| schabigel | 07.09.2014 17:30 |
geschafft. hier der frst code
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-09-2014
Ran by Hannah (administrator) on HAN on 07-09-2014 18:25:17
Running from C:\Users\Hannah\Desktop\log
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccsvchst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Expansion Programs International, Inc.) C:\SIMULIA\Documentation\monitor.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Expansion Programs International, Inc.) C:\SIMULIA\Documentation\monitor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo.) C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccsvchst.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
() C:\Users\Hannah\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dropbox, Inc.) C:\Users\Hannah\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2731304 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-04-04] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2011-02-28] (Lenovo Group Limited)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-520259125-1151406565-3881518591-1001\...\Run: [Spotify Web Helper] => C:\Users\Hannah\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [932528 2012-05-04] ()
HKU\S-1-5-21-520259125-1151406565-3881518591-1001\...\Run: [EPSON SX210 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE [223232 2008-11-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-520259125-1151406565-3881518591-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-520259125-1151406565-3881518591-1001\...\Policies\Explorer: []
HKU\S-1-5-21-520259125-1151406565-3881518591-1001\...\MountPoints2: {2fb072b5-1871-11e2-ab1d-f0def19bf69b} - D:\HPLauncher.exe
HKU\S-1-5-21-520259125-1151406565-3881518591-1001\...\MountPoints2: {5fdd2ff6-fb7a-11e0-b41a-806e6f6e6963} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-06-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-06-01] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hannah\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\SysWOW64\AcSignIcon.dll No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8897;https=127.0.0.1:8897
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deAT457AT457
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 11 C:\Windows\system32\tnnsja2pw.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
FireFox:
========
FF ProfilePath: C:\Users\Hannah\AppData\Roaming\Mozilla\Firefox\Profiles\hzgny1ku.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-19]
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-10-21]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn [2014-09-07]
Chrome:
=======
CHR Profile: C:\Users\Hannah\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\Exts\Chrome.crx [2014-02-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2012-10-17] (Autodesk)
R2 DFSVC; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe [376832 2009-10-21] (T-Systems International GmbH) [File not signed]
R2 Dnscache; C:\Windows\System32\pouaehyzw.dll [354304 2012-06-02] (Parental Solutions Inc.) [File not signed]
R3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-03-23] (Lenovo.)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [163840 2007-12-17] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (SEIKO EPSON CORPORATION) [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-22] (SafeNet Inc.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2010-12-14] (Lenovo Group Limited) [File not signed]
R2 Texis Monitor; C:\SIMULIA\Documentation\monitor.exe [4493312 2011-12-13] (Expansion Programs International, Inc.) [File not signed]
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-12-11] (Lenovo Group Limited) [File not signed]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-12-11] (Lenovo Group Limited)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84088 2011-04-13] (Symantec Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-08-25] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [296576 2012-06-15] (SafeNet Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-19] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
S3 DFSYS; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS [17952 2009-10-15] (T-Systems International GmbH)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20140903.001\IDSvia64.sys [633560 2014-08-23] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140903.022\ENG64.SYS [129752 2014-09-04] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140903.022\EX64.SYS [2137304 2014-09-04] (Symantec Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-10-21] ()
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI64.sys [28192 2009-10-15] (T-Systems International GmbH)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-07-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-07 18:25 - 2014-09-07 18:25 - 00000000 ____D () C:\FRST
2014-09-07 18:21 - 2014-09-07 18:22 - 02104832 _____ (Farbar) C:\Users\Hannah2\Downloads\FRST64.exe
2014-09-07 18:18 - 2014-09-07 18:20 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Skype
2014-09-07 18:18 - 2014-09-07 18:18 - 00000000 ____D () C:\Users\Hannah2\Documents\Bluetooth-Exchange-Ordner
2014-09-07 18:18 - 2014-09-07 18:18 - 00000000 ____D () C:\Users\Hannah2\AppData\Local\Skype
2014-09-07 18:18 - 2014-09-07 18:18 - 00000000 ____D () C:\Users\Hannah2\AppData\Local\Broadcom
2014-09-04 14:30 - 2014-09-04 14:30 - 00058791 _____ () C:\Users\Hannah2\Downloads\gmer.log
2014-09-04 14:30 - 2014-09-04 14:30 - 00000476 _____ () C:\Users\Hannah2\Downloads\defogger_disable.log
2014-09-04 14:30 - 2014-09-04 14:30 - 00000476 _____ () C:\Users\Hannah2\Downloads\defogger_disable (1).log
2014-09-04 13:02 - 2014-09-04 13:02 - 00442624 _____ () C:\Windows\Minidump\090414-70855-01.dmp
2014-09-04 12:38 - 2014-09-04 12:38 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Notepad++
2014-09-04 11:59 - 2014-09-07 18:25 - 00000000 ____D () C:\Users\Hannah\Desktop\log
2014-09-04 11:52 - 2014-09-04 11:52 - 00058791 _____ () C:\Users\Hannah2\Documents\gmer.log
2014-09-04 11:35 - 2014-09-04 11:35 - 00000000 __SHD () C:\Users\Hannah2\AppData\Local\EmieUserList
2014-09-04 11:35 - 2014-09-04 11:35 - 00000000 __SHD () C:\Users\Hannah2\AppData\Local\EmieSiteList
2014-09-04 11:26 - 2014-09-04 11:26 - 00000476 _____ () C:\Users\Hannah2\Documents\defogger_disable.log
2014-09-04 11:26 - 2014-09-04 11:26 - 00000000 _____ () C:\Users\Hannah2\defogger_reenable
2014-09-04 11:25 - 2014-09-04 11:25 - 00380416 _____ () C:\Users\Hannah2\Downloads\Gmer-19357.exe
2014-09-04 11:25 - 2014-09-04 11:25 - 00380416 _____ () C:\Users\Hannah2\Documents\Gmer-19357.exe
2014-09-04 11:25 - 2014-09-04 11:16 - 00050477 _____ () C:\Users\Hannah2\Documents\Defogger.exe
2014-09-04 11:20 - 2014-09-04 11:20 - 00000474 _____ () C:\Users\Gast\Downloads\defogger_disable.log
2014-09-04 11:20 - 2014-09-04 11:20 - 00000474 _____ () C:\Users\Gast\Documents\defogger_disable.log
2014-09-04 11:20 - 2014-09-04 11:20 - 00000000 _____ () C:\Users\Hannah\defogger_reenable
2014-09-04 11:20 - 2014-09-04 11:18 - 00380416 _____ () C:\Users\Gast\Documents\ipc2lu6b.exe
2014-09-04 11:20 - 2014-09-04 11:16 - 00050477 _____ () C:\Users\Gast\Documents\Defogger.exe
2014-09-04 11:18 - 2014-09-04 11:18 - 00380416 _____ () C:\Users\Gast\Downloads\ipc2lu6b.exe
2014-09-04 11:16 - 2014-09-04 11:16 - 00050477 _____ () C:\Users\Gast\Downloads\Defogger.exe
2014-09-04 11:15 - 2014-09-04 11:15 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Macromedia
2014-09-04 10:53 - 2014-09-04 10:56 - 00000000 ____D () C:\AdwCleaner
2014-09-04 10:52 - 2014-09-04 10:48 - 01370467 _____ () C:\Users\Public\Documents\adwcleaner_3.309.exe
2014-09-04 10:48 - 2014-09-04 10:48 - 01370467 _____ () C:\Users\Hannah2\Downloads\adwcleaner_3.309.exe
2014-09-02 01:19 - 2014-09-02 01:19 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\PwrMgr
2014-09-01 23:28 - 2014-09-01 23:28 - 00000000 ____D () C:\Users\Hannah2\AppData\Local\CrashDumps
2014-09-01 23:27 - 2014-09-01 23:27 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Macromedia
2014-09-01 23:26 - 2014-09-01 23:26 - 00133336 _____ () C:\Users\Hannah2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-01 23:26 - 2014-09-01 23:26 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Leadertech
2014-09-01 23:26 - 2014-09-01 23:26 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Apple Computer
2014-09-01 23:26 - 2014-09-01 23:26 - 00000000 ____D () C:\Users\Hannah2\AppData\Local\Google
2014-09-01 23:25 - 2014-09-01 23:25 - 00001432 _____ () C:\Users\Hannah2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-01 23:25 - 2014-09-01 23:25 - 00000020 ___SH () C:\Users\Hannah2\ntuser.ini
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Vorlagen
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Startmenü
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Netzwerkumgebung
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Lokale Einstellungen
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Eigene Dateien
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Druckumgebung
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Documents\Eigene Musik
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Documents\Eigene Bilder
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\AppData\Local\Verlauf
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\AppData\Local\Anwendungsdaten
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Anwendungsdaten
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Intel
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Adobe
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 ____D () C:\Users\Hannah2\AppData\Local\VirtualStore
2014-09-01 23:25 - 2011-11-23 01:20 - 00000000 ____D () C:\Users\Hannah2\AppData\Local\Microsoft Help
2014-09-01 23:24 - 2014-09-04 11:26 - 00000000 ____D () C:\Users\Hannah2
2014-09-01 23:24 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Hannah2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-01 23:24 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Hannah2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-31 20:26 - 2014-08-31 20:26 - 00000000 ____D () C:\Users\Hannah\Documents\notitzen
2014-08-27 20:30 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 20:30 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 20:30 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 22:11 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-20 22:11 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-20 22:11 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-20 22:11 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-20 22:11 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-20 22:11 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-20 22:10 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-20 22:10 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-20 17:26 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-20 17:26 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-20 17:26 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-20 17:26 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-20 17:26 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-20 17:26 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-20 17:26 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-20 17:26 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-20 17:26 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-20 17:26 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-20 17:26 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-20 17:26 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-20 17:25 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-20 17:25 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-20 17:25 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-20 17:25 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-20 17:25 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-20 17:25 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-20 17:25 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-20 17:25 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-20 17:25 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-20 17:25 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-20 17:25 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-20 17:25 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-20 17:25 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-20 17:25 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-20 17:25 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-20 17:25 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-20 17:25 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-20 17:25 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-20 17:25 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-20 17:25 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-20 17:25 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-20 17:25 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-20 17:25 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-20 17:25 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-20 17:25 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-20 17:25 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-20 17:25 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-20 17:25 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-20 17:25 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-20 17:25 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-20 17:25 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-20 17:25 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-20 17:25 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-20 17:25 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-20 17:25 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-20 17:25 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-20 17:25 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-20 17:25 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-20 17:25 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-20 17:25 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-20 17:25 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-20 17:25 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-20 17:25 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-20 17:25 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-20 17:25 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-20 17:25 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-20 17:25 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-20 17:25 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-20 17:25 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-20 17:25 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-20 17:25 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-20 17:25 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-20 17:25 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-20 17:25 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-20 17:25 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-20 17:25 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-20 17:25 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-20 17:25 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-20 17:25 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-20 17:25 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-07 18:25 - 2014-09-07 18:25 - 00000000 ____D () C:\FRST
2014-09-07 18:25 - 2014-09-04 11:59 - 00000000 ____D () C:\Users\Hannah\Desktop\log
2014-09-07 18:24 - 2011-10-21 02:47 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-07 18:22 - 2014-09-07 18:21 - 02104832 _____ (Farbar) C:\Users\Hannah2\Downloads\FRST64.exe
2014-09-07 18:20 - 2014-09-07 18:18 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Skype
2014-09-07 18:20 - 2011-10-21 12:09 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-07 18:20 - 2011-10-21 12:09 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-07 18:20 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-07 18:18 - 2014-09-07 18:18 - 00000000 ____D () C:\Users\Hannah2\Documents\Bluetooth-Exchange-Ordner
2014-09-07 18:18 - 2014-09-07 18:18 - 00000000 ____D () C:\Users\Hannah2\AppData\Local\Skype
2014-09-07 18:18 - 2014-09-07 18:18 - 00000000 ____D () C:\Users\Hannah2\AppData\Local\Broadcom
2014-09-07 18:18 - 2014-05-18 20:54 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-07 18:18 - 2014-05-18 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-07 18:18 - 2011-11-15 20:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-07 18:18 - 2011-11-15 20:49 - 00000000 ____D () C:\ProgramData\Skype
2014-09-07 18:17 - 2011-11-07 20:43 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-09-07 18:17 - 2011-10-21 02:47 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-07 18:00 - 2009-07-14 06:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-07 18:00 - 2009-07-14 06:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-07 17:52 - 2011-10-21 02:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-07 17:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-07 17:51 - 2009-07-14 06:51 - 00176606 _____ () C:\Windows\setupact.log
2014-09-05 21:22 - 2011-10-21 02:22 - 01379812 _____ () C:\Windows\WindowsUpdate.log
2014-09-04 16:33 - 2013-03-22 01:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-04 15:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-04 14:30 - 2014-09-04 14:30 - 00058791 _____ () C:\Users\Hannah2\Downloads\gmer.log
2014-09-04 14:30 - 2014-09-04 14:30 - 00000476 _____ () C:\Users\Hannah2\Downloads\defogger_disable.log
2014-09-04 14:30 - 2014-09-04 14:30 - 00000476 _____ () C:\Users\Hannah2\Downloads\defogger_disable (1).log
2014-09-04 13:02 - 2014-09-04 13:02 - 00442624 _____ () C:\Windows\Minidump\090414-70855-01.dmp
2014-09-04 13:02 - 2011-12-09 15:09 - 952932468 _____ () C:\Windows\MEMORY.DMP
2014-09-04 13:02 - 2011-12-09 15:09 - 00000000 ____D () C:\Windows\Minidump
2014-09-04 12:38 - 2014-09-04 12:38 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Notepad++
2014-09-04 11:52 - 2014-09-04 11:52 - 00058791 _____ () C:\Users\Hannah2\Documents\gmer.log
2014-09-04 11:35 - 2014-09-04 11:35 - 00000000 __SHD () C:\Users\Hannah2\AppData\Local\EmieUserList
2014-09-04 11:35 - 2014-09-04 11:35 - 00000000 __SHD () C:\Users\Hannah2\AppData\Local\EmieSiteList
2014-09-04 11:26 - 2014-09-04 11:26 - 00000476 _____ () C:\Users\Hannah2\Documents\defogger_disable.log
2014-09-04 11:26 - 2014-09-04 11:26 - 00000000 _____ () C:\Users\Hannah2\defogger_reenable
2014-09-04 11:26 - 2014-09-01 23:24 - 00000000 ____D () C:\Users\Hannah2
2014-09-04 11:25 - 2014-09-04 11:25 - 00380416 _____ () C:\Users\Hannah2\Downloads\Gmer-19357.exe
2014-09-04 11:25 - 2014-09-04 11:25 - 00380416 _____ () C:\Users\Hannah2\Documents\Gmer-19357.exe
2014-09-04 11:20 - 2014-09-04 11:20 - 00000474 _____ () C:\Users\Gast\Downloads\defogger_disable.log
2014-09-04 11:20 - 2014-09-04 11:20 - 00000474 _____ () C:\Users\Gast\Documents\defogger_disable.log
2014-09-04 11:20 - 2014-09-04 11:20 - 00000000 _____ () C:\Users\Hannah\defogger_reenable
2014-09-04 11:20 - 2011-11-08 03:38 - 00000000 ____D () C:\Users\Hannah
2014-09-04 11:18 - 2014-09-04 11:20 - 00380416 _____ () C:\Users\Gast\Documents\ipc2lu6b.exe
2014-09-04 11:18 - 2014-09-04 11:18 - 00380416 _____ () C:\Users\Gast\Downloads\ipc2lu6b.exe
2014-09-04 11:16 - 2014-09-04 11:25 - 00050477 _____ () C:\Users\Hannah2\Documents\Defogger.exe
2014-09-04 11:16 - 2014-09-04 11:20 - 00050477 _____ () C:\Users\Gast\Documents\Defogger.exe
2014-09-04 11:16 - 2014-09-04 11:16 - 00050477 _____ () C:\Users\Gast\Downloads\Defogger.exe
2014-09-04 11:15 - 2014-09-04 11:15 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Macromedia
2014-09-04 11:12 - 2013-10-31 20:06 - 00133336 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-04 11:12 - 2013-10-31 20:06 - 00001432 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-04 10:58 - 2010-11-21 05:47 - 01632692 _____ () C:\Windows\PFRO.log
2014-09-04 10:56 - 2014-09-04 10:53 - 00000000 ____D () C:\AdwCleaner
2014-09-04 10:48 - 2014-09-04 10:52 - 01370467 _____ () C:\Users\Public\Documents\adwcleaner_3.309.exe
2014-09-04 10:48 - 2014-09-04 10:48 - 01370467 _____ () C:\Users\Hannah2\Downloads\adwcleaner_3.309.exe
2014-09-04 10:25 - 2011-11-07 20:43 - 00003484 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-09-04 10:25 - 2011-11-07 20:43 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-09-02 01:19 - 2014-09-02 01:19 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\PwrMgr
2014-09-01 23:52 - 2011-11-26 17:44 - 00000425 _____ () C:\Windows\BRWMARK.INI
2014-09-01 23:52 - 2011-11-26 17:44 - 00000027 _____ () C:\Windows\BRPP2KA.INI
2014-09-01 23:28 - 2014-09-01 23:28 - 00000000 ____D () C:\Users\Hannah2\AppData\Local\CrashDumps
2014-09-01 23:27 - 2014-09-01 23:27 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Macromedia
2014-09-01 23:26 - 2014-09-01 23:26 - 00133336 _____ () C:\Users\Hannah2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-01 23:26 - 2014-09-01 23:26 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Leadertech
2014-09-01 23:26 - 2014-09-01 23:26 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Apple Computer
2014-09-01 23:26 - 2014-09-01 23:26 - 00000000 ____D () C:\Users\Hannah2\AppData\Local\Google
2014-09-01 23:25 - 2014-09-01 23:25 - 00001432 _____ () C:\Users\Hannah2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-01 23:25 - 2014-09-01 23:25 - 00000020 ___SH () C:\Users\Hannah2\ntuser.ini
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Vorlagen
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Startmenü
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Netzwerkumgebung
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Lokale Einstellungen
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Eigene Dateien
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Druckumgebung
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Documents\Eigene Musik
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Documents\Eigene Bilder
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\AppData\Local\Verlauf
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\AppData\Local\Anwendungsdaten
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 _SHDL () C:\Users\Hannah2\Anwendungsdaten
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Intel
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 ____D () C:\Users\Hannah2\AppData\Roaming\Adobe
2014-09-01 23:25 - 2014-09-01 23:25 - 00000000 ____D () C:\Users\Hannah2\AppData\Local\VirtualStore
2014-09-01 23:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-01 18:05 - 2012-01-22 21:39 - 00000000 ___RD () C:\Users\Hannah\Dropbox
2014-09-01 17:01 - 2011-11-11 15:08 - 00000000 ____D () C:\Users\Hannah\Documents\_Uni
2014-09-01 08:17 - 2012-01-22 21:36 - 00000000 ____D () C:\Users\Hannah\AppData\Roaming\Dropbox
2014-08-31 20:26 - 2014-08-31 20:26 - 00000000 ____D () C:\Users\Hannah\Documents\notitzen
2014-08-31 10:59 - 2009-07-14 06:45 - 00441032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 10:40 - 2012-09-25 17:33 - 00000600 _____ () C:\Users\Hannah\AppData\Roaming\winscp.rnd
2014-08-27 10:32 - 2012-03-26 22:41 - 00000000 ____D () C:\Users\Hannah\AppData\Roaming\Opera
2014-08-27 10:32 - 2012-03-26 22:41 - 00000000 ____D () C:\Users\Hannah\AppData\Local\Opera
2014-08-27 10:32 - 2012-03-26 22:40 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-08-27 10:23 - 2011-11-07 20:43 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-08-27 00:09 - 2014-08-04 10:34 - 00000000 ____D () C:\Users\Hannah\Desktop\TONETTE BILDER
2014-08-26 23:45 - 2011-11-07 20:43 - 00004224 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-08-26 23:15 - 2014-06-19 23:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-26 23:15 - 2012-06-26 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-23 04:07 - 2014-08-27 20:30 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 20:30 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 20:30 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 09:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-20 22:23 - 2011-11-11 12:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-20 22:18 - 2013-08-14 18:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-20 22:16 - 2011-11-13 17:04 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-20 22:10 - 2014-05-07 08:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-20 22:05 - 2011-11-15 20:49 - 00000000 ____D () C:\Users\Hannah\AppData\Roaming\Skype
2014-08-20 17:18 - 2012-01-22 21:37 - 00000000 ____D () C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
Files to move or delete:
====================
C:\Users\Hannah\Abaqus_6.13-2SE_win86_64.exe
C:\Users\Hannah\AutoCAD_2014_German_Win_64bit_dlm.sfx.exe
C:\Users\Hannah\npp.6.3.3.Installer.exe
Some content of TEMP:
====================
C:\Users\Hannah\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6c1blj.dll
C:\Users\Hannah\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-04 15:39
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-09-2014
Ran by Hannah at 2014-09-07 18:26:59
Running from C:\Users\Hannah\Desktop\log
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 Online (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Online (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Online (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Abaqus 6.13 Student Edition (HKLM\...\Abaqus 6.13 Student Edition) (Version: 6.13.0.0 - Dassault Systemes Simulia Corp.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.5) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.5 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.22.00 - )
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{75104836-CAC7-444E-A39E-3F54151942F5}) (Version: 4.0.0.97 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoCAD 2014 - Deutsch (German) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - Deutsch (German) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - Deutsch (German) (HKLM\...\AutoCAD 2014 - Deutsch (German)) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
Calc 3D Pro 2.1.10 (HKLM-x32\...\Calc 3D Pro_is1) (Version: 2.1.10 - )
Cisco AnyConnect VPN Client (HKLM-x32\...\{7240A69A-AC53-46A1-9039-1281DDBBE452}) (Version: 2.5.3055 - Cisco Systems, Inc.)
Cisco AnyConnect VPN Client Start Before Login Components (HKLM-x32\...\{52F51D1B-46A6-4AD8-AC4C-FEABCD1555BC}) (Version: 2.5.3055 - Cisco Systems, Inc.)
Clue for Windows (HKLM\...\Clue) (Version: 9.0.110815 - Clue Norge ASA)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft)
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX210 Series (HKLM\...\EPSON SX210 Series) (Version: - SEIKO EPSON Corporation)
EPANET 2.0 (HKLM-x32\...\EPANET 2.0) (Version: - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Free YouTube to MP3 Converter version 3.11.19.412 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.19.412 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 12.0.742.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HEC-RAS 4.1.0 (HKLM-x32\...\{692F1402-6F45-42F3-9D82-9AAEFBFAD4A1}) (Version: 4.1.0 - Hydrologic Engineering Center)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}) (Version: 10.5.1.42 - Apple Inc.)
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Macromedia Flash Player 8 (HKLM-x32\...\ShockwaveFlash) (Version: 8 - Macromedia)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft HPC Pack 2008 R2 MS-MPI Redistributable Pack (HKLM\...\{D3299935-57F7-403A-9D7B-0B8F9F56F44B}) (Version: 3.0.2369.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM\...\{08ECC740-2B3E-45D7-860C-59B511386286}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual Basic Power Packs 3.0 (HKLM-x32\...\{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}) (Version: 9.0.30214 - Microsoft)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 6.4.1.14 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
NVIDIA 3D Vision Treiber 268.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.71 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.71 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.41.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6871 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 268.71 (Version: 268.71 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.10 - Lenovo)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Rescue and Recovery (HKLM-x32\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.31.0010.00 - Lenovo Group Limited)
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
RuckZuck (HKLM-x32\...\{430B625F-9C37-4FC6-8191-7B1BFE922F83}) (Version: 6.0.10 - MURSOFT)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
SQL Server System CLR Types (HKLM\...\{2D766E70-7670-41A8-B370-1E09084ABA5D}) (Version: 10.1.2531.0 - Microsoft Corporation)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0042 - Lenovo)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.22 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.61.00.11 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.19.0 - )
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.01 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
T-Home Dialerschutz-Software (HKLM-x32\...\{E8C5BD56-F5D8-41D3-8A71-273468FE256A}) (Version: - )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
VIPAccess (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.1.91 - Ihr Firmenname)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows-Treiberpaket - Intel (MEIx64) System (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows-Treiberpaket - Intel USB (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows-Treiberpaket - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
WinSCP 4.3.9 (HKLM-x32\...\winscp3_is1) (Version: 4.3.9 - Martin Prikryl)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hannah\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acad.exe No File
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\de-DE\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hannah\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hannah\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hannah\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hannah\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hannah\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hannah\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hannah\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-520259125-1151406565-3881518591-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hannah\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
01-08-2014 16:07:22 Windows Update
20-08-2014 20:10:04 Windows Update
27-08-2014 18:38:00 Windows Update
04-09-2014 07:54:39 Norton 360 Registry Clean
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0BA7FB15-BA6B-46A7-974B-43266495A80C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-21] (Google Inc.)
Task: {0EA9CABD-7EF2-458E-9D74-68D16DD756BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-21] (Google Inc.)
Task: {1875289B-108A-4ABE-A6E4-83BB9CE88114} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {540607DE-802B-4655-ACFC-D3D6E63DC3AD} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {61523CB3-A6F8-4AD8-9CB2-5F07838741F8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {69697DD4-B494-4467-9E92-45B5D8CF145D} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {6A5AC1DD-05C9-436F-AC9A-4839BB83B68D} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-03-23] (Lenovo Group Limited)
Task: {710AD423-38FC-433A-B59D-CE4CF34A9E9E} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {789FBCB4-5E4F-4E1B-939F-8BF67293E91E} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {800A7C2B-11E1-46D8-96F2-77B89987A9D0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-20] (Adobe Systems Incorporated)
Task: {8B457751-3526-4F65-A933-5C8A7FD04755} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {A34D6E34-F674-425D-A47A-7797A4FB4454} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {A8D03C53-1785-45CC-8A3D-6BF9D7997711} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {E85A26C9-1C27-4D1D-8825-923ABDE21778} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {F8F4B120-7114-42C5-998D-4A3EC2D53DB1} - System32\Tasks\{35DD7FAA-F6A3-4512-9298-8113A63705C9} => c:\program files (x86)\opera\opera.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (whitelisted) =============
2012-01-27 18:40 - 2005-03-12 02:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 ____N () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-10-21 02:38 - 2011-03-23 20:48 - 00054272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2011-10-21 12:02 - 2011-03-24 12:48 - 00057640 ____N () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2011-10-21 02:32 - 2010-10-26 22:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2011-10-21 02:35 - 2011-03-06 13:07 - 00094208 ____N () C:\Windows\System32\IccLibDll_x64.dll
2012-05-04 17:21 - 2012-05-04 17:21 - 00932528 _____ () C:\Users\Hannah\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
2013-02-05 01:21 - 2013-02-05 01:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-05 01:21 - 2013-02-05 01:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2013-02-05 01:21 - 2013-02-05 01:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-05 01:21 - 2013-02-05 01:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2010-12-18 15:50 - 2010-12-18 15:50 - 00173856 ____N () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-10-21 02:39 - 2010-04-06 09:05 - 02085888 ____N () C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-10-21 02:39 - 2010-04-06 09:04 - 02201088 ____N () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2014-09-07 18:24 - 2014-09-07 18:24 - 00043008 _____ () c:\users\hannah\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6c1blj.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Hannah\AppData\Roaming\Dropbox\bin\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/07/2014 05:52:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/05/2014 09:10:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 01:03:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 11:00:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 10:25:03 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (1344) Asapi: (10:25:03:0240)(1344) libTonopahClient.DownloadManager - Error -- 135 HttpException : Http send request failed: getSystemErrormsg: FormatMessage(12029) failed with error: 317
Error: (09/04/2014 10:25:01 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (1344) Asapi: (10:25:01:8840)(1344) libTonopahClient.DownloadManager - Error -- 135 HttpException : Http send request failed: getSystemErrormsg: FormatMessage(12029) failed with error: 317
Error: (09/04/2014 10:12:07 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5608) Asapi: (10:12:07:2680)(5608) libTonopahClient.DownloadManager - Error -- 135 HttpException : Http send request failed: getSystemErrormsg: FormatMessage(12029) failed with error: 317
Error: (09/04/2014 10:06:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 09:59:06 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (6316) Asapi: (09:59:06:4430)(6316) libTonopahClient.DownloadManager - Error -- 135 HttpException : Http send request failed: getSystemErrormsg: FormatMessage(12029) failed with error: 317
Error: (09/04/2014 09:50:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (09/07/2014 05:52:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 87
Error: (09/04/2014 01:03:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 87
Error: (09/04/2014 01:02:36 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0xfffffa8006ce7b50, 0xfffff80000b9c3d0)C:\Windows\MEMORY.DMP090414-70855-01
Error: (09/04/2014 11:19:33 AM) (Source: DCOM) (EventID: 10016) (User: Han)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}HanGastS-1-5-21-520259125-1151406565-3881518591-501LocalHost (unter Verwendung von LRPC)
Error: (09/04/2014 11:19:33 AM) (Source: DCOM) (EventID: 10016) (User: Han)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}HanGastS-1-5-21-520259125-1151406565-3881518591-501LocalHost (unter Verwendung von LRPC)
Error: (09/04/2014 11:19:33 AM) (Source: DCOM) (EventID: 10016) (User: Han)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}HanGastS-1-5-21-520259125-1151406565-3881518591-501LocalHost (unter Verwendung von LRPC)
Error: (09/04/2014 11:19:33 AM) (Source: DCOM) (EventID: 10016) (User: Han)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}HanGastS-1-5-21-520259125-1151406565-3881518591-501LocalHost (unter Verwendung von LRPC)
Error: (09/04/2014 11:19:33 AM) (Source: DCOM) (EventID: 10016) (User: Han)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}HanGastS-1-5-21-520259125-1151406565-3881518591-501LocalHost (unter Verwendung von LRPC)
Error: (09/04/2014 11:19:33 AM) (Source: DCOM) (EventID: 10016) (User: Han)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}HanGastS-1-5-21-520259125-1151406565-3881518591-501LocalHost (unter Verwendung von LRPC)
Error: (09/04/2014 11:19:33 AM) (Source: DCOM) (EventID: 10016) (User: Han)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}HanGastS-1-5-21-520259125-1151406565-3881518591-501LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (09/07/2014 05:52:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/05/2014 09:10:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 01:03:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 11:00:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 10:25:03 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (1344) Asapi: (10:25:03:0240)(1344) libTonopahClient.DownloadManager - Error -- 135 HttpException : Http send request failed: getSystemErrormsg: FormatMessage(12029) failed with error: 317
Error: (09/04/2014 10:25:01 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (1344) Asapi: (10:25:01:8840)(1344) libTonopahClient.DownloadManager - Error -- 135 HttpException : Http send request failed: getSystemErrormsg: FormatMessage(12029) failed with error: 317
Error: (09/04/2014 10:12:07 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5608) Asapi: (10:12:07:2680)(5608) libTonopahClient.DownloadManager - Error -- 135 HttpException : Http send request failed: getSystemErrormsg: FormatMessage(12029) failed with error: 317
Error: (09/04/2014 10:06:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 09:59:06 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (6316) Asapi: (09:59:06:4430)(6316) libTonopahClient.DownloadManager - Error -- 135 HttpException : Http send request failed: getSystemErrormsg: FormatMessage(12029) failed with error: 317
Error: (09/04/2014 09:50:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-10-31 09:06:06.929
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-31 07:53:40.564
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-31 07:47:05.463
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-29 19:53:07.052
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-29 18:10:06.962
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-29 17:54:31.975
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-29 17:34:17.667
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-29 17:26:04.720
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-29 17:18:26.363
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-29 17:07:22.016
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 27%
Total physical RAM: 8075.23 MB
Available physical RAM: 5815.95 MB
Total Pagefile: 16148.65 MB
Available Pagefile: 13885.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:448.96 GB) (Free:207.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:6.11 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 687D3B45)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
