| |
| |||||||
Log-Analyse und Auswertung: AV Security Suite - Nach Entfernung öffnen sich in Firefox ungewünschte TabsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
12.07.2010, 11:43
| #1 |
 |  AV Security Suite - Nach Entfernung öffnen sich in Firefox ungewünschte Tabs Hallo Zusammen, ich habe mir AV Security Suite eingefangen und mit nach der Anleitung hier im Forum (h**p://www.trojaner-board.de/86690-av-security-suite-entfernen.html -- DANKE!) entfernt. Avira und CCleaner finden jetzt keine infizierten Dateien mehr. Dennoch öffnen sich seither unerwünschte Tabs in Firefox, ohne dass ich irgendwo geklickt hätte. Diese Seiten enthalten zum Teil Suchbegriffe, die ich zuvor in Google eingegeben hatte. Nun bin ich freilich um die Sicherheit meines Computers besorgt. Könnt ihr helfen? Vielen Dank!! Hier die Logdatei von CCleaner und von HijackThis: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4300 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 12.07.2010 09:59:40 mbam-log-2010-07-12 (09-59-40).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 204960 Laufzeit: 53 Minute(n), 56 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) HIJACKTHIS Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:36:50, on 12.07.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Intel\Wireless\Bin\EvtEng.exe C:\Programme\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\Programme\LENOVO\HOTKEY\TPHKSVC.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe C:\Programme\ThinkPad\Utilities\DOZESVC.EXE C:\WINDOWS\System32\svchost.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\system32\TpKmpSVC.exe C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe C:\Programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe c:\programme\lenovo\system update\suservice.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Programme\Lenovo\Client Security Solution\cssauth.exe C:\WINDOWS\Explorer.EXE C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\Programme\Synaptics\SynTP\SynTPLpr.exe C:\WINDOWS\system32\TpShocks.exe C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe C:\Programme\Lenovo\HOTKEY\TPONSCR.exe C:\Programme\Lenovo\Zoom\TpScrex.exe C:\Programme\Analog Devices\Core\smax4pnp.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe C:\Programme\Lenovo\AwayTask\AwaySch.EXE C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Programme\Lenovo\SafeGuard PrivateDisk\pdservice.exe C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe C:\Programme\Lenovo\HOTKEY\TPFNF6R.exe C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe C:\Programme\FreePDF_XP\fpassist.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe C:\Programme\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe C:\Programme\Skype\Phone\Skype.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Programme\Gemeinsame Dateien\Nikon\Monitor\NkMonitor.exe C:\Programme\Lenovo\Client Security Solution\tvtpwm_tray.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Programme\Skype\Plugin Manager\skypePM.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Mozilla Firefox\plugin-container.exe C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\RSIT.exe C:\Programme\trend micro\***.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = h**p=127.0.0.1:5577 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [AwaySch] C:\Programme\Lenovo\AwayTask\AwaySch.EXE O4 - HKLM\..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe O4 - HKLM\..\Run: [ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM\..\Run: [PDService.exe] "C:\Programme\Lenovo\SafeGuard PrivateDisk\pdservice.exe" O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Programme\Lenovo\HOTKEY\TPFNF6R.exe O4 - HKLM\..\Run: [TPFNF7] C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe /r O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Programme\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Nikon Monitor.lnk = C:\Programme\Gemeinsame Dateien\Nikon\Monitor\NkMonitor.exe O8 - Extra context menu item: &Citavi Picker... - file://C:\Programme\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=h**p://www.lenovo.com/welcome/thinkpad O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1262436761625 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing) O20 - Winlogon Notify: AwayNotify - C:\Programme\Lenovo\AwayTask\AwayNotify.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Programme\ThinkPad\Utilities\DOZESVC.EXE O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IPS-Basisservice (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Programme\LENOVO\HOTKEY\MICMUTE.exe O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Programme\OpenVPN\bin\openvpnserv.exe O23 - Service: Power Manager DBC Service - Unknown owner - C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\programme\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe O23 - Service: Anzeige am Bildschirm (TPHKSVC) - Lenovo Group Limited - C:\Programme\LENOVO\HOTKEY\TPHKSVC.exe O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe -- End of file - 14194 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\PMTask.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-02-02 110652] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-06-29 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-29 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F040E541-A427-4CF7-85D8-75E3E0F476C5}] CPwmIEBrowserHelper Object - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2006-07-14 719616] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "PWRMGRTR"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor [] "BLOG"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog [] "SynTPLpr"=C:\Programme\Synaptics\SynTP\SynTPLpr.exe [2009-07-14 128296] "SynTPEnh"=C:\Programme\Synaptics\SynTP\SynTPEnh.exe [2009-07-14 1541416] "EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2006-02-23 237568] "TPKMAPHELPER"=C:\Programme\ThinkPad\Utilities\TpKmapAp.exe [2006-06-02 856064] "TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2009-07-08 337184] "TPHOTKEY"=C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976] "TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2005-10-17 65536] "SoundMAXPnP"=C:\Programme\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696] "SoundMAX"=C:\Programme\Analog Devices\SoundMAX\Smax4.exe [2005-05-06 716800] "LPManager"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [2009-07-23 185688] "TVT Scheduler Proxy"=C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424] "DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2006-02-02 122940] "ISUSPM Startup"=C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184] "ISUSScheduler"=C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe [2005-02-16 81920] "AwaySch"=C:\Programme\Lenovo\AwayTask\AwaySch.EXE [2006-11-07 91688] "ACTray"=C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe [2009-12-11 431464] "ACWLIcon"=C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe [2009-12-11 181608] "PDService.exe"=C:\Programme\Lenovo\SafeGuard PrivateDisk\pdservice.exe [2006-03-13 41472] "avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "LPMailChecker"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe [2009-07-23 124248] ""= [] "LENOVO.TPFNF6R"=C:\Programme\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752] "TPFNF7"=C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe [2009-08-03 62240] "StartCCC"=C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-29 61440] "FreePDF Assistant"=C:\Programme\FreePDF_XP\fpassist.exe [2009-09-05 385024] "TrueImageMonitor.exe"=C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-11-12 5140960] "Acronis Scheduler2 Service"=C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe [2009-11-12 362032] "SSBkgdUpdate"=C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "OpwareSE4"=C:\Programme\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400] "WrtMon.exe"=C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe [2006-09-20 20480] "QuickTime Task"=C:\Programme\QuickTime\QTTask.exe [2007-12-11 286720] "SunJavaUpdateSched"=C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Skype"=C:\Programme\Skype\Phone\Skype.exe [2009-10-09 25623336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth] C:\Programme\Lenovo\Client Security Solution\cssauth.exe [2006-07-14 2341632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray] C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe [2006-05-18 196696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCDMon] C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\lcdmon.exe [2007-04-27 774168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Message Center Plus] C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27 49976] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520] C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Adobe Reader - Schnellstart.lnk - C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe Microsoft Office.lnk - C:\Programme\Microsoft Office\Office10\OSA.EXE Nikon Monitor.lnk - C:\Programme\Gemeinsame Dateien\Nikon\Monitor\NkMonitor.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify] C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll [2009-12-10 32768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2009-09-29 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AwayNotify] C:\Programme\Lenovo\AwayTask\AwayNotify.dll [2006-08-16 49152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus] C:\Programme\ThinkVantage Fingerprint Software\psqlpwd.dll [2009-12-01 100104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2] C:\Programme\Lenovo\HOTKEY\notifyf2.dll [2006-09-06 34344] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli ACGina C:\Programme\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\ThinkVantage\SMA\sma.exe"="C:\Programme\ThinkVantage\SMA\sma.exe:*:Enabled:System Migration Assistant" "C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\TeamViewer\Version5\TeamViewer.exe"="C:\Programme\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application" "C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process " "C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater" "C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2010-07-12 10:36:41 ----D---- C:\Programme\trend micro 2010-07-12 10:36:39 ----D---- C:\rsit 2010-07-11 10:34:32 ----A---- C:\WINDOWS\system32\javaws.exe 2010-07-11 10:34:32 ----A---- C:\WINDOWS\system32\javaw.exe 2010-07-11 10:34:32 ----A---- C:\WINDOWS\system32\java.exe 2010-07-11 10:34:32 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-07-11 08:36:11 ----D---- C:\Programme\CCleaner 2010-07-11 02:44:19 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes 2010-07-11 02:44:11 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-07-11 02:44:09 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2010-07-11 02:44:09 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-07-11 02:44:08 ----D---- C:\Programme\Malwarebytes' Anti-Malware 2010-07-11 02:35:19 ----D---- C:\WINDOWS\pss 2010-07-11 01:34:07 ----ASH---- C:\hiberfil.sys 2010-07-11 00:32:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP 2010-07-05 09:47:22 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$ 2010-07-05 09:46:04 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia 2010-07-05 09:37:25 ----D---- C:\Programme\PC Connectivity Solution 2010-07-05 09:37:08 ----A---- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys 2010-07-05 09:37:08 ----A---- C:\WINDOWS\system32\drivers\nmwcdnsu.sys 2010-07-05 09:37:07 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys 2010-07-05 09:37:07 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys 2010-07-05 09:37:06 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys 2010-07-05 09:37:05 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll 2010-07-05 09:37:05 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll 2010-07-05 09:37:05 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys 2010-07-05 09:27:15 ----D---- C:\WINDOWS\SxsCaPendDel 2010-06-16 23:18:58 ----A---- C:\WINDOWS\ViewNX.INI 2010-06-16 22:58:17 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Nikon 2010-06-16 22:50:37 ----D---- C:\Programme\Gemeinsame Dateien\muvee Technologies 2010-06-16 22:50:33 ----D---- C:\Programme\Gemeinsame Dateien\Nikon 2010-06-16 22:50:33 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nikon 2010-06-16 22:50:27 ----D---- C:\Programme\Nikon 2010-06-16 22:49:30 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ultima_T15 2010-06-16 22:49:30 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EnterNHelp 2010-06-16 22:48:06 ----D---- C:\Programme\QuickTime 2010-06-16 22:48:04 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer 2010-06-15 22:17:34 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\TeamViewer 2010-06-15 22:17:26 ----D---- C:\Programme\TeamViewer ======List of files/folders modified in the last 1 months====== 2010-07-12 10:36:50 ----D---- C:\WINDOWS\Prefetch 2010-07-12 10:36:41 ----D---- C:\Programme 2010-07-12 08:33:40 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\skypePM 2010-07-12 07:28:18 ----D---- C:\WINDOWS\Temp 2010-07-12 07:25:39 ----D---- C:\WINDOWS\system32\CatRoot2 2010-07-12 07:25:38 ----AD---- C:\WINDOWS 2010-07-12 07:25:35 ----A---- C:\WINDOWS\system32\PROCDB.INI 2010-07-12 07:25:24 ----AD---- C:\WINDOWS\system32 2010-07-12 07:25:24 ----A---- C:\WINDOWS\system32\IPSCtrl.INI 2010-07-11 23:11:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-07-11 10:34:50 ----SHD---- C:\WINDOWS\Installer 2010-07-11 10:34:49 ----SHD---- C:\Config.Msi 2010-07-11 10:34:49 ----D---- C:\Programme\Gemeinsame Dateien\Java 2010-07-11 10:34:28 ----D---- C:\Programme\Java 2010-07-11 08:40:17 ----D---- C:\WINDOWS\Debug 2010-07-11 08:30:22 ----D---- C:\WINDOWS\system32\drivers 2010-07-11 01:38:37 ----D---- C:\SWSHARE 2010-07-11 01:36:51 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Skype 2010-07-11 00:05:52 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-07-05 10:24:28 ----D---- C:\WINDOWS\system32\drivers\UMDF 2010-07-05 09:47:34 ----HD---- C:\WINDOWS\inf 2010-07-05 09:37:32 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-07-05 09:37:00 ----D---- C:\Programme\Nokia 2010-07-05 09:28:18 ----D---- C:\Programme\Gemeinsame Dateien\Nokia 2010-07-05 09:27:25 ----D---- C:\WINDOWS\WinSxS 2010-07-05 09:26:18 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations 2010-07-02 20:27:09 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\AdobeUM 2010-07-01 22:14:47 ----D---- C:\Programme\Mozilla Firefox 2010-06-24 12:17:00 ----D---- C:\WINDOWS\Microsoft.NET 2010-06-24 12:16:57 ----RSD---- C:\WINDOWS\assembly 2010-06-22 21:31:27 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-06-16 22:54:12 ----SD---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft 2010-06-16 22:50:37 ----D---- C:\Programme\Gemeinsame Dateien 2010-06-16 22:49:25 ----A---- C:\WINDOWS\system32\ATL71.DLL 2010-06-15 14:48:36 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Nokia ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 DozeHDD;DozeHDD; C:\WINDOWS\System32\DRIVERS\DozeHDD.sys [2009-12-16 24304] R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2006-03-01 89472] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-05-04 36496] R0 Shockprf;Shockprf; C:\WINDOWS\System32\DRIVERS\Apsx86.sys [2009-06-29 117800] R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2010-01-05 158272] R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\WINDOWS\system32\DRIVERS\tdrpm258.sys [2010-01-05 911680] R0 timounter;Acronis Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2010-01-05 581984] R0 TPDIGIMN;TPDIGIMN; C:\WINDOWS\System32\DRIVERS\ApsHM86.sys [2009-06-29 20520] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-19 77696] R1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2009-11-17 11520] R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-11-18 5660] R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-11-18 22684] R1 IBMTPCHK;IBMTPCHK; \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys [] R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 Smapint;Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [2006-10-02 14848] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 TDSMAPI;TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2006-10-02 9343] R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys [2008-05-12 17844] R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [2009-12-16 4442] R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2009-08-03 4608] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-01-02 21419] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-02-02 25628] R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-02-02 2496] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-02-02 86652] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-02-02 14684] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-02-02 6364] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-02-02 87036] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-02-02 94332] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-11-18 40544] R2 EGATHDRV;IBM eGatherer; \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS [] R2 irda;IrDA-Protokoll; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672] R2 pmem;pmem; \??\C:\WINDOWS\System32\drivers\pmemnt.sys [] R2 PrivateDisk;PrivateDisk; \??\C:\Programme\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys [] R2 PROCDD;IPS-Helper-Treiber; C:\WINDOWS\system32\DRIVERS\PROCDD.SYS [2006-11-06 12080] R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-08-02 12544] R2 smi2;smi2; \??\C:\Programme\SMI2\smi2.sys [] R2 smihlp2;SMI Helper Driver (smihlp2); \??\C:\Programme\ThinkVantage Fingerprint Software\smihlp.sys [] R2 tvtfilter;tvtfilter; \??\C:\WINDOWS\system32\drivers\tvtfilter.sys [] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-01-31 176128] R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-26 93824] R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2010-01-05 160288] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-29 3565056] R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872] R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-04-20 181760] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-11-01 989696] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-11-01 211456] R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2009-08-24 24872] R3 NETw3x32;Intel(R) PRO/Wireless 3945ABG Adaptertreiber für Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-09-27 1709696] R3 NSCIRDA;NSC-Infrarotgerätetreiber; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672] R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2010-01-02 30144] R3 Rasirda;WAN-Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-07-14 212656] R3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-12-12 25984] R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2008-12-09 50832] R3 TVTPktFilter;TVT Packet Filter Service; C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys [2006-07-14 17664] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-11-01 731520] S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 E100B;Intel(R) PRO-Adaptertreiber; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-18 117760] S3 G400;G400; C:\WINDOWS\system32\DRIVERS\G400m.sys [2001-08-18 322432] S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\hsxhwazl.sys [2005-12-06 192512] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320] S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192] S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520] S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-19 83328] S4 agp440;Intel AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368] S4 agpCPQ;Compaq AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928] S4 alim1541;ALI AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752] S4 amdagp;AMD AGP-Bus-Filtertreiber; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008] S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952] S4 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-11 874240] S4 sisagp;SIS AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960] S4 viaagp;VIA AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2009-12-11 103784] R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [2009-11-12 661072] R2 AcSvc;Access Connections Main Service; C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe [2009-12-11 230760] R2 afcdpsrv;Acronis Nonstop Backup service; C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe [2010-01-05 2480048] R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-09-29 602112] R2 Diskeeper;Diskeeper; C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe [2006-05-23 622700] R2 DozeSvc;Lenovo Doze Mode Service; C:\Programme\ThinkPad\Utilities\DOZESVC.EXE [2009-12-16 132456] R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Programme\Intel\Wireless\Bin\EvtEng.exe [2006-08-02 434176] R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2009-08-24 38176] R2 IPSSVC;IPS-Basisservice; C:\WINDOWS\system32\IPSSVC.EXE [2007-01-30 108080] R2 Irmon;Infrarotüberwachung; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-04-12 153376] R2 Power Manager DBC Service;Power Manager DBC Service; C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe [2009-12-16 53248] R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Programme\Intel\Wireless\Bin\RegSrvc.exe [2006-08-02 327680] R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Programme\Intel\Wireless\Bin\S24EvMon.exe [2006-08-02 937984] R2 SUService;System Update; c:\programme\lenovo\system update\suservice.exe [2009-06-12 28672] R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408] R2 TPHKSVC;Anzeige am Bildschirm; C:\Programme\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320] R2 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2005-06-06 32768] R2 TSSCoreService;TSS Core Service; C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe [2006-07-14 723712] R2 TVT Backup Service;TVT Backup Service; C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe [2006-07-14 1974272] R2 TVT Scheduler;TVT Scheduler; C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304] R2 tvtnetwk;tvtnetwk; C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe [2006-07-14 45056] R2 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Programme\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 OpenVPNService;OpenVPN Service; C:\Programme\OpenVPN\bin\openvpnserv.exe [2009-12-12 36352] S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe [] S3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840] S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.exe [2009-06-29 39976] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Code:
ATTFilter logfile of random's system information tool 1.08 2010-07-12 10:36:53
======Uninstall list======
-->C:\Programme\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\SETUP.exe -l0x0007 -removeonly
-->C:\Programme\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\SETUP.exe -l0x0007 -removeonly
-->C:\WINDOWS\IsUn0407.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Access Help-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C6FA39A7-26B1-480A-BC74-6D17531AC222}\Setup.exe" -l0x7 UNINSTALL
Acronis True Image Home-->MsiExec.exe /X{67ED38A3-4882-448B-B44D-3428AB00D7D5}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Reader 7.0 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A70000000000}
Anzeige am Bildschirm-->rundll32.exe "C:\Programme\Lenovo\HOTKEY\cleanup.dll",InfUninstall DefaultUninstall.XP 132 C:\Programme\Lenovo\HOTKEY\tphk_tp.inf
ATI - Dienstprogramm zur Deinstallation der Software-->C:\Programme\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x6e79
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
Canon MP Navigator EX 1.0-->"C:\Programme\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Programme\Canon\MP Navigator EX 1.0\uninst.ini
CanoScan 8800F-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4805\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4805 /L0x0007
Capture NX 2-->C:\Programme\Nikon\Capture NX 2\uninstall.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{57FA0525-01F9-4051-8DE9-CBF43CAC68D9}
CCleaner-->"C:\Programme\CCleaner\uninst.exe"
Citavi 2.5.2.0-->C:\Programme\Citavi\Deinstallieren.exe
Client Security Solution-->MsiExec.exe /I{48227AEB-DC8E-4A90-A274-0B4A39D699B1}
Dienstprogramm 'ThinkPad-Tastaturanpassung'-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2111B23F-7FDA-4A41-8309-E5A1663CA296}\Setup.exe" -l0x7 anything
Digitale Bibliothek 4-->"C:\Programme\Digitale Bibliothek 4\uninstall.exe"
Digitale Bibliothek-->C:\WINDOWS\unin0407.exe -fc:\digibib2\DeIsL1.isu -cc:\digibib2\_ISREG32.DLL
Diskeeper Lite-->MsiExec.exe /X{796E076A-82F7-4D49-98C8-DEC0C3BC733A}
Ergänzung zu Productivity Center für ThinkPad-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D728E945-256D-4477-B377-6BBA693714AC}\setup.exe" -l0x7 -AddRemove
FreePDF (Remove only)-->C:\Programme\FreePDF_XP\fpsetup.exe /r
Funktion "TrackPoint-Eingabehilfen"-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EA664480-3844-11D5-8C25-444553540000}\Setup.exe"
GPL Ghostscript 8.71-->"C:\Programme\gs\uninstgs.exe" "C:\Programme\gs\gs8.71\uninstal.txt"
Help Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{986F64DC-FF15-449D-998F-EE3BCEC6666A}\SETUP.EXE" -l0x7 -AddRemove
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
InterVideo WinDVD-->"C:\Programme\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018FF}
Logitech Z-series Software 1.04-->MsiExec.exe /X{A157AC1C-DF44-481A-81E7-17AE00239818}
Maintenance Manager-->Rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\AWAYTASK.INF
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
Message Center Plus-->MsiExec.exe /X{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}
Message Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}\Setup.exe" -l0x7 -AddRemove
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - DEU\install.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe"
Microsoft Office XP German User Interface Pack-->MsiExec.exe /I{901E0407-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.6.6)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
Nikon Message Center-->MsiExec.exe /X{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
Nikon Transfer-->MsiExec.exe /X{E9757890-7EC5-46C8-99AB-B00F07B6525C}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{1B9B5B3B-28E7-4E59-A80D-D670AA984514}
Nokia PC Suite-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_ger_web.exe
Nokia PC Suite-->MsiExec.exe /I{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}
Nokia Software Updater-->MsiExec.exe /X{09C468CA-2940-466A-AAE8-DCC0C6E9323C}
OpenVPN 2.1.1-->C:\Programme\OpenVPN\Uninstall.exe
PC Connectivity Solution-->MsiExec.exe /I{DCD22647-6D31-479D-8F97-16D0AA934D9E}
PC-Doctor 5 für Windows-->C:\Programme\PCDR5\uninst.exe
Picture Control Utility-->MsiExec.exe /X{87441A59-5E64-4096-A170-14EFE67200C3}
Präsentationsdirektor-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{65706020-7B6F-41F2-8047-FC69579E386A}\SETUP.EXE" -l0x7 -AddRemove
Presto! PageManager 7.15.16-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}\PMSetup.exe" -l0x7 anythinganything -removeonly
QuickTime-->MsiExec.exe /I{E0D51394-1D45-460A-B62D-383BC4F8B335}
RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
RedMon - Redirection Port Monitor-->C:\WINDOWS\system32\unredmon.exe
Remove Multimedia Center-->C:\swtools\apps\MMCfTO\customiz\sequencer.exe -fc:\swtools\apps\MMCfTO\customiz\uninst.seq
Rescue and Recovery Critical Patch for Windows Update (KB917422)-->MsiExec.exe /X{83E5061B-A69A-46AD-A780-1DA6569FF283}
Rescue and Recovery-->MsiExec.exe /I{7726CF62-7B45-4E6D-9266-615346816BCA}
ScanSoft OmniPage SE 4-->MsiExec.exe /I{DEE88727-779B-47A9-ACEF-F87CA5F92A65}
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic Icons for Lenovo-->MsiExec.exe /I{B334D9AE-1393-423E-97C0-3BDC3360E692}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SoundMAX-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x7 -removeonly
Spelling Dictionaries For Adobe Reader Package-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-7E8A450000A7}
System Migration Assistant-->MsiExec.exe /X{9EA84FDD-CCC0-47FD-A993-923165BEA47A}
System Update-->MsiExec.exe /X{8675339C-128C-44DD-83BF-0A5D6ABD8297}
TeamViewer 5-->C:\Programme\TeamViewer\Version5\uninstall.exe
ThinkPad Energie-Manager-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}\SETUP.EXE" -l0x7 -AddRemove
ThinkPad FullScreen Magnifier-->rundll32.exe "C:\Programme\Lenovo\ZOOM\cleanup.dll",InfUninstall DefaultUninstall 132 C:\Programme\Lenovo\Zoom\TpScrex.inf
ThinkPad Modem-->C:\Programme\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588\UIU32m.exe -U -ITkp0588k.INF
ThinkPad PC Card Power Policy-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUnInstall 132 C:\SWTOOLS\OSFIXES\PCMCIAPW\pcmciapw.inf
ThinkPad Power Management Driver-->RunDll32.exe tpinspm.dll,Uninstall
ThinkPad UltraNav Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
ThinkPad-Dienstprogramm 'EasyEject'-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{1297C681-92D7-40EF-93BF-03F66EC5105C}\SETUP.EXE" -l0x7 -AddRemove
ThinkPad-Konfiguration-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FC081D4D-DF1B-4CF1-B530-027E4118D846}\setup.exe" -l0x7 -AddRemove
ThinkPad-UltraNav-Assistent-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}\SETUP.EXE" -l0x7 UNINSTALL
ThinkVantage Access Connections-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7EB114D8-207F-45AE-BABD-1669715F2630}\setup.exe" -l0x7 anything
ThinkVantage Fingerprint Software-->MsiExec.exe /I{6CE851D7-DD98-489A-9227-5BBE08E7064B}
ThinkVantage Productivity Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}\setup.exe" -l0x7 -AddRemove
ThinkVantage System für aktiven Festplattenschutz-->MsiExec.exe /X{46A84694-59EC-48F0-964C-7E76E9F8A2ED}
ThinkVantage Technologies Welcome Message-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{1007F41F-7D69-468E-8017-3849A5A973C2}\SETUP.EXE" -l0x7 anything
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update für Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
ViewNX-->MsiExec.exe /X{F007CBCE-D714-4C0B-8CE9-9B0D78116468}
Wallpapers-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}\Setup.exe" -l0x7 UNINSTALL
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_0777326F40B753DD4E385F058ADB286B70A301FE\nokbtmdm.inf
Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_AAB746D5658CCF4CAE7A35CED5F0ADA3C447A973\nokia_bluetooth.inf
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
XP Themes-->MsiExec.exe /I{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}
======Security center information======
AV: AntiVir Desktop
======System event log======
Computer Name: SCHLEPPTOP
Event Code: 7036
Message: Dienst "Gatewaydienst auf Anwendungsebene" befindet sich jetzt im Status "Ausgeführt".
Record Number: 10842
Source Name: Service Control Manager
Time Written: 20100601083011.000000+120
Event Type: Informationen
User:
Computer Name: SCHLEPPTOP
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "Gatewaydienst auf Anwendungsebene" gesendet.
Record Number: 10841
Source Name: Service Control Manager
Time Written: 20100601083011.000000+120
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: SCHLEPPTOP
Event Code: 7036
Message: Dienst "Telefonie" befindet sich jetzt im Status "Ausgeführt".
Record Number: 10840
Source Name: Service Control Manager
Time Written: 20100601083011.000000+120
Event Type: Informationen
User:
Computer Name: SCHLEPPTOP
Event Code: 7036
Message: Dienst "WMI-Leistungsadapter" befindet sich jetzt im Status "Ausgeführt".
Record Number: 10839
Source Name: Service Control Manager
Time Written: 20100601083011.000000+120
Event Type: Informationen
User:
Computer Name: SCHLEPPTOP
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "Telefonie" gesendet.
Record Number: 10838
Source Name: Service Control Manager
Time Written: 20100601083011.000000+120
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
=====Application event log=====
Computer Name: SCHLEPPTOP
Event Code: 2
Message: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-CAB-Datei wurde erfolgreich durchgeführt von <h**p://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Record Number: 1506
Source Name: crypt32
Time Written: 20100419174516.000000+120
Event Type: Informationen
User:
Computer Name: SCHLEPPTOP
Event Code: 7
Message: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer wurde erfolgreich durchgeführt von <h**p://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.
Record Number: 1505
Source Name: crypt32
Time Written: 20100419174516.000000+120
Event Type: Informationen
User:
Computer Name: SCHLEPPTOP
Event Code: 11
Message: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <h**p://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.
.
Record Number: 1504
Source Name: crypt32
Time Written: 20100419174516.000000+120
Event Type: Fehler
User:
Computer Name: SCHLEPPTOP
Event Code: 11
Message: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <h**p://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.
.
Record Number: 1503
Source Name: crypt32
Time Written: 20100419174516.000000+120
Event Type: Fehler
User:
Computer Name: SCHLEPPTOP
Event Code: 2
Message: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-CAB-Datei wurde erfolgreich durchgeführt von <h**p://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Record Number: 1502
Source Name: crypt32
Time Written: 20100419174516.000000+120
Event Type: Informationen
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Programme\PC Connectivity Solution\;C:\Programme\ThinkPad\Utilities;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Intel\Wireless\Bin\;C:\Programme\Diskeeper Corporation\Diskeeper\;C:\Programme\ThinkPad\ConnectUtilities;C:\Programme\Gemeinsame Dateien\Lenovo;C:\Programme\Lenovo\Client Security Solution;C:\Programme\ATI Technologies\ATI.ACE\Core-Static;C:\Programme\Gemeinsame Dateien\Acronis\SnapAPI\;C:\Programme\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 12, GenuineIntel
"PROCESSOR_REVISION"=0e0c
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SMA"=C:\Programme\ThinkVantage\SMA\
"SonicCentral"=C:\Programme\Gemeinsame Dateien\Sonic Shared\Sonic Central\
"TVT"=C:\Programme\Lenovo
"TVTCOMMON"=C:\Programme\Gemeinsame Dateien\Lenovo
"SWSHARE"=C:\SWSHARE
"RR"=C:\Programme\Lenovo\Rescue and Recovery
"TVTPYDIR"=C:\Programme\Gemeinsame Dateien\Lenovo\Python24
"TPCCommon"=C:\PROGRA~1\THINKV~2\PrdCtr
"CLASSPATH"=.;C:\Programme\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
|
| Themen zu AV Security Suite - Nach Entfernung öffnen sich in Firefox ungewünschte Tabs |
| 32 bit, antivir, antivir guard, av security suite, avgntflt.sys, avira, bho, bildschirm, browser, desktop, device driver, excel, fehler, festplatte, firefox, flash player, fontcache, gerätetreiber, google, hijack, hijackthis, hkus\s-1-5-18, hotfix.exe, iastor.sys, launch, lenovo, mozilla, msiexec.exe, notification, plug-in, registry, remote control, rundll, security, security suite, security update, sicherheit, software, starten, system, thinkvantage registry monitor service, usbvideo.sys, windows internet, windows internet explorer, windows xp, wlan |
Baum-Darstellung