2012.06.18 10:55:54 | 000,221,184 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\FORM3003.dll [2012.06.18 10:55:53 | 000,970,797 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6205.dll [2012.06.18 10:55:53 | 000,970,797 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6005.dll [2012.06.18 10:55:53 | 000,917,549 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6206.dll [2012.06.18 10:55:53 | 000,913,453 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6204.dll [2012.06.18 10:55:53 | 000,913,453 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6004.dll [2012.06.18 10:55:53 | 000,835,629 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6403.dll [2012.06.18 10:55:53 | 000,802,861 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6003.dll [2012.06.18 10:55:53 | 000,798,765 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs6203.dll [2012.06.18 10:55:53 | 000,643,117 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5802.dll [2012.06.18 10:55:53 | 000,643,117 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5312.dll [2012.06.18 10:55:53 | 000,639,021 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5804.dll [2012.06.18 10:55:53 | 000,639,021 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5801.dll [2012.06.18 10:55:53 | 000,639,021 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5314.dll [2012.06.18 10:55:53 | 000,639,021 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5311.dll [2012.06.18 10:55:53 | 000,614,445 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5803.dll [2012.06.18 10:55:53 | 000,614,445 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5313.dll [2012.06.18 10:55:53 | 000,512,045 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5204.dll [2012.06.18 10:55:53 | 000,487,469 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5203.dll [2012.06.18 10:55:52 | 000,585,773 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5112.dll [2012.06.18 10:55:52 | 000,581,677 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5114.dll [2012.06.18 10:55:52 | 000,581,677 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5111.dll [2012.06.18 10:55:52 | 000,565,293 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5113.dll [2012.06.18 10:55:52 | 000,557,101 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5104.dll [2012.06.18 10:55:52 | 000,557,101 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5101.dll [2012.06.18 10:55:52 | 000,548,909 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5102.dll [2012.06.18 10:55:52 | 000,536,621 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\accs5103.dll [2012.06.18 10:55:52 | 000,512,045 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5201.dll [2012.06.18 10:55:52 | 000,503,853 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5202.dll [2012.06.18 10:55:52 | 000,491,565 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5004.dll [2012.06.18 10:55:52 | 000,491,565 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5001.dll [2012.06.18 10:55:52 | 000,487,469 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5002.dll [2012.06.18 10:55:52 | 000,471,085 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs5003.dll [2012.06.18 10:55:52 | 000,466,989 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4304.dll [2012.06.18 10:55:52 | 000,462,893 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4302.dll [2012.06.18 10:55:52 | 000,446,509 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4303.dll [2012.06.18 10:55:51 | 000,466,989 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4301.dll [2012.06.18 10:55:51 | 000,466,989 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4204.dll [2012.06.18 10:55:51 | 000,466,989 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4201.dll [2012.06.18 10:55:51 | 000,462,893 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4202.dll [2012.06.18 10:55:51 | 000,446,509 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4203.dll [2012.06.18 10:55:51 | 000,405,549 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs4001.dll [2012.06.18 10:55:51 | 000,401,453 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4002.dll [2012.06.18 10:55:51 | 000,385,069 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\ACCS4003.dll [2012.06.18 10:55:51 | 000,372,781 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs3001.dll [2012.06.18 10:55:51 | 000,368,685 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs3002.dll [2012.06.18 10:55:51 | 000,360,493 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\Accs3003.dll [2012.06.18 10:55:51 | 000,213,037 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\tebrantk.dll [2012.06.18 10:55:51 | 000,213,037 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\tebransi.dll [2012.06.18 10:55:51 | 000,213,037 | ---- | C] (Siemens Enterprise Communication GmbH & Co. KG) -- C:\Program Files\tebranft.dll ========== Files - Modified Within 30 Days ========== [2013.09.04 10:46:00 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2013.09.04 10:43:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.09.04 10:43:00 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2013.09.04 10:03:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.09.04 09:27:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.09.04 07:43:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.09.04 07:09:25 | 000,031,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.09.04 07:09:25 | 000,031,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.09.04 07:05:46 | 007,579,882 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.09.04 07:05:46 | 002,731,710 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.09.04 07:05:46 | 002,352,906 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.09.04 07:05:46 | 002,109,162 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.09.04 07:05:46 | 000,006,252 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.09.04 07:01:06 | 3151,417,344 | -HS- | M] () -- C:\hiberfil.sys [2013.08.21 10:03:30 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.08.21 10:03:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl ========== Files Created - No Company Name ========== [2013.06.27 16:16:55 | 000,000,000 | ---- | C] () -- C:\Users\Administrator\defogger_reenable [2012.06.18 10:56:13 | 000,012,697 | ---- | C] () -- C:\Windows\ASS_150E.INI [2012.06.18 10:56:11 | 000,048,784 | ---- | C] () -- C:\Program Files\octo.mib [2012.06.18 10:56:11 | 000,041,922 | ---- | C] () -- C:\Program Files\KDS6804.BIN [2012.06.18 10:56:11 | 000,041,604 | ---- | C] () -- C:\Program Files\KDS6404.BIN [2012.06.18 10:56:11 | 000,041,241 | ---- | C] () -- C:\Program Files\KDS6004.BIN [2012.06.18 10:56:11 | 000,041,235 | ---- | C] () -- C:\Program Files\KDS6204.BIN [2012.06.18 10:56:11 | 000,033,750 | ---- | C] () -- C:\Program Files\KDS6806.BIN [2012.06.18 10:56:11 | 000,033,432 | ---- | C] () -- C:\Program Files\KDS6406.BIN [2012.06.18 10:56:11 | 000,033,060 | ---- | C] () -- C:\Program Files\KDS6206.BIN [2012.06.18 10:56:11 | 000,030,681 | ---- | C] () -- C:\Program Files\KDS5804.BIN [2012.06.18 10:56:11 | 000,030,681 | ---- | C] () -- C:\Program Files\KDS5801.BIN [2012.06.18 10:56:11 | 000,030,681 | ---- | C] () -- C:\Program Files\KDS5314.BIN [2012.06.18 10:56:11 | 000,030,681 | ---- | C] () -- C:\Program Files\KDS5311.BIN [2012.06.18 10:56:11 | 000,026,901 | ---- | C] () -- C:\Program Files\KDS5802.BIN [2012.06.18 10:56:11 | 000,026,901 | ---- | C] () -- C:\Program Files\KDS5312.BIN [2012.06.18 10:56:11 | 000,024,717 | ---- | C] () -- C:\Program Files\KDS5104.BIN [2012.06.18 10:56:11 | 000,024,717 | ---- | C] () -- C:\Program Files\KDS5101.BIN [2012.06.18 10:56:11 | 000,024,141 | ---- | C] () -- C:\Program Files\KDS5114.BIN [2012.06.18 10:56:11 | 000,024,141 | ---- | C] () -- C:\Program Files\KDS5111.BIN [2012.06.18 10:56:11 | 000,023,976 | ---- | C] () -- C:\Program Files\KDS6403.BIN [2012.06.18 10:56:11 | 000,023,961 | ---- | C] () -- C:\Program Files\KDS6003.BIN [2012.06.18 10:56:11 | 000,023,955 | ---- | C] () -- C:\Program Files\KDS6203.BIN [2012.06.18 10:56:11 | 000,022,434 | ---- | C] () -- C:\Program Files\KDS5204.BIN [2012.06.18 10:56:11 | 000,022,434 | ---- | C] () -- C:\Program Files\KDS5201.BIN [2012.06.18 10:56:11 | 000,021,849 | ---- | C] () -- C:\Program Files\KDS5112.BIN [2012.06.18 10:56:11 | 000,021,840 | ---- | C] () -- C:\Program Files\KDS5102.BIN [2012.06.18 10:56:11 | 000,021,834 | ---- | C] () -- C:\Program Files\KDS5202.BIN [2012.06.18 10:56:11 | 000,021,693 | ---- | C] () -- C:\Program Files\KDS5004.BIN [2012.06.18 10:56:11 | 000,021,693 | ---- | C] () -- C:\Program Files\KDS5001.BIN [2012.06.18 10:56:11 | 000,021,642 | ---- | C] () -- C:\Program Files\KDS4304.BIN [2012.06.18 10:56:11 | 000,021,642 | ---- | C] () -- C:\Program Files\KDS4301.BIN [2012.06.18 10:56:11 | 000,021,618 | ---- | C] () -- C:\Program Files\KDS4204.BIN [2012.06.18 10:56:11 | 000,021,618 | ---- | C] () -- C:\Program Files\KDS4201.BIN [2012.06.18 10:56:11 | 000,021,438 | ---- | C] () -- C:\Program Files\KDS4001.BIN [2012.06.18 10:56:11 | 000,021,336 | ---- | C] () -- C:\Program Files\KDS3001.BIN [2012.06.18 10:56:11 | 000,021,093 | ---- | C] () -- C:\Program Files\KDS5002.BIN [2012.06.18 10:56:11 | 000,021,042 | ---- | C] () -- C:\Program Files\KDS4302.BIN [2012.06.18 10:56:11 | 000,021,018 | ---- | C] () -- C:\Program Files\KDS4202.BIN [2012.06.18 10:56:11 | 000,020,838 | ---- | C] () -- C:\Program Files\KDS4002.BIN [2012.06.18 10:56:11 | 000,020,736 | ---- | C] () -- C:\Program Files\KDS3002.BIN [2012.06.18 10:56:11 | 000,019,017 | ---- | C] () -- C:\Program Files\KDS5803.BIN [2012.06.18 10:56:11 | 000,019,017 | ---- | C] () -- C:\Program Files\KDS5313.BIN [2012.06.18 10:56:11 | 000,016,989 | ---- | C] () -- C:\Program Files\KDS5113.BIN [2012.06.18 10:56:11 | 000,016,980 | ---- | C] () -- C:\Program Files\KDS5103.BIN [2012.06.18 10:56:11 | 000,016,974 | ---- | C] () -- C:\Program Files\KDS5203.BIN [2012.06.18 10:56:11 | 000,016,713 | ---- | C] () -- C:\Program Files\KDS5003.BIN [2012.06.18 10:56:11 | 000,016,662 | ---- | C] () -- C:\Program Files\KDS4303.BIN [2012.06.18 10:56:11 | 000,016,638 | ---- | C] () -- C:\Program Files\KDS4203.BIN [2012.06.18 10:56:11 | 000,016,458 | ---- | C] () -- C:\Program Files\KDS4003.BIN [2012.06.18 10:56:11 | 000,016,356 | ---- | C] () -- C:\Program Files\KDS3003.BIN [2012.06.18 10:56:11 | 000,006,984 | ---- | C] () -- C:\Program Files\managerc4inv.xml [2012.06.18 10:56:03 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_usa.dll [2012.06.18 10:56:02 | 001,413,120 | ---- | C] () -- C:\Program Files\text_all.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_tsc.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_swe.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_srl.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_src.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_spa.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_slw.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_slo.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_rus.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_rom.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_por.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_pol.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_ndl.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_mkd.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_lit.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_let.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_kat.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_itl.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_hun.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_gre.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_fra.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_fin.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_est.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_dan.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_cro.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_brd.dll [2012.06.18 10:56:02 | 000,090,112 | ---- | C] () -- C:\Program Files\Text_bgr.dll [2012.06.18 10:56:02 | 000,086,016 | ---- | C] () -- C:\Program Files\Text_tur.dll [2012.06.18 10:56:02 | 000,086,016 | ---- | C] () -- C:\Program Files\Text_nor.dll [2012.06.18 10:56:02 | 000,086,016 | ---- | C] () -- C:\Program Files\Text_gbr.dll [2012.06.18 10:56:02 | 000,081,920 | ---- | C] () -- C:\Program Files\Text_chn.dll [2012.06.18 10:56:01 | 000,131,072 | ---- | C] () -- C:\Program Files\REV_D.dll [2012.06.18 10:56:01 | 000,045,056 | ---- | C] () -- C:\Program Files\StatViewRes.dll [2012.06.18 10:55:59 | 000,077,868 | ---- | C] () -- C:\Program Files\pingsk2.dll [2012.06.18 10:55:57 | 000,299,051 | ---- | C] () -- C:\Program Files\comspy.dll [2012.06.18 10:55:57 | 000,217,088 | ---- | C] () -- C:\Program Files\widge32.dll [2012.06.18 10:55:57 | 000,110,653 | ---- | C] () -- C:\Program Files\ISDNTRA.EXE [2012.06.18 10:55:57 | 000,006,546 | ---- | C] () -- C:\Program Files\FINDCOMP.ANI [2012.06.18 10:55:57 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgTHA.xml [2012.06.18 10:55:57 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgSGP.xml [2012.06.18 10:55:57 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgSAF.xml [2012.06.18 10:55:57 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgRP.xml [2012.06.18 10:55:57 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgRA.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgUKR.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgTUR.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgTSC.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgSPA.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgSCH.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgRUS.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgPOR.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgPOL.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgPAK.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgOES.xml [2012.06.18 10:55:57 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgNOR.xml [2012.06.18 10:55:56 | 001,149,287 | ---- | C] () -- C:\Program Files\k_sample.kds [2012.06.18 10:55:56 | 000,012,697 | ---- | C] () -- C:\Program Files\ass_150e.ini [2012.06.18 10:55:56 | 000,001,476 | ---- | C] () -- C:\Program Files\RNAssCfgFRA.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgUSA.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgMAL.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgINT.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgIND.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgHGK.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgCHI.xml [2012.06.18 10:55:56 | 000,001,448 | ---- | C] () -- C:\Program Files\RNAssCfgBRA.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgWRU.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgNDL.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgKOR.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgITA.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgIRL.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgHUN.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgGRE.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgGBR.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgFIN.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgDAN.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgCH.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgBRD.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgBEL.xml [2012.06.18 10:55:56 | 000,001,432 | ---- | C] () -- C:\Program Files\RNAssCfgAUS.xml [2012.06.18 10:55:54 | 000,208,896 | ---- | C] () -- C:\Program Files\hascoder.dll [2012.06.18 10:55:54 | 000,180,224 | ---- | C] () -- C:\Program Files\hasdecoder.dll [2012.06.18 10:55:54 | 000,118,784 | ---- | C] () -- C:\Program Files\Coder_2.dll [2012.06.18 10:55:54 | 000,045,056 | ---- | C] () -- C:\Program Files\Coder_1.dll [2012.06.18 10:55:51 | 000,000,007 | ---- | C] () -- C:\Program Files\ass_150e.aiv [2012.02.14 11:47:49 | 000,001,025 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2012.02.14 11:47:49 | 000,000,160 | ---- | C] () -- C:\Windows\brpcfx.ini [2012.02.14 11:47:22 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.02.14 11:47:22 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7820N.DAT [2012.02.14 11:42:32 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2012.02.14 11:42:31 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2012.02.14 11:42:31 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2011.11.16 13:04:10 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.11.16 13:04:10 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.11.16 13:04:10 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.11.16 13:04:09 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011.11.16 13:04:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.11.16 12:55:39 | 000,006,438 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
04.09.2013, 10:04
| #6 |
| | Iminent Programm lässt sich nicht deinstallieren Danke für die weitere Hilfe |
|
09.09.2013, 15:28
| #7 |
| /// Helfer-Team | Iminent Programm lässt sich nicht deinstallieren Besteht das Problem noch? AdwCleaner loschen, neu laden: Downloade Dir bitte AdwCleaner auf deinen Desktop.
|
|
| Themen zu Iminent Programm lässt sich nicht deinstallieren |
| 7-zip, adobe reader xi, bho, bonjour, desktop, error, failed, fehler, festplatte, firefox, flash player, google, install.exe, kunde, mozilla, nicht installiert, plug-in, problem, programm, prozess, pwmtr64v.dll, realtek, registry, rundll, scan, security, senden, software, sprotection, svchost.exe, symantec, trojaner, visual studio, windows |
Linear-Darstellung
