Trojaner-Board - dieses programm kann die webseite nicht anzeigen win7 home 64 bit

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - dieses programm kann die webseite nicht anzeigen win7 home 64 bit (https://www.trojaner-board.de/125156-programm-webseite-anzeigen-win7-home-64-bit.html)

dieses programm kann die webseite nicht anzeigen win7 home 64 bit

Liebe Helfer! :heilig:

Ich habe win7 home 64 bit mit mehreren Konten. 1 Admin 4 standard benutzer. Beim Öffnen eines der standard Benutzerkonnten bekomme ich nach dem Anmelden folgende Fehlermeldung "dieses programm kann die webseite nicht anzeigen" Es füllt den gesamten Bildschirm aus und ich kann nichts mehr machen.

Ich arbeite nun aus dem Admin Konto hier funktioniert alles einwandfrei.

Ich habe schon "Malwarebytes Anti-Malware", AVAST und Spyware Terminator 2012 durchlaufen lassen. Es wurde das eine oder andere gefunden, hat aber nicht das obige Problem beseitigt.

Nun habe ich den ohne Probleme den Defogger laufen lassen und disabled.

Nun lasse ich den OTL scan laufen.

:hallo:

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden. Es können mehrere Analyse- und Bereinigungsschritte erforderlich sein.
Abschließend entfernen wir wieder alle verwendeten Programme und ich gebe dir ein paar Tipps für die Zukunft mit auf den Weg.
Bei Anzeichen von illegaler Software wird der Support ohne Diskussion eingestellt.
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Führe nur Scans durch, zu denen du von mir oder einem anderen Helfer aufgefordert wirst.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software außer du wirst dazu aufgefordert.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Lass OTL laufen und poste die beiden Logdateien hier in dein Thema. :)

Hier ist der OTL txtOTL Logfile:

Code:

OTL logfile created on: 04.10.2012 17:48:45 - Run 1

OTL by OldTimer - Version 3.2.70.2     Folder = C:\Users\Jan\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

5,93 Gb Total Physical Memory | 3,89 Gb Available Physical Memory | 65,52% Memory free

11,87 Gb Paging File | 9,73 Gb Available in Paging File | 81,99% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 550,62 Gb Total Space | 228,88 Gb Free Space | 41,57% Space Free | Partition Type: NTFS

Drive D: | 30,59 Gb Total Space | 28,76 Gb Free Space | 93,99% Space Free | Partition Type: NTFS

 

Computer Name: SUPERHIRN | User Name: Jan | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.10.04 17:02:04 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe

PRC - [2012.10.04 17:00:16 | 000,050,477 | ---- | M] () -- C:\Users\Jan\Downloads\Defogger.exe

PRC - [2012.09.23 10:50:14 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

PRC - [2012.09.23 10:50:12 | 001,737,728 | ---- | M] (Lavasoft Limited                                                  ) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

PRC - [2012.09.07 01:57:30 | 003,673,808 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

PRC - [2012.09.07 01:57:20 | 002,777,296 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe

PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe

PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe

PRC - [2012.08.08 10:17:00 | 000,540,056 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

PRC - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe

PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2011.03.18 09:11:51 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe

PRC - [2010.02.04 00:48:12 | 000,167,008 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe

PRC - [2010.01.24 12:47:46 | 001,021,888 | ---- | M] (Lenovo) -- C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe

PRC - [2010.01.21 20:05:08 | 000,177,384 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\PlayMovie\PMVService.exe

PRC - [2009.12.19 04:52:48 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe

PRC - [2009.11.20 17:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2009.11.04 23:45:46 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2009.11.04 23:45:44 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.10.04 17:00:16 | 000,050,477 | ---- | M] () -- C:\Users\Jan\Downloads\Defogger.exe

MOD - [2012.09.25 11:42:58 | 000,460,312 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll

MOD - [2012.09.25 11:42:57 | 012,278,808 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll

MOD - [2012.09.25 11:42:55 | 004,005,912 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll

MOD - [2012.09.25 11:41:39 | 000,578,072 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll

MOD - [2012.09.25 11:41:38 | 000,123,416 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll

MOD - [2012.09.25 11:41:27 | 000,156,712 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll

MOD - [2012.09.25 11:41:26 | 000,275,496 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll

MOD - [2012.09.25 11:41:24 | 002,168,360 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll

MOD - [2012.01.16 21:06:32 | 000,577,621 | ---- | M] () -- C:\Program Files (x86)\Spyware Terminator\sqlite3.dll

MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011.03.18 09:11:51 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe

MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf

MOD - [2009.12.19 04:52:48 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe

MOD - [2009.12.19 04:51:18 | 000,133,024 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll

MOD - [2009.12.19 04:50:38 | 000,161,696 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2010.05.05 17:25:52 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV - [2012.09.23 10:50:12 | 001,737,728 | ---- | M] (Lavasoft Limited                                                  ) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)

SRV - [2012.09.07 01:57:38 | 001,148,664 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)

SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.07.12 11:04:44 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate)

SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc)

SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2011.07.22 15:26:40 | 000,690,472 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.01.12 18:15:24 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)

SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2009.12.30 08:27:00 | 000,069,568 | ---- | M] (Lenovo) [Auto | Running] -- C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe -- (Slidebar Notifier Service)

SRV - [2009.11.20 17:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)

SRV - [2009.11.17 17:00:54 | 000,575,304 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)

SRV - [2009.11.04 23:45:46 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2009.11.04 23:45:44 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)

SRV - [2009.08.14 16:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)

SRV - [2009.07.16 20:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)

SRV - [2009.07.15 07:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)

SRV - [2009.07.15 07:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.10.03 22:28:19 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)

DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012.08.21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2012.08.21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2012.08.21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2012.08.21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2012.08.21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2012.08.21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.11.16 19:18:56 | 000,199,752 | ---- | M] (1&1 Mail & Media GmbH) [File_System | System | Running] -- C:\Windows\SysNative\drivers\uigxrdr.SYS -- (uigxrdr)

DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2011.07.13 14:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)

DRV:64bit: - [2011.07.13 14:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)

DRV:64bit: - [2011.06.19 17:02:25 | 000,125,440 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\acedrv07.sys -- (acedrv07)

DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.03.03 12:47:01 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)

DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2010.05.05 18:06:04 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)

DRV:64bit: - [2010.05.05 16:31:58 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010.05.03 13:19:40 | 000,317,488 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010.03.26 09:03:20 | 000,160,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)

DRV:64bit: - [2010.02.05 19:20:32 | 000,056,688 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcam.sys -- (JmUsbVideo)

DRV:64bit: - [2010.02.05 18:51:30 | 000,031,088 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcam_lo.sys -- (JmUsbVideo2)

DRV:64bit: - [2010.02.05 17:23:40 | 000,017,904 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmccgp.sys -- (JmUsbCcgp)

DRV:64bit: - [2010.01.27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2010.01.15 20:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)

DRV:64bit: - [2010.01.15 02:51:20 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2010.01.15 02:51:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2010.01.15 02:51:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009.12.14 10:03:50 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)

DRV:64bit: - [2009.11.20 17:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009.11.06 14:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009.10.19 02:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)

DRV:64bit: - [2009.10.16 05:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)

DRV:64bit: - [2009.09.17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)

DRV:64bit: - [2009.08.21 10:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009.07.21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)

DRV:64bit: - [2009.07.16 13:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror)

DRV:64bit: - [2009.07.16 05:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0)

DRV:64bit: - [2009.07.16 04:31:24 | 001,383,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atinavrr.sys -- (ATIAVPCI)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.04.07 08:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2008.08.06 14:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2011.03.03 12:47:14 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer)

DRV - [2010.01.21 20:05:40 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/08/12 13:15:18] [Kernel | Auto | Running] -- C:\Program Files (x86)\Lenovo\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox

IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=PV&apn_dtid=YYYYYYYYDE&apn_uid=FCF7DA51-8231-4B97-B14E-D52AA13A310E&apn_sauid=5901B2D2-58E6-4B6B-A8A1-B9D637A0E3DD

IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=CAC0FB192098C153A67098506D474687&q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

 
 ========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

 

 

 
 ========== Chrome  ==========

 

CHR - homepage: Google

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}

CHR - homepage: Google

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll

CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll

CHR - plugin: Adobe Acrobat (Disabled) = c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: YouTube = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google-Suche = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: avast! WebRep = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\

CHR - Extension: Google Mail = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKLM\..\Toolbar: (MP3Bar) - {F6BD6330-76F8-44d9-B775-87614E2D8374} - C:\Program Files (x86)\Fiesta Download Manager\mp3bar.dll ()

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKCU\..\Toolbar\WebBrowser: (MP3Bar) - {F6BD6330-76F8-44D9-B775-87614E2D8374} - C:\Program Files (x86)\Fiesta Download Manager\mp3bar.dll ()

O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)

O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)

O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)

O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)

O4:64bit: - HKLM..\Run: [SynBtnAsst] C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe (Synaptics Incorporated)

O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)

O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Lenovo SlideNav2] C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe (Lenovo)

O4 - HKLM..\Run: [Lenovo SplitScreen] C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe (Lenovo)

O4 - HKLM..\Run: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~2\MuteSync.exe (Lenovo)

O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Lenovo\PlayMovie\PMVService.exe (CyberLink Corp.)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [YouCam Mirror Tray icon] c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O8:64bit: - Extra context menu item: &MP3Bar - C:\Program Files (x86)\Fiesta Download Manager\mp3bar.dll ()

O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found

O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: &MP3Bar - C:\Program Files (x86)\Fiesta Download Manager\mp3bar.dll ()

O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found

O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://mia.bt.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)

O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB (Reg Error: Unable to open value key)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06722159-FF20-46B1-A2BD-3AD4D81DC868}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FA392A3-8BFA-441B-86A4-155291E091C8}: DhcpNameServer = 60.2.0.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{ba620125-a611-11df-a4fc-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{ba620125-a611-11df-a4fc-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun\autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (lsdelete)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.10.04 17:02:28 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe

[2012.10.04 10:59:46 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\{D3BD5893-9AC7-48E4-8652-CCEBDD14425B}

[2012.10.04 10:27:57 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\adawarebp

[2012.10.04 10:25:27 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\LavasoftStatistics

[2012.10.04 10:24:03 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars

[2012.10.04 10:23:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb

[2012.10.03 23:20:35 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes

[2012.10.03 23:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.10.03 23:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.10.03 23:20:13 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

[2012.10.03 23:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.10.03 22:28:19 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys

[2012.10.03 22:28:18 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Spyware Terminator

[2012.10.03 22:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator

[2012.10.03 22:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012

[2012.10.03 22:26:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator

[2012.10.03 21:37:45 | 000,000,000 | ---D | C] -- C:\ProgramData\klbufxxvvhtvhnf

[2012.09.27 11:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

[2012.09.27 11:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012.09.27 11:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012.09.27 11:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2012.09.27 11:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

[2012.09.13 16:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2012.09.13 16:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.10.04 17:40:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2012.10.04 17:37:00 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.10.04 17:13:21 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000UA.job

[2012.10.04 17:02:04 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe

[2012.10.04 17:01:03 | 000,000,000 | ---- | M] () -- C:\Users\Jan\defogger_reenable

[2012.10.04 16:59:00 | 000,001,120 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006UA.job

[2012.10.04 16:43:46 | 000,001,100 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.10.04 16:41:25 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.10.04 16:41:25 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.10.04 16:32:52 | 000,000,408 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job

[2012.10.04 16:31:51 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat

[2012.10.04 11:55:17 | 483,835,903 | -HS- | M] () -- C:\hiberfil.sys

[2012.10.04 10:59:00 | 000,001,068 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006Core.job

[2012.10.04 10:14:44 | 000,002,478 | ---- | M] () -- C:\Users\Jan\Desktop\Google Chrome.lnk

[2012.10.04 10:13:00 | 000,001,060 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000Core.job

[2012.10.04 10:07:05 | 000,000,064 | ---- | M] () -- C:\windows\SysWow64\rp_stats.dat

[2012.10.04 10:07:05 | 000,000,044 | ---- | M] () -- C:\windows\SysWow64\rp_rules.dat

[2012.10.03 23:20:17 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.03 22:28:19 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys

[2012.10.03 22:28:15 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk

[2012.10.03 21:37:44 | 000,076,359 | ---- | M] () -- C:\ProgramData\lllzwmpyjsqgsyt

[2012.10.03 21:37:39 | 000,105,984 | ---- | M] () -- C:\ProgramData\bgbotadh.exe

[2012.10.02 18:26:57 | 001,500,294 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2012.10.02 18:26:57 | 000,654,852 | ---- | M] () -- C:\windows\SysNative\perfh007.dat

[2012.10.02 18:26:57 | 000,616,694 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2012.10.02 18:26:57 | 000,130,434 | ---- | M] () -- C:\windows\SysNative\perfc007.dat

[2012.10.02 18:26:57 | 000,106,816 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2012.10.01 11:41:58 | 624,797,340 | ---- | M] () -- C:\windows\MEMORY.DMP

[2012.09.27 11:33:40 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.10.04 17:01:03 | 000,000,000 | ---- | C] () -- C:\Users\Jan\defogger_reenable

[2012.10.04 16:32:51 | 000,000,408 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job

[2012.10.03 23:20:17 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.03 22:28:15 | 000,001,042 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk

[2012.10.03 21:37:43 | 000,105,984 | ---- | C] () -- C:\ProgramData\bgbotadh.exe

[2012.10.03 21:37:40 | 000,076,359 | ---- | C] () -- C:\ProgramData\lllzwmpyjsqgsyt

[2012.09.27 11:33:40 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012.09.23 12:13:50 | 624,797,340 | ---- | C] () -- C:\windows\MEMORY.DMP

[2012.07.18 23:05:05 | 004,503,728 | ---- | C] () -- C:\ProgramData\pmt_0piot.pad

[2012.07.15 10:30:32 | 000,000,017 | ---- | C] () -- C:\Users\Jan\AppData\Local\resmon.resmoncfg

[2012.07.14 16:49:10 | 000,006,631 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\.freeciv-client-rc-2.3

[2012.04.12 09:05:36 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat

[2011.06.24 16:04:23 | 000,000,218 | ---- | C] () -- C:\Users\Jan\.recently-used.xbel

[2011.06.22 18:20:24 | 000,000,200 | ---- | C] () -- C:\Users\Jan\Goya.ini

[2011.06.22 18:19:59 | 000,000,046 | ---- | C] () -- C:\windows\Goya.INI

[2011.06.19 11:40:22 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\AV32UID.DAT

[2011.06.18 23:07:11 | 000,000,000 | ---- | C] () -- C:\windows\MusicMaker.INI

[2011.06.18 21:48:08 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\acedrv07.dll

[2011.06.18 21:27:56 | 000,010,240 | ---- | C] () -- C:\windows\SysWow64\vidx16.dll

[2011.06.18 21:25:39 | 000,049,152 | ---- | C] () -- C:\windows\SysWow64\mgxasio2.dll

[2011.06.18 21:18:50 | 000,006,537 | ---- | C] () -- C:\windows\mgxoschk.ini

[2011.05.15 19:26:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2011.04.20 17:31:59 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat

[2011.04.20 17:31:59 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat

[2011.03.23 22:58:03 | 001,527,912 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2011.03.03 19:51:07 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini

[2011.02.26 15:52:36 | 000,000,783 | ---- | C] () -- C:\ProgramData\profile.xml

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 
 ========== LOP Check ==========

 

[2012.07.14 14:32:06 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Ad-Aware Antivirus

[2012.01.03 16:51:56 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\AllDup

[2011.09.16 12:03:54 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Amazon

[2011.02.26 15:52:12 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\ArcSyncConfig

[2011.02.26 21:02:19 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Canneverbe Limited

[2012.07.14 13:27:42 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Dropbox

[2012.01.21 18:38:58 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoft

[2012.01.21 18:38:53 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers

[2012.07.08 18:29:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\elsterformular

[2011.08.19 20:41:40 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\GARMIN

[2011.06.24 16:03:58 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\gtk-2.0

[2011.02.26 16:48:32 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\KeePass

[2011.02.26 15:54:00 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Lenovo

[2011.06.22 18:32:05 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\MAGIX

[2011.12.04 19:25:10 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\OpenCandy

[2012.06.19 16:31:42 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\SoftGrid Client

[2012.10.03 22:28:18 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Spyware Terminator

[2011.03.23 22:58:32 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TP

 
 ========== Purity Check ==========

 

 
 

< End of report >

--- --- ---

Oh super lieber Matthias - herzlichen Dank daß Du da bist. :abklatsch:
Wo finde ich nun die zweite Datei Extra.txt ? Das Tool hast sich von selbst geschlossen...

Sorry da war noch ein Fenster dahinter:OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 04.10.2012 17:48:45 - Run 1

OTL by OldTimer - Version 3.2.70.2     Folder = C:\Users\Jan\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

5,93 Gb Total Physical Memory | 3,89 Gb Available Physical Memory | 65,52% Memory free

11,87 Gb Paging File | 9,73 Gb Available in Paging File | 81,99% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 550,62 Gb Total Space | 228,88 Gb Free Space | 41,57% Space Free | Partition Type: NTFS

Drive D: | 30,59 Gb Total Space | 28,76 Gb Free Space | 93,99% Space Free | Partition Type: NTFS

 

Computer Name: SUPERHIRN | User Name: Jan | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Unable to open value key

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Unable to open value key

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Unable to open value key

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Unable to open value key

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Unable to open value key

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Unable to open value key

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{06A2CD4C-191D-42EA-BA2A-081754EE1912}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{1B56E26A-B4B4-49DF-8D5C-195429BF46BD}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{278C55FC-930C-4F9D-B6E3-E7E13B7DEEE6}" = rport=137 | protocol=17 | dir=out | app=system | 

"{2E2D2420-E602-4667-AC7F-FCC1C6291925}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{3129F9FD-38DD-4CDB-87AD-B4783D12875D}" = rport=138 | protocol=17 | dir=out | app=system | 

"{3938C8DA-8829-48D2-9CB6-81C3D18F35AB}" = lport=137 | protocol=17 | dir=in | app=system | 

"{3993FB93-D958-435F-B2A0-C35F109B4F01}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{3AA82262-21BF-458E-80AE-6A8D264A9DDC}" = lport=138 | protocol=17 | dir=in | app=system | 

"{4CD838BB-EE10-4885-BBF7-240D670E8242}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{590D2B42-3033-4C31-A66A-2BDE1474810A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 

"{5C273F80-189E-43BA-AF34-0F4348F75450}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{5E31F651-729A-46C9-BB97-4EF6019D7394}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{6D1977F5-5C72-46A3-A606-C6340DEDC4E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{84F86885-C7B5-4E04-91F8-94BB5BCFE897}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{854532CF-836C-4100-9281-7A77CCB6D14A}" = lport=445 | protocol=6 | dir=in | app=system | 

"{9327EE23-189C-48ED-85A3-9C9DB1E761F0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{A1560F0C-EC8B-40DA-A9A3-05CE38A2F860}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{A57B87DE-8B48-4BB4-ADE2-DFB9060F5183}" = rport=139 | protocol=6 | dir=out | app=system | 

"{A76805BB-2FEE-4A4A-A234-273BF4909ABC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{A91BAE25-F6C0-4A9B-B21D-BB519D7356CC}" = lport=139 | protocol=6 | dir=in | app=system | 

"{B89C10B2-2B0F-4DB8-B001-70A9430BA00A}" = rport=445 | protocol=6 | dir=out | app=system | 

"{C046CBCE-8B18-4C78-B6FD-932243D0E9B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{CB5CA2D1-9276-45AE-9A0E-4BC819D57DBB}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{D3BD9A0E-DB26-47DE-B578-883DF2DDE38D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{D9032A42-DB3B-4322-AD2C-536034D7F228}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{E08B3DB6-489E-41F6-9740-D2D5299C0821}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{EBA599D9-8F5A-450D-A2D0-DEF68C5EFEF6}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{F8149C99-94F7-460E-A259-75A99AC7AEB4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{015CE07C-CCB0-4E36-944A-14DE97EEC01C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{03472033-611F-4767-AE3E-DCC526E80553}" = dir=in | app=c:\program files (x86)\lenovo\playmovie\playmovie.exe | 

"{0782ED6F-9AC4-42A0-A2F7-FE8F7481306E}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe | 

"{16AD594F-BF4B-424C-9079-78C0449DDCBA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{326370D1-EBF1-440A-977C-A3BDCFD77434}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{3C678971-6775-441B-AD4E-AEAA456A0426}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{41E15F97-3AC3-41F3-A16C-6735EA1FA611}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe | 

"{49B5C86E-AACF-45F0-B4E6-9C4E45AEE617}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{4EC451FE-F92C-41D9-AAF3-C31E755399D7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{4EDA282F-C97D-43AF-BF8A-0E27155E84F5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{524BCCD2-5B31-4DD4-866D-BE81EFBC5F6D}" = dir=in | app=c:\windows\system32\igrssvcs.exe | 

"{55DF5AE8-D02C-4A45-91EA-207374D433FA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 

"{5639874F-D477-42A2-92C8-6CB906373A96}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{5E2B415C-BC45-440D-AC0F-BD9E60A6CA7E}" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe | 

"{65A9B5B8-B818-48C1-AD80-FDB0B2FD0C4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{65B99C60-96DD-4C30-A6C0-CD62646CB663}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe | 

"{6648B268-6853-4028-98A5-217158849B24}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{67B5FA16-E18C-41BF-81B1-9289DBE457C8}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe | 

"{712848A1-5DAD-4C3D-B716-FAC29A491BB2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{743D4E2D-94F9-4DFF-A1D3-E613508EB7C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{7566229C-13DC-480A-8D0C-75612CB577FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{78E6A186-9F79-404E-9BB6-C29A93591D3E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 

"{7CC40C5E-75C0-4BDF-9EAE-B4AD3FA1DA39}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{7D4F8BDE-D008-41B6-9D80-A7896F6C9CC8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 

"{7D760158-9944-4C32-AE23-88464B4594E5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{8330347D-DD07-4EAA-B2E0-2B4DABD42C50}" = dir=out | app=c:\windows\system32\igrssvcs.exe | 

"{86F169F7-5652-443F-88E3-B8384C5A7003}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe | 

"{88B2B54B-8604-4E85-9621-38804469188E}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe | 

"{8C41C7A8-8C8A-4BEC-8B3D-F05EB937F1D9}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe | 

"{8C7D3D97-E73E-4C59-9576-64F659D396A2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{92B01DD7-846A-4059-A5ED-B195CA7832ED}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 

"{97AA661E-C2F1-49CF-9878-A946CF973D85}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 

"{97FDBA51-C4FE-4463-B2A5-273B85EAA0A5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{9C8E10AC-9BE6-43BB-8145-BD7A76721ED0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 

"{9D4FB561-4C4C-4950-B4AC-2E6CB53BA479}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 

"{ABEF77FD-802A-40C6-9305-C053D4EFD129}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{AE9C0479-4301-4A2C-9E57-B40927E1AB0B}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{B3B6AA24-0B74-4DB3-BFFC-D93B1D2B89A7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{BA917D03-7EA3-4CFC-9A1A-FFCE3EC0C322}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{BAFDF678-CD36-4C9E-956E-C53285F85DEB}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe | 

"{BEF600C0-8EF5-4292-993F-EB6958633647}" = dir=in | app=c:\program files (x86)\lenovo\playmovie\pmvservice.exe | 

"{C6472E23-9528-4D20-8396-4349A7C62598}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{C840818B-6022-483B-84CF-6B8E27EB48D5}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe | 

"{CA34795B-1985-4CB4-A848-C916DC83243C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{CC60A25C-B73B-48CB-A912-99D525264568}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{D3175696-A7A9-462A-B5EA-970E896B5BA4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 

"{D515B09D-C7EA-45B0-8A06-891AE6B85E19}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe | 

"{DC81BE8C-BE00-4A3E-A4D5-DC4ADAF608EC}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{E0A1797F-B59D-4FA9-950F-E35863FDE2AB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{E86F62AE-4AB1-4C15-BB7E-3E84A35D2AB2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{E92A6133-30B1-47AB-B264-767D30E5CBC4}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe | 

"{EC8F43CE-303D-4517-93D1-C0C954FD0629}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{EE35BF52-DBD2-40F4-BE63-A658C33F2316}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe | 

"{F009F8E5-0B14-43B0-9BB8-97FF822AB6B9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 

"{F23B3ABC-E5FA-467B-BC96-9A8C14EE2963}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe | 

"{FA409F6A-DD32-4C27-B433-F26468324CB2}" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe | 

"{FD902B70-3F0F-4090-ABE3-56845EDDC540}" = protocol=6 | dir=out | app=system | 

"TCP Query User{0CCC8848-D238-4711-8878-E2422C09AC58}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 

"TCP Query User{17119520-1254-429B-8E93-FB4C2307E95C}C:\users\regina\appdata\roaming\peufe\kyiv.exe" = protocol=6 | dir=in | app=c:\users\regina\appdata\roaming\peufe\kyiv.exe | 

"TCP Query User{31EA19B2-2240-4592-87BF-7701081B1873}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe | 

"TCP Query User{32212F9C-2A40-465F-A786-41F5C38544FA}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 

"TCP Query User{3604CFB1-D7C8-40A2-993B-B7230BEB47F3}C:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe | 

"TCP Query User{36212708-32F3-485E-A246-2A7F1283634A}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 

"TCP Query User{5C6DD1B1-2755-44DC-9807-7A9B5752B115}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe | 

"TCP Query User{6B2BA6D8-4751-400B-82AD-D4A7B478F32B}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 

"TCP Query User{D41AE055-D140-4567-9956-B780FD980510}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 

"UDP Query User{175BD25B-3E7C-405D-88A1-3AEAAF56CCEB}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 

"UDP Query User{6C8237C5-088B-49E3-95D5-BAABA1D0245F}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 

"UDP Query User{79366E6A-F8B2-4436-9812-D18F6B8904C6}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 

"UDP Query User{89A77771-4F8C-418C-99D9-DC0C77EDC526}C:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe | 

"UDP Query User{A2232FFC-1341-44E2-A9DE-E37AD6997372}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 

"UDP Query User{A2BAEE41-242E-4C17-B224-A308BF99E51F}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe | 

"UDP Query User{C4B0298C-C8F2-4C24-95F2-0DBADDFD0CC3}C:\users\regina\appdata\roaming\peufe\kyiv.exe" = protocol=17 | dir=in | app=c:\users\regina\appdata\roaming\peufe\kyiv.exe | 

"UDP Query User{CBEF827F-644D-4C82-974F-4BF1F8EC2E0F}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe | 

"UDP Query User{D20BFE61-B8DA-421D-A143-E851B9C96060}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety

"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support

"{793C0787-9638-9FCA-E424-D30FB5E5A752}" = ATI Catalyst Install Manager

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010

"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software

"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{C0DD912A-04BB-7012-EDC7-7D550893437E}" = ccc-utility64

"{CF29845C-705E-4450-A3FF-1D4754455AB9}" = Hybrid TV

"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector

"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources

"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers

"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1)

"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)

"CCleaner" = CCleaner

"DF9F23E360B18E10871A49C3BC1AEDA269B8E0E2" = Windows Driver Package - YUAN High-Tech Development Co., Ltd (ATIAVPCI) MEDIA  (07/16/2009 6.14.10.373)

"DFEA59689C004DFD0378309F3A583EA32D78A1B3" = Windows Driver Package - Broadcom Bluetooth  (01/06/2010 6.2.0.9416)

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"SynTPDeinstKey" = Synaptics Pointing Device Driver

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11

"{03AF6BF4-D234-1D9C-ED0F-568354B2A852}" = Catalyst Control Center Core Implementation

"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion

"{061034DA-ED68-4BDD-ACB9-4D0C6F90878F}" = MAGIX Music Maker 17 Trial (Soundpaket)

"{06FF834F-B3A1-8329-B228-EE357A584D70}" = CCC Help Greek

"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11

"{0749E1E5-BD6B-474C-BD21-48891526113E}" = MAGIX Music Maker 17 Download-Version

"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management

"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11

"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime

"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11

"{1226C38C-55A1-FDC4-CF37-2D5681173B34}" = CCC Help Finnish

"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5

"{19B084B8-8B95-9D62-A855-EBD890711489}" = Catalyst Control Center Graphics Light

"{1C98779A-56B1-AB70-0059-E6378B24EA66}" = CCC Help Korean

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{212D3D92-9FCC-EDDA-FFE4-426FE49030C5}" = Catalyst Control Center Graphics Full New

"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31

"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010

"{28ABE740-47F3-441B-9437-852F6A64EFF8}" = Lenovo_Wireless_Driver

"{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync

"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic

"{307702F6-FD2C-484A-8F2E-A1DCE85FD9CC}_is1" = 2weistein

"{330EBB01-9183-F56F-F9C9-CA20DD078234}" = CCC Help Hungarian

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)

"{3B233580-C1A3-B02F-93FC-48AC12905962}" = Catalyst Control Center InstallProxy

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology

"{3F7F9151-03DF-AA1E-6E2A-5FF7887F2FC7}" = CCC Help French

"{4162E4B4-DB62-4719-9921-A59B2671C1CB}" = Nero Recode 11

"{444D37B2-074E-5691-2B45-C02798972D32}" = CCC Help Chinese Traditional

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4D96D2F0-8FB4-45C2-9B80-2DCB88016316}_is1" = Machinarium

"{4E9DC986-7FC9-36BD-3C72-1B516F4F56C8}" = CCC Help Thai

"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.6

"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)

"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI

"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)

"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012

"{575B376D-0FDB-6046-4A04-9AD21BA578E4}" = CCC Help Polish

"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)

"{5885739F-97FF-4907-AC74-065515FFAFF0}" = Catalyst Control Center - Branding

"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3

"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{676482CF-ACEC-2EC6-29DE-BE3EB6AD829A}" = CCC Help Italian

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7388E582-8139-0498-7D38-98CE054A5553}" = CCC Help Norwegian

"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync

"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7865FE7A-60F5-9909-1E82-758B2F7F214B}" = Catalyst Control Center Graphics Previews Vista

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime

"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2

"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11

"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.6.0

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{8708B14E-C6E7-0069-2FCE-80DD0D99E8AF}" = CCC Help Turkish

"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010

"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010

"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010

"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010

"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010

"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010

"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010

"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010

"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010

"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010

"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010

"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{9453ED84-747C-DCB4-03D3-8D6DDB7D37AA}" = CCC Help Chinese Standard

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9D8491AD-D0D2-4B51-AA4A-A8B67795A553}" = Nero Burning ROM 11

"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1

"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples

"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Play Movie

"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11

"{AB47C549-E7D0-0093-2213-CDE2F49ED170}" = CCC Help Portuguese

"{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts

"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1

"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)

"{BB7DF440-DD8D-805A-2692-B196282338B9}" = CCC Help Spanish

"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media

"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11

"{C01D45AF-5BB5-085E-66BD-809952B65E29}" = CCC Help Czech

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser

"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari

"{C818D1A1-0E4E-354D-AD70-7A026585DE80}" = CCC Help Russian

"{CBE7C598-6525-54B3-7BAB-1C0FD28CB58A}" = CCC Help German

"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFE383C3-6877-AD3C-14CC-F6F1EBA3468B}" = CCC Help English

"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)

"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar

"{DB6F1190-E0EE-4037-2B18-3E60D2D4C68D}" = Catalyst Control Center Graphics Full Existing

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware

"{DF24EF87-0BDA-D8E7-71C0-AAAE928317DF}" = CCC Help Dutch

"{DFA154FD-9089-4E90-1236-E2BD6741B256}" = CCC Help Swedish

"{DFB19121-0609-49C1-92B1-546E5A940FE8}" = Onekey Theater

"{E04D1AC1-B3AF-4C1A-B7E0-B37A058271CE}" = MAGIX Screenshare

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11

"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic

"{E52F8D95-AEB5-3B67-879C-C59DF8AF88EE}" = Google Talk Plugin

"{E89BAE75-3446-43BA-B180-7F11692A9778}" = nero.prerequisites.msi

"{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}" = Nero 11

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)

"{ED731DBB-37A3-54A3-3288-5A8A189BBE93}" = ccc-core-static

"{EDC5A04C-27E3-F9A1-C225-E826890A4CE7}" = CCC Help Japanese

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F18357C8-C4D9-718C-65F4-98227EDF00D9}" = Catalyst Control Center Localization All

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F335B24B-0159-3C5D-DCCE-0E2ECD625166}" = CCC Help Danish

"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples

"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic

"{F5608FF7-17C0-440A-80C7-29C48363BD87}" = Lenovo EasyCamera

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171

"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)

"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11

"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008

"Ad-Aware" = Ad-Aware

"adawaretb" = Ad-Aware Security Add-on

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Shockwave Player" = Adobe Shockwave Player

"AllDup_is1" = AllDup 3.3.20

"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9

"ASIO4ALL" = ASIO4ALL

"avast" = avast! Free Antivirus

"ElsterFormular 13.2.0.8623p" = ElsterFormular

"ElsterFormular für Privatanwender 12.3.2.6814p" = ElsterFormular für Privatanwender

"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner

"F-Manager" = Fiesta Download Manager

"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.10.722

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228

"Freeciv-2.3.1-gtk2" = Freeciv 2.3.1 (GTK+ client)

"GMX Upload-Manager" = GMX Upload-Manager

"Hardcopy(C__Program Files (x86)_Hardcopy)" = Hardcopy (C:\Program Files (x86)\Hardcopy)

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync

"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare

"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV

"Karlsson" = Karlsson

"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.14

"Lenovo SlideNav2" = Lenovo SlideNav

"Lenovo SplitScreen" = Lenovo SplitScreen

"MAGIX Music Maker 16 Premium D" = MAGIX Music Maker 16 Premium

"MAGIX Screenshare D" = MAGIX Screenshare

"MAGIX_MSI_mm17" = MAGIX Music Maker 17 Download-Version

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400

"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010

"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010

"OpenAL" = OpenAL

"SopCast" = SopCast 3.3.2

"Unknown Horizons" = Unknown Horizons

"VLC media player" = VLC media player 1.1.7

"WinLiveSuite" = Windows Live Essentials

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"Google Chrome" = Google Chrome

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 30.09.2012 13:00:02 | Computer Name = superhirn | Source = Windows Backup | ID = 4103

Description = 

 

Error - 30.09.2012 16:18:08 | Computer Name = superhirn | Source = Application Hang | ID = 1002

Description = Programm hardcopy.exe, Version 2011.7.2.0 kann nicht mehr unter Windows

 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,

 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 780    Startzeit: 

01cd9f486b0e9e45    Endzeit: 15    Anwendungspfad: C:\Program Files (x86)\Hardcopy\hardcopy.exe
 

Berichts-ID:

 e5fab153-0b3b-11e2-a821-c80aa9f6e46e  

 

Error - 01.10.2012 16:14:34 | Computer Name = superhirn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,

 Zeitstempel: 0x503723f6  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,

 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften

 Prozesses: 0x86c  Startzeit der fehlerhaften Anwendung: 0x01cda0114d7c30cb  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad

 des fehlerhaften Moduls: unknown  Berichtskennung: 9d8e1df8-0c04-11e2-9212-c80aa9f6e46e

 

Error - 01.10.2012 16:14:37 | Computer Name = superhirn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,

 Zeitstempel: 0x503723f6  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,

 Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0xc0000028  Fehleroffset: 0x0009087d  ID des fehlerhaften

 Prozesses: 0x86c  Startzeit der fehlerhaften Anwendung: 0x01cda0114d7c30cb  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad

 des fehlerhaften Moduls: C:\windows\SysWOW64\ntdll.dll  Berichtskennung: 9f496906-0c04-11e2-9212-c80aa9f6e46e

 

Error - 03.10.2012 11:38:16 | Computer Name = superhirn | Source = Lavasoft Ad-Aware Service | ID = 0

Description = 

 

Error - 03.10.2012 20:15:40 | Computer Name = superhirn | Source = SideBySide | ID = 16842827

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-

 oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"

 in Zeile 2.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

 

Error - 03.10.2012 20:19:25 | Computer Name = superhirn | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\Nero\Nero 11\nero recode\NeroBRServer.exe.Manifest".  Die abhängige Assemblierung

 "ACME,processorArchitecture="x86",type="win32",version="11.0.0.0"" konnte nicht

 gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

 

Error - 03.10.2012 20:20:11 | Computer Name = superhirn | Source = SideBySide | ID = 16842787

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\Nero\Nero 11\nero waveeditor\NMDllHost.exe.Manifest". Fehler in Manifest-

 oder Richtliniendatei "c:\program files (x86)\Nero\Nero 11\nero waveeditor\SMC\SMC.MANIFEST"

 in Zeile  3.  Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der

 angeforderten Komponente überein.  Verweis: SMC,processorArchitecture="x86",type="win32",version="8.1.0.0".

Definition:

 SMC,processorArchitecture="x86",type="win32",version="8.0.0.0".  Verwenden Sie das

 Programm "sxstrace.exe" für eine detaillierte Diagnose.

 

Error - 04.10.2012 04:07:23 | Computer Name = superhirn | Source = Lavasoft Ad-Aware Service | ID = 0

Description = 

 

Error - 04.10.2012 04:25:07 | Computer Name = superhirn | Source = MsiInstaller | ID = 11706

Description = 

 

[ Media Center Events ]

Error - 09.09.2012 17:12:42 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 23:12:42 - Fehler beim Herstellen der Internetverbindung.  23:12:42 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 17:12:52 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 23:12:47 - Fehler beim Herstellen der Internetverbindung.  23:12:47 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 18:12:57 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 00:12:57 - Fehler beim Herstellen der Internetverbindung.  00:12:57 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 18:13:07 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 00:13:02 - Fehler beim Herstellen der Internetverbindung.  00:13:02 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 19:13:12 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 01:13:12 - Fehler beim Herstellen der Internetverbindung.  01:13:12 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 19:13:22 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 01:13:17 - Fehler beim Herstellen der Internetverbindung.  01:13:17 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 04.10.2012 01:35:50 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 07:35:47 - Fehler beim Herstellen der Internetverbindung.  07:35:50 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 04.10.2012 02:21:53 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 07:36:01 - Fehler beim Herstellen der Internetverbindung.  07:36:01 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 04.10.2012 03:21:41 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 09:21:40 - Fehler beim Herstellen der Internetverbindung.  09:21:41 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 04.10.2012 03:21:59 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 09:21:46 - Fehler beim Herstellen der Internetverbindung.  09:21:46 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 04.10.2012 05:18:16 | Computer Name = superhirn | Source = DCOM | ID = 10016

Description = 

 

Error - 04.10.2012 05:18:16 | Computer Name = superhirn | Source = DCOM | ID = 10016

Description = 

 

Error - 04.10.2012 05:18:16 | Computer Name = superhirn | Source = DCOM | ID = 10016

Description = 

 

Error - 04.10.2012 05:19:14 | Computer Name = superhirn | Source = DCOM | ID = 10016

Description = 

 

Error - 04.10.2012 05:19:14 | Computer Name = superhirn | Source = DCOM | ID = 10016

Description = 

 

Error - 04.10.2012 05:19:14 | Computer Name = superhirn | Source = DCOM | ID = 10016

Description = 

 

Error - 04.10.2012 05:19:14 | Computer Name = superhirn | Source = DCOM | ID = 10016

Description = 

 

Error - 04.10.2012 05:19:14 | Computer Name = superhirn | Source = DCOM | ID = 10016

Description = 

 

Error - 04.10.2012 10:32:59 | Computer Name = superhirn | Source = Service Control Manager | ID = 7026

Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:

   acedrv07

 

Error - 04.10.2012 10:35:45 | Computer Name = superhirn | Source = Service Control Manager | ID = 7000

Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

 

< End of report >

--- --- ---

Servus,

ich brauche noch mehr Informationen, da du die Suche mit deinem OTL-Scan eingeschränkt hast. Alle Anweisungen genau lesen!
So gehts weiter:

Schritt 1
Ich sehe das Du sogenannte Registry Cleaner am System hast.
In deinem Fall CCleaner und Eusing Free Registry Cleaner.

Wir empfehlen auf keinen Fall jegliche Art von Registry Cleaner.

Der Grund ist ganz einfach:

Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr booted.

Wie soll der Cleaner zu 100% wissen ob der Eintrag benötigt wird oder nicht ?
Es ist vollkommen egal ob ein paar verwaiste Registry Einträge am System sind oder nicht.
Auch die dauernd angepriesene Beschleunigung des Systems ist nur bedingt wahr. Du würdest es nicht merken.

Ein sogenanntes False Positive von einem Cleaner kann auch dein System unbootbar machen.
Zerstörst Du die Registry, zerstörst Du Windows.

Ich empfehle Dir hiermit die oben genannte Software zu deinstallieren und in Zukunft auf solche Art von Software zu verzichten.

Schritt 2

Folge folgendem Pfad: Start -> Systemsteuerung -> Programme deinstallieren
Suche in der Liste Software mit dem folgenden Namen
- Ask Toolbar
- Fiesta Download Manager
und deinstalliere das Programm.
Solltest du am Ende der Deinstallation zu einem Neustart aufgefordert werden, so führe diesen durch.

Schritt 3

Starte bitte die OTL.exe.
Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Standard Ausgabe.
Setze einen Haken bei Scanne alle Benutzer.
Unter Extra Registry, wähle bitte Use SafeList.
Kopiere nun den Inhalt aus der Codebox in die http://larusso.trojaner-board.de/Images/otlfix.jpg Textbox.

Code:

activex

netsvcs

msconfig

drivers32

safebootminimal

safebootnetwork

CREATERESTOREPOINT

Schließe bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Scan Button.
Am Ende des Suchlaufs werden 2 Logdateien erstellt.
Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Schritt 4
Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.

Starte das Tool mit Doppelklick.
Vista und Win7 User mit Rechtsklick "als Administrator starten".
Klicke nun auf den Disable Button, um die Treiber gewisser Emulatoren zu deaktivieren.
Wenn der Scan beendet wurde ( Finished ), klicke auf OK.
Defogger fordert gegebenfalls zum Neustart auf. Bestätige dies mit OK.

Sollte Defogger eine Fehlermeldung ausgeben, poste bitte die defogger_disable Log von deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung.

Schritt 5
Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Nein.
Klicke auf Scan
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Schritt 6
Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die beiden Logdateien von OTL,
die Logdatei von aswMBR,
die Logdatei von TDSSKiller.

Herzlichen Dank lieber M-K-D-B :party:

1. Schritt - registry cleaner gelöscht (wie löscht man dann all die windows temp Dateien die im Laufe der Zeit so auflaufen ... sind manchmal Gb?)
2. Schritt - den Sopcast Ask Toolbar konnte ich nicht löschen ... falsch installiert?
3. Schritt hier kommen nun die OTL Dateien:OTL Logfile:

Code:

OTL logfile created on: 05.10.2012 10:56:38 - Run 2

OTL by OldTimer - Version 3.2.70.2     Folder = C:\Users\Jan\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

5,93 Gb Total Physical Memory | 5,08 Gb Available Physical Memory | 85,66% Memory free

11,87 Gb Paging File | 11,09 Gb Available in Paging File | 93,49% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 550,62 Gb Total Space | 228,93 Gb Free Space | 41,58% Space Free | Partition Type: NTFS

Drive D: | 30,59 Gb Total Space | 28,76 Gb Free Space | 93,99% Space Free | Partition Type: NTFS

 

Computer Name: SUPERHIRN | User Name: Jan | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.10.04 17:02:04 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe

PRC - [2012.09.23 10:50:14 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

PRC - [2012.09.23 10:50:12 | 001,737,728 | ---- | M] (Lavasoft Limited                                                  ) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

PRC - [2011.06.22 11:59:04 | 001,101,960 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe

 

 
 ========== Modules (No Company Name) ==========

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2010.05.05 17:25:52 | 000,202,752 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV - [2012.09.23 10:50:12 | 001,737,728 | ---- | M] (Lavasoft Limited                                                  ) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)

SRV - [2012.09.07 01:57:38 | 001,148,664 | ---- | M] (Crawler.com) [Auto | Stopped] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)

SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.07.12 11:04:44 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate)

SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc)

SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2011.07.22 15:26:40 | 000,690,472 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.01.12 18:15:24 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)

SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2009.12.30 08:27:00 | 000,069,568 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe -- (Slidebar Notifier Service)

SRV - [2009.11.20 17:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)

SRV - [2009.11.17 17:00:54 | 000,575,304 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)

SRV - [2009.11.04 23:45:46 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2009.11.04 23:45:44 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)

SRV - [2009.08.14 16:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)

SRV - [2009.07.16 20:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)

SRV - [2009.07.15 07:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)

SRV - [2009.07.15 07:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.10.03 22:28:19 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)

DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012.08.21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2012.08.21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2012.08.21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2012.08.21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2012.08.21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2012.08.21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.11.16 19:18:56 | 000,199,752 | ---- | M] (1&1 Mail & Media GmbH) [File_System | System | Running] -- C:\Windows\SysNative\drivers\uigxrdr.SYS -- (uigxrdr)

DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2011.07.13 14:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)

DRV:64bit: - [2011.07.13 14:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)

DRV:64bit: - [2011.06.19 17:02:25 | 000,125,440 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\acedrv07.sys -- (acedrv07)

DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.03.03 12:47:01 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)

DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2010.05.05 18:06:04 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)

DRV:64bit: - [2010.05.05 16:31:58 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010.05.03 13:19:40 | 000,317,488 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010.03.26 09:03:20 | 000,160,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)

DRV:64bit: - [2010.02.05 19:20:32 | 000,056,688 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcam.sys -- (JmUsbVideo)

DRV:64bit: - [2010.02.05 18:51:30 | 000,031,088 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcam_lo.sys -- (JmUsbVideo2)

DRV:64bit: - [2010.02.05 17:23:40 | 000,017,904 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmccgp.sys -- (JmUsbCcgp)

DRV:64bit: - [2010.01.27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2010.01.15 20:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)

DRV:64bit: - [2010.01.15 02:51:20 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2010.01.15 02:51:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2010.01.15 02:51:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009.12.14 10:03:50 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)

DRV:64bit: - [2009.11.20 17:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009.11.06 14:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009.10.19 02:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)

DRV:64bit: - [2009.10.16 05:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)

DRV:64bit: - [2009.09.17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)

DRV:64bit: - [2009.08.21 10:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009.07.21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)

DRV:64bit: - [2009.07.16 13:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror)

DRV:64bit: - [2009.07.16 05:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0)

DRV:64bit: - [2009.07.16 04:31:24 | 001,383,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atinavrr.sys -- (ATIAVPCI)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.04.07 08:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2008.08.06 14:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2010.01.21 20:05:40 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/08/12 13:15:18] [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Lenovo\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=PV&apn_dtid=YYYYYYYYDE&apn_uid=FCF7DA51-8231-4B97-B14E-D52AA13A310E&apn_sauid=5901B2D2-58E6-4B6B-A8A1-B9D637A0E3DD

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=CAC0FB192098C153A67098506D474687&q={searchTerms}

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

 
 ========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

 

 

 
 ========== Chrome  ==========

 

CHR - homepage: hxxp://www.google.com/

CHR - default_search_provider: blekko (Enabled)

CHR - default_search_provider: search_url = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=CAC0FB192098C153A67098506D474687&q={searchTerms}

CHR - default_search_provider: suggest_url = 

CHR - homepage: hxxp://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll

CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll

CHR - plugin: Adobe Acrobat (Disabled) = c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: YouTube = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google-Suche = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: avast! WebRep = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\

CHR - Extension: Google Mail = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)

O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)

O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)

O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)

O4:64bit: - HKLM..\Run: [SynBtnAsst] C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe (Synaptics Incorporated)

O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)

O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Lenovo SlideNav2] C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe (Lenovo)

O4 - HKLM..\Run: [Lenovo SplitScreen] C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe (Lenovo)

O4 - HKLM..\Run: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~2\MuteSync.exe (Lenovo)

O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Lenovo\PlayMovie\PMVService.exe (CyberLink Corp.)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [YouCam Mirror Tray icon] c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O7 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found

O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found

O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://mia.bt.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)

O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB (Reg Error: Unable to open value key)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06722159-FF20-46B1-A2BD-3AD4D81DC868}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FA392A3-8BFA-441B-86A4-155291E091C8}: DhcpNameServer = 60.2.0.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{ba620125-a611-11df-a4fc-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{ba620125-a611-11df-a4fc-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun\autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (lsdelete)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2

ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

 

MsConfig:64bit - StartUpFolder: C:^Users^Jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)

MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)

MsConfig:64bit - StartUpReg: IAStorIcon - hkey= - key= - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)

MsConfig:64bit - StartUpReg: KeePass 2 PreLoad - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: NBAgent - hkey= - key= - C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)

MsConfig:64bit - StartUpReg: PDFPrint - hkey= - key= - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)

MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)

MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

MsConfig:64bit - StartUpReg: VeriFaceManager - hkey= - key= -  File not found

MsConfig:64bit - State: "bootini" - Reg Error: Unable to open variant key

MsConfig:64bit - State: "startup" - Reg Error: Unable to open variant key

MsConfig:64bit - State: "services" - Reg Error: Unable to open variant key

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: mcmscsvc - Service

SafeBootMin:64bit: MCODS - Service

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited                                                  )

SafeBootMin: mcmscsvc - Service

SafeBootMin: MCODS - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: mcmscsvc - Service

SafeBootNet:64bit: MCODS - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: MpfService - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited                                                  )

SafeBootNet: mcmscsvc - Service

SafeBootNet: MCODS - Service

SafeBootNet: Messenger - Service

SafeBootNet: MpfService - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

CREATERESTOREPOINT

Unable to start System Restore Service. Error code 1084

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.10.04 17:02:28 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe

[2012.10.04 10:59:46 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\{D3BD5893-9AC7-48E4-8652-CCEBDD14425B}

[2012.10.04 10:27:57 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\adawarebp

[2012.10.04 10:25:27 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\LavasoftStatistics

[2012.10.04 10:24:03 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars

[2012.10.04 10:23:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb

[2012.10.03 23:20:35 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes

[2012.10.03 23:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.10.03 23:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.10.03 23:20:13 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

[2012.10.03 23:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.10.03 22:28:19 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys

[2012.10.03 22:28:18 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Spyware Terminator

[2012.10.03 22:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator

[2012.10.03 22:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012

[2012.10.03 22:26:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator

[2012.10.03 21:37:45 | 000,000,000 | ---D | C] -- C:\ProgramData\klbufxxvvhtvhnf

[2012.09.27 11:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

[2012.09.27 11:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012.09.27 11:33:39 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\drivers\GEARAspiWDM.sys

[2012.09.27 11:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012.09.27 11:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2012.09.27 11:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

[2012.09.23 10:53:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll

[2012.09.23 10:53:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll

[2012.09.23 10:53:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll

[2012.09.23 10:53:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll

[2012.09.23 10:53:06 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe

[2012.09.23 10:53:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe

[2012.09.23 10:53:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll

[2012.09.23 10:53:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll

[2012.09.23 10:53:04 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl

[2012.09.23 10:53:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl

[2012.09.23 10:53:03 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll

[2012.09.23 10:53:03 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll

[2012.09.23 10:53:00 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll

[2012.09.23 10:53:00 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll

[2012.09.23 10:52:56 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll

[2012.09.13 22:40:35 | 009,232,584 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe

[2012.09.13 16:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2012.09.13 16:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2012.09.12 11:15:24 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys

[2012.09.12 11:15:24 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS

[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.10.05 10:30:50 | 000,000,408 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job

[2012.10.05 10:30:31 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat

[2012.10.05 10:30:24 | 483,835,903 | -HS- | M] () -- C:\hiberfil.sys

[2012.10.04 21:40:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2012.10.04 21:37:01 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.10.04 21:13:00 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000UA.job

[2012.10.04 20:59:00 | 000,001,120 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006UA.job

[2012.10.04 17:02:04 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe

[2012.10.04 17:01:03 | 000,000,000 | ---- | M] () -- C:\Users\Jan\defogger_reenable

[2012.10.04 17:00:16 | 000,050,477 | ---- | M] () -- C:\Users\Jan\Desktop\Defogger.exe

[2012.10.04 16:43:46 | 000,001,100 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.10.04 16:41:25 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.10.04 16:41:25 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.10.04 10:59:00 | 000,001,068 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006Core.job

[2012.10.04 10:14:44 | 000,002,478 | ---- | M] () -- C:\Users\Jan\Desktop\Google Chrome.lnk

[2012.10.04 10:13:00 | 000,001,060 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000Core.job

[2012.10.04 10:07:05 | 000,000,064 | ---- | M] () -- C:\windows\SysWow64\rp_stats.dat

[2012.10.04 10:07:05 | 000,000,044 | ---- | M] () -- C:\windows\SysWow64\rp_rules.dat

[2012.10.03 23:20:17 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.03 22:28:19 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys

[2012.10.03 22:28:15 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk

[2012.10.03 21:37:44 | 000,076,359 | ---- | M] () -- C:\ProgramData\lllzwmpyjsqgsyt

[2012.10.03 21:37:39 | 000,105,984 | ---- | M] () -- C:\ProgramData\bgbotadh.exe

[2012.10.02 18:26:57 | 001,500,294 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2012.10.02 18:26:57 | 000,654,852 | ---- | M] () -- C:\windows\SysNative\perfh007.dat

[2012.10.02 18:26:57 | 000,616,694 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2012.10.02 18:26:57 | 000,130,434 | ---- | M] () -- C:\windows\SysNative\perfc007.dat

[2012.10.02 18:26:57 | 000,106,816 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2012.10.01 11:41:58 | 624,797,340 | ---- | M] () -- C:\windows\MEMORY.DMP

[2012.09.27 11:33:40 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012.09.13 22:40:44 | 009,232,584 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe

[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.10.05 10:46:34 | 000,050,477 | ---- | C] () -- C:\Users\Jan\Desktop\Defogger.exe

[2012.10.04 17:01:03 | 000,000,000 | ---- | C] () -- C:\Users\Jan\defogger_reenable

[2012.10.04 16:32:51 | 000,000,408 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job

[2012.10.03 23:20:17 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.03 22:28:15 | 000,001,042 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk

[2012.10.03 21:37:43 | 000,105,984 | ---- | C] () -- C:\ProgramData\bgbotadh.exe

[2012.10.03 21:37:40 | 000,076,359 | ---- | C] () -- C:\ProgramData\lllzwmpyjsqgsyt

[2012.09.27 11:33:40 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012.09.23 12:13:50 | 624,797,340 | ---- | C] () -- C:\windows\MEMORY.DMP

[2012.07.18 23:05:05 | 004,503,728 | ---- | C] () -- C:\ProgramData\pmt_0piot.pad

[2012.07.15 10:30:32 | 000,000,017 | ---- | C] () -- C:\Users\Jan\AppData\Local\resmon.resmoncfg

[2012.07.14 16:49:10 | 000,006,631 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\.freeciv-client-rc-2.3

[2012.04.12 09:05:36 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat

[2011.06.24 16:04:23 | 000,000,218 | ---- | C] () -- C:\Users\Jan\.recently-used.xbel

[2011.06.22 18:20:24 | 000,000,200 | ---- | C] () -- C:\Users\Jan\Goya.ini

[2011.06.22 18:19:59 | 000,000,046 | ---- | C] () -- C:\windows\Goya.INI

[2011.06.19 11:40:22 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\AV32UID.DAT

[2011.06.18 23:07:11 | 000,000,000 | ---- | C] () -- C:\windows\MusicMaker.INI

[2011.06.18 21:48:08 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\acedrv07.dll

[2011.06.18 21:27:56 | 000,010,240 | ---- | C] () -- C:\windows\SysWow64\vidx16.dll

[2011.06.18 21:25:39 | 000,049,152 | ---- | C] () -- C:\windows\SysWow64\mgxasio2.dll

[2011.06.18 21:18:50 | 000,006,537 | ---- | C] () -- C:\windows\mgxoschk.ini

[2011.05.15 19:26:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2011.04.20 17:31:59 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat

[2011.04.20 17:31:59 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat

[2011.03.23 22:58:03 | 001,527,912 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2011.03.03 19:51:07 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini

[2011.02.26 15:52:36 | 000,000,783 | ---- | C] () -- C:\ProgramData\profile.xml

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 

< End of report >

--- --- ---

OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 05.10.2012 10:56:38 - Run 2

OTL by OldTimer - Version 3.2.70.2     Folder = C:\Users\Jan\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

5,93 Gb Total Physical Memory | 5,08 Gb Available Physical Memory | 85,66% Memory free

11,87 Gb Paging File | 11,09 Gb Available in Paging File | 93,49% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 550,62 Gb Total Space | 228,93 Gb Free Space | 41,58% Space Free | Partition Type: NTFS

Drive D: | 30,59 Gb Total Space | 28,76 Gb Free Space | 93,99% Space Free | Partition Type: NTFS

 

Computer Name: SUPERHIRN | User Name: Jan | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Unable to open value key

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Unable to open value key

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Unable to open value key

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Unable to open value key

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Unable to open value key

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Unable to open value key

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{06A2CD4C-191D-42EA-BA2A-081754EE1912}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{1B56E26A-B4B4-49DF-8D5C-195429BF46BD}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{278C55FC-930C-4F9D-B6E3-E7E13B7DEEE6}" = rport=137 | protocol=17 | dir=out | app=system | 

"{2E2D2420-E602-4667-AC7F-FCC1C6291925}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{3129F9FD-38DD-4CDB-87AD-B4783D12875D}" = rport=138 | protocol=17 | dir=out | app=system | 

"{3938C8DA-8829-48D2-9CB6-81C3D18F35AB}" = lport=137 | protocol=17 | dir=in | app=system | 

"{3993FB93-D958-435F-B2A0-C35F109B4F01}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{3AA82262-21BF-458E-80AE-6A8D264A9DDC}" = lport=138 | protocol=17 | dir=in | app=system | 

"{4CD838BB-EE10-4885-BBF7-240D670E8242}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{590D2B42-3033-4C31-A66A-2BDE1474810A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 

"{5C273F80-189E-43BA-AF34-0F4348F75450}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{5E31F651-729A-46C9-BB97-4EF6019D7394}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{6D1977F5-5C72-46A3-A606-C6340DEDC4E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{84F86885-C7B5-4E04-91F8-94BB5BCFE897}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{854532CF-836C-4100-9281-7A77CCB6D14A}" = lport=445 | protocol=6 | dir=in | app=system | 

"{9327EE23-189C-48ED-85A3-9C9DB1E761F0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{A1560F0C-EC8B-40DA-A9A3-05CE38A2F860}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{A57B87DE-8B48-4BB4-ADE2-DFB9060F5183}" = rport=139 | protocol=6 | dir=out | app=system | 

"{A76805BB-2FEE-4A4A-A234-273BF4909ABC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{A91BAE25-F6C0-4A9B-B21D-BB519D7356CC}" = lport=139 | protocol=6 | dir=in | app=system | 

"{B89C10B2-2B0F-4DB8-B001-70A9430BA00A}" = rport=445 | protocol=6 | dir=out | app=system | 

"{C046CBCE-8B18-4C78-B6FD-932243D0E9B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{CB5CA2D1-9276-45AE-9A0E-4BC819D57DBB}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{D3BD9A0E-DB26-47DE-B578-883DF2DDE38D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{D9032A42-DB3B-4322-AD2C-536034D7F228}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{E08B3DB6-489E-41F6-9740-D2D5299C0821}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{EBA599D9-8F5A-450D-A2D0-DEF68C5EFEF6}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{F8149C99-94F7-460E-A259-75A99AC7AEB4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{015CE07C-CCB0-4E36-944A-14DE97EEC01C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{03472033-611F-4767-AE3E-DCC526E80553}" = dir=in | app=c:\program files (x86)\lenovo\playmovie\playmovie.exe | 

"{0782ED6F-9AC4-42A0-A2F7-FE8F7481306E}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe | 

"{16AD594F-BF4B-424C-9079-78C0449DDCBA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{326370D1-EBF1-440A-977C-A3BDCFD77434}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{3C678971-6775-441B-AD4E-AEAA456A0426}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{41E15F97-3AC3-41F3-A16C-6735EA1FA611}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe | 

"{49B5C86E-AACF-45F0-B4E6-9C4E45AEE617}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{4EC451FE-F92C-41D9-AAF3-C31E755399D7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{4EDA282F-C97D-43AF-BF8A-0E27155E84F5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{524BCCD2-5B31-4DD4-866D-BE81EFBC5F6D}" = dir=in | app=c:\windows\system32\igrssvcs.exe | 

"{55DF5AE8-D02C-4A45-91EA-207374D433FA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 

"{5639874F-D477-42A2-92C8-6CB906373A96}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{5E2B415C-BC45-440D-AC0F-BD9E60A6CA7E}" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe | 

"{65A9B5B8-B818-48C1-AD80-FDB0B2FD0C4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{65B99C60-96DD-4C30-A6C0-CD62646CB663}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe | 

"{6648B268-6853-4028-98A5-217158849B24}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{67B5FA16-E18C-41BF-81B1-9289DBE457C8}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe | 

"{712848A1-5DAD-4C3D-B716-FAC29A491BB2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{743D4E2D-94F9-4DFF-A1D3-E613508EB7C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{7566229C-13DC-480A-8D0C-75612CB577FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{78E6A186-9F79-404E-9BB6-C29A93591D3E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 

"{7CC40C5E-75C0-4BDF-9EAE-B4AD3FA1DA39}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{7D4F8BDE-D008-41B6-9D80-A7896F6C9CC8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 

"{7D760158-9944-4C32-AE23-88464B4594E5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{8330347D-DD07-4EAA-B2E0-2B4DABD42C50}" = dir=out | app=c:\windows\system32\igrssvcs.exe | 

"{86F169F7-5652-443F-88E3-B8384C5A7003}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe | 

"{88B2B54B-8604-4E85-9621-38804469188E}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe | 

"{8C41C7A8-8C8A-4BEC-8B3D-F05EB937F1D9}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe | 

"{8C7D3D97-E73E-4C59-9576-64F659D396A2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{92B01DD7-846A-4059-A5ED-B195CA7832ED}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 

"{97AA661E-C2F1-49CF-9878-A946CF973D85}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 

"{97FDBA51-C4FE-4463-B2A5-273B85EAA0A5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{9C8E10AC-9BE6-43BB-8145-BD7A76721ED0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 

"{9D4FB561-4C4C-4950-B4AC-2E6CB53BA479}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 

"{ABEF77FD-802A-40C6-9305-C053D4EFD129}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{AE9C0479-4301-4A2C-9E57-B40927E1AB0B}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{B3B6AA24-0B74-4DB3-BFFC-D93B1D2B89A7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{BA917D03-7EA3-4CFC-9A1A-FFCE3EC0C322}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{BAFDF678-CD36-4C9E-956E-C53285F85DEB}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe | 

"{BEF600C0-8EF5-4292-993F-EB6958633647}" = dir=in | app=c:\program files (x86)\lenovo\playmovie\pmvservice.exe | 

"{C6472E23-9528-4D20-8396-4349A7C62598}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{C840818B-6022-483B-84CF-6B8E27EB48D5}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe | 

"{CA34795B-1985-4CB4-A848-C916DC83243C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{CC60A25C-B73B-48CB-A912-99D525264568}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{D3175696-A7A9-462A-B5EA-970E896B5BA4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 

"{D515B09D-C7EA-45B0-8A06-891AE6B85E19}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe | 

"{DC81BE8C-BE00-4A3E-A4D5-DC4ADAF608EC}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{E0A1797F-B59D-4FA9-950F-E35863FDE2AB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{E86F62AE-4AB1-4C15-BB7E-3E84A35D2AB2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{E92A6133-30B1-47AB-B264-767D30E5CBC4}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe | 

"{EC8F43CE-303D-4517-93D1-C0C954FD0629}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{EE35BF52-DBD2-40F4-BE63-A658C33F2316}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe | 

"{F009F8E5-0B14-43B0-9BB8-97FF822AB6B9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 

"{F23B3ABC-E5FA-467B-BC96-9A8C14EE2963}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe | 

"{FA409F6A-DD32-4C27-B433-F26468324CB2}" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe | 

"{FD902B70-3F0F-4090-ABE3-56845EDDC540}" = protocol=6 | dir=out | app=system | 

"TCP Query User{0CCC8848-D238-4711-8878-E2422C09AC58}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 

"TCP Query User{17119520-1254-429B-8E93-FB4C2307E95C}C:\users\regina\appdata\roaming\peufe\kyiv.exe" = protocol=6 | dir=in | app=c:\users\regina\appdata\roaming\peufe\kyiv.exe | 

"TCP Query User{31EA19B2-2240-4592-87BF-7701081B1873}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe | 

"TCP Query User{32212F9C-2A40-465F-A786-41F5C38544FA}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 

"TCP Query User{3604CFB1-D7C8-40A2-993B-B7230BEB47F3}C:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe | 

"TCP Query User{36212708-32F3-485E-A246-2A7F1283634A}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 

"TCP Query User{5C6DD1B1-2755-44DC-9807-7A9B5752B115}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe | 

"TCP Query User{6B2BA6D8-4751-400B-82AD-D4A7B478F32B}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 

"TCP Query User{D41AE055-D140-4567-9956-B780FD980510}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 

"UDP Query User{175BD25B-3E7C-405D-88A1-3AEAAF56CCEB}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 

"UDP Query User{6C8237C5-088B-49E3-95D5-BAABA1D0245F}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 

"UDP Query User{79366E6A-F8B2-4436-9812-D18F6B8904C6}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 

"UDP Query User{89A77771-4F8C-418C-99D9-DC0C77EDC526}C:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe | 

"UDP Query User{A2232FFC-1341-44E2-A9DE-E37AD6997372}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 

"UDP Query User{A2BAEE41-242E-4C17-B224-A308BF99E51F}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe | 

"UDP Query User{C4B0298C-C8F2-4C24-95F2-0DBADDFD0CC3}C:\users\regina\appdata\roaming\peufe\kyiv.exe" = protocol=17 | dir=in | app=c:\users\regina\appdata\roaming\peufe\kyiv.exe | 

"UDP Query User{CBEF827F-644D-4C82-974F-4BF1F8EC2E0F}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe | 

"UDP Query User{D20BFE61-B8DA-421D-A143-E851B9C96060}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety

"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support

"{793C0787-9638-9FCA-E424-D30FB5E5A752}" = ATI Catalyst Install Manager

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010

"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software

"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{C0DD912A-04BB-7012-EDC7-7D550893437E}" = ccc-utility64

"{CF29845C-705E-4450-A3FF-1D4754455AB9}" = Hybrid TV

"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector

"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources

"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers

"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1)

"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)

"DF9F23E360B18E10871A49C3BC1AEDA269B8E0E2" = Windows Driver Package - YUAN High-Tech Development Co., Ltd (ATIAVPCI) MEDIA  (07/16/2009 6.14.10.373)

"DFEA59689C004DFD0378309F3A583EA32D78A1B3" = Windows Driver Package - Broadcom Bluetooth  (01/06/2010 6.2.0.9416)

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"SynTPDeinstKey" = Synaptics Pointing Device Driver

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11

"{03AF6BF4-D234-1D9C-ED0F-568354B2A852}" = Catalyst Control Center Core Implementation

"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion

"{061034DA-ED68-4BDD-ACB9-4D0C6F90878F}" = MAGIX Music Maker 17 Trial (Soundpaket)

"{06FF834F-B3A1-8329-B228-EE357A584D70}" = CCC Help Greek

"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11

"{0749E1E5-BD6B-474C-BD21-48891526113E}" = MAGIX Music Maker 17 Download-Version

"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management

"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11

"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime

"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11

"{1226C38C-55A1-FDC4-CF37-2D5681173B34}" = CCC Help Finnish

"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5

"{19B084B8-8B95-9D62-A855-EBD890711489}" = Catalyst Control Center Graphics Light

"{1C98779A-56B1-AB70-0059-E6378B24EA66}" = CCC Help Korean

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{212D3D92-9FCC-EDDA-FFE4-426FE49030C5}" = Catalyst Control Center Graphics Full New

"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31

"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010

"{28ABE740-47F3-441B-9437-852F6A64EFF8}" = Lenovo_Wireless_Driver

"{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync

"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic

"{307702F6-FD2C-484A-8F2E-A1DCE85FD9CC}_is1" = 2weistein

"{330EBB01-9183-F56F-F9C9-CA20DD078234}" = CCC Help Hungarian

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)

"{3B233580-C1A3-B02F-93FC-48AC12905962}" = Catalyst Control Center InstallProxy

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology

"{3F7F9151-03DF-AA1E-6E2A-5FF7887F2FC7}" = CCC Help French

"{4162E4B4-DB62-4719-9921-A59B2671C1CB}" = Nero Recode 11

"{444D37B2-074E-5691-2B45-C02798972D32}" = CCC Help Chinese Traditional

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4D96D2F0-8FB4-45C2-9B80-2DCB88016316}_is1" = Machinarium

"{4E9DC986-7FC9-36BD-3C72-1B516F4F56C8}" = CCC Help Thai

"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.6

"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)

"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI

"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)

"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012

"{575B376D-0FDB-6046-4A04-9AD21BA578E4}" = CCC Help Polish

"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)

"{5885739F-97FF-4907-AC74-065515FFAFF0}" = Catalyst Control Center - Branding

"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3

"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{676482CF-ACEC-2EC6-29DE-BE3EB6AD829A}" = CCC Help Italian

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7388E582-8139-0498-7D38-98CE054A5553}" = CCC Help Norwegian

"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync

"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7865FE7A-60F5-9909-1E82-758B2F7F214B}" = Catalyst Control Center Graphics Previews Vista

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime

"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2

"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11

"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.6.0

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{8708B14E-C6E7-0069-2FCE-80DD0D99E8AF}" = CCC Help Turkish

"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010

"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010

"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010

"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010

"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010

"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010

"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010

"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010

"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010

"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010

"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010

"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{9453ED84-747C-DCB4-03D3-8D6DDB7D37AA}" = CCC Help Chinese Standard

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9D8491AD-D0D2-4B51-AA4A-A8B67795A553}" = Nero Burning ROM 11

"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1

"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples

"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Play Movie

"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11

"{AB47C549-E7D0-0093-2213-CDE2F49ED170}" = CCC Help Portuguese

"{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts

"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1

"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)

"{BB7DF440-DD8D-805A-2692-B196282338B9}" = CCC Help Spanish

"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media

"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11

"{C01D45AF-5BB5-085E-66BD-809952B65E29}" = CCC Help Czech

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser

"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari

"{C818D1A1-0E4E-354D-AD70-7A026585DE80}" = CCC Help Russian

"{CBE7C598-6525-54B3-7BAB-1C0FD28CB58A}" = CCC Help German

"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFE383C3-6877-AD3C-14CC-F6F1EBA3468B}" = CCC Help English

"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)

"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar

"{DB6F1190-E0EE-4037-2B18-3E60D2D4C68D}" = Catalyst Control Center Graphics Full Existing

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware

"{DF24EF87-0BDA-D8E7-71C0-AAAE928317DF}" = CCC Help Dutch

"{DFA154FD-9089-4E90-1236-E2BD6741B256}" = CCC Help Swedish

"{DFB19121-0609-49C1-92B1-546E5A940FE8}" = Onekey Theater

"{E04D1AC1-B3AF-4C1A-B7E0-B37A058271CE}" = MAGIX Screenshare

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11

"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic

"{E52F8D95-AEB5-3B67-879C-C59DF8AF88EE}" = Google Talk Plugin

"{E89BAE75-3446-43BA-B180-7F11692A9778}" = nero.prerequisites.msi

"{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}" = Nero 11

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)

"{ED731DBB-37A3-54A3-3288-5A8A189BBE93}" = ccc-core-static

"{EDC5A04C-27E3-F9A1-C225-E826890A4CE7}" = CCC Help Japanese

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F18357C8-C4D9-718C-65F4-98227EDF00D9}" = Catalyst Control Center Localization All

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F335B24B-0159-3C5D-DCCE-0E2ECD625166}" = CCC Help Danish

"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples

"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic

"{F5608FF7-17C0-440A-80C7-29C48363BD87}" = Lenovo EasyCamera

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171

"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)

"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11

"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008

"Ad-Aware" = Ad-Aware

"adawaretb" = Ad-Aware Security Add-on

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Shockwave Player" = Adobe Shockwave Player

"AllDup_is1" = AllDup 3.3.20

"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9

"ASIO4ALL" = ASIO4ALL

"avast" = avast! Free Antivirus

"ElsterFormular 13.2.0.8623p" = ElsterFormular

"ElsterFormular für Privatanwender 12.3.2.6814p" = ElsterFormular für Privatanwender

"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.10.722

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228

"Freeciv-2.3.1-gtk2" = Freeciv 2.3.1 (GTK+ client)

"GMX Upload-Manager" = GMX Upload-Manager

"Hardcopy(C__Program Files (x86)_Hardcopy)" = Hardcopy (C:\Program Files (x86)\Hardcopy)

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync

"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare

"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV

"Karlsson" = Karlsson

"Lenovo SlideNav2" = Lenovo SlideNav

"Lenovo SplitScreen" = Lenovo SplitScreen

"MAGIX Music Maker 16 Premium D" = MAGIX Music Maker 16 Premium

"MAGIX Screenshare D" = MAGIX Screenshare

"MAGIX_MSI_mm17" = MAGIX Music Maker 17 Download-Version

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400

"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010

"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010

"OpenAL" = OpenAL

"SopCast" = SopCast 3.3.2

"Unknown Horizons" = Unknown Horizons

"VLC media player" = VLC media player 1.1.7

"WinLiveSuite" = Windows Live Essentials

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"Google Chrome" = Google Chrome

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 30.09.2012 16:18:08 | Computer Name = superhirn | Source = Application Hang | ID = 1002

Description = Programm hardcopy.exe, Version 2011.7.2.0 kann nicht mehr unter Windows

 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,

 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 780    Startzeit: 

01cd9f486b0e9e45    Endzeit: 15    Anwendungspfad: C:\Program Files (x86)\Hardcopy\hardcopy.exe
 

Berichts-ID:

 e5fab153-0b3b-11e2-a821-c80aa9f6e46e  

 

Error - 01.10.2012 16:14:34 | Computer Name = superhirn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,

 Zeitstempel: 0x503723f6  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,

 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften

 Prozesses: 0x86c  Startzeit der fehlerhaften Anwendung: 0x01cda0114d7c30cb  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad

 des fehlerhaften Moduls: unknown  Berichtskennung: 9d8e1df8-0c04-11e2-9212-c80aa9f6e46e

 

Error - 01.10.2012 16:14:37 | Computer Name = superhirn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,

 Zeitstempel: 0x503723f6  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,

 Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0xc0000028  Fehleroffset: 0x0009087d  ID des fehlerhaften

 Prozesses: 0x86c  Startzeit der fehlerhaften Anwendung: 0x01cda0114d7c30cb  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad

 des fehlerhaften Moduls: C:\windows\SysWOW64\ntdll.dll  Berichtskennung: 9f496906-0c04-11e2-9212-c80aa9f6e46e

 

Error - 03.10.2012 11:38:16 | Computer Name = superhirn | Source = Lavasoft Ad-Aware Service | ID = 0

Description = 

 

Error - 03.10.2012 20:15:40 | Computer Name = superhirn | Source = SideBySide | ID = 16842827

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-

 oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"

 in Zeile 2.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

 

Error - 03.10.2012 20:19:25 | Computer Name = superhirn | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\Nero\Nero 11\nero recode\NeroBRServer.exe.Manifest".  Die abhängige Assemblierung

 "ACME,processorArchitecture="x86",type="win32",version="11.0.0.0"" konnte nicht

 gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

 

Error - 03.10.2012 20:20:11 | Computer Name = superhirn | Source = SideBySide | ID = 16842787

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\Nero\Nero 11\nero waveeditor\NMDllHost.exe.Manifest". Fehler in Manifest-

 oder Richtliniendatei "c:\program files (x86)\Nero\Nero 11\nero waveeditor\SMC\SMC.MANIFEST"

 in Zeile  3.  Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der

 angeforderten Komponente überein.  Verweis: SMC,processorArchitecture="x86",type="win32",version="8.1.0.0".

Definition:

 SMC,processorArchitecture="x86",type="win32",version="8.0.0.0".  Verwenden Sie das

 Programm "sxstrace.exe" für eine detaillierte Diagnose.

 

Error - 04.10.2012 04:07:23 | Computer Name = superhirn | Source = Lavasoft Ad-Aware Service | ID = 0

Description = 

 

Error - 04.10.2012 04:25:07 | Computer Name = superhirn | Source = MsiInstaller | ID = 11706

Description = 

 

Error - 05.10.2012 04:39:58 | Computer Name = superhirn | Source = MsiInstaller | ID = 11719

Description = 

 

[ Media Center Events ]

Error - 09.09.2012 17:12:42 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 23:12:42 - Fehler beim Herstellen der Internetverbindung.  23:12:42 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 17:12:52 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 23:12:47 - Fehler beim Herstellen der Internetverbindung.  23:12:47 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 18:12:57 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 00:12:57 - Fehler beim Herstellen der Internetverbindung.  00:12:57 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 18:13:07 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 00:13:02 - Fehler beim Herstellen der Internetverbindung.  00:13:02 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 19:13:12 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 01:13:12 - Fehler beim Herstellen der Internetverbindung.  01:13:12 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 19:13:22 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 01:13:17 - Fehler beim Herstellen der Internetverbindung.  01:13:17 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 04.10.2012 01:35:50 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 07:35:47 - Fehler beim Herstellen der Internetverbindung.  07:35:50 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 04.10.2012 02:21:53 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 07:36:01 - Fehler beim Herstellen der Internetverbindung.  07:36:01 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 04.10.2012 03:21:41 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 09:21:40 - Fehler beim Herstellen der Internetverbindung.  09:21:41 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 04.10.2012 03:21:59 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 09:21:46 - Fehler beim Herstellen der Internetverbindung.  09:21:46 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 05.10.2012 05:04:45 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 05.10.2012 05:06:27 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 05.10.2012 05:06:27 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 05.10.2012 05:06:27 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 05.10.2012 05:06:45 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 05.10.2012 05:06:45 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 05.10.2012 05:06:45 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 05.10.2012 05:08:33 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 05.10.2012 05:08:33 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 05.10.2012 05:08:33 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

 

< End of report >

--- --- ---

4. Schritt Defogger - alles OK
5. Schritt aswMBR - logfile kommt hier:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-05 12:31:02
-----------------------------
12:31:02.874 OS Version: Windows x64 6.1.7601 Service Pack 1
12:31:02.874 Number of processors: 4 586 0x1E05
12:31:02.874 ComputerName: SUPERHIRN UserName: Jan
12:31:04.044 Initialize success
12:31:05.417 AVAST engine defs: 12100400
12:32:29.173 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:32:29.173 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
12:32:29.189 Disk 0 MBR read successfully
12:32:29.189 Disk 0 MBR scan
12:32:29.719 Disk 0 Windows VISTA default MBR code
12:32:29.735 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
12:32:30.312 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 563840 MB offset 411648
12:32:30.359 Disk 0 Partition - 00 0F Extended LBA 31330 MB offset 1155155968
12:32:30.374 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 1219319808
12:32:30.468 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 31329 MB offset 1155158016
12:32:30.874 Disk 0 scanning C:\windows\system32\drivers
12:32:49.219 Service scanning
12:33:18.298 Modules scanning
12:33:18.298 Disk 0 trace - called modules:
12:33:18.313 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
12:33:18.344 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80073cc060]
12:33:18.344 3 CLASSPNP.SYS[fffff88001ba543f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800634e050]
12:33:18.360 Scan finished successfully
12:33:48.312 Disk 0 MBR has been saved successfully to "C:\Users\Jan\Desktop\MBR.dat"
12:33:48.328 The log file has been saved successfully to "C:\Users\Jan\Desktop\aswMBR.txt"

6. Schritt TDSSKiller hat nichts gefunden:

12:37:45.0152 2596 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
12:37:45.0355 2596 ============================================================
12:37:45.0355 2596 Current date / time: 2012/10/05 12:37:45.0355
12:37:45.0355 2596 SystemInfo:
12:37:45.0355 2596
12:37:45.0355 2596 OS Version: 6.1.7601 ServicePack: 1.0
12:37:45.0355 2596 Product type: Workstation
12:37:45.0355 2596 ComputerName: SUPERHIRN
12:37:45.0355 2596 UserName: Jan
12:37:45.0355 2596 Windows directory: C:\windows
12:37:45.0355 2596 System windows directory: C:\windows
12:37:45.0355 2596 Running under WOW64
12:37:45.0355 2596 Processor architecture: Intel x64
12:37:45.0355 2596 Number of processors: 4
12:37:45.0355 2596 Page size: 0x1000
12:37:45.0355 2596 Boot type: Safe boot with network
12:37:45.0355 2596 ============================================================
12:37:45.0791 2596 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:37:45.0791 2596 ============================================================
12:37:45.0791 2596 \Device\Harddisk0\DR0:
12:37:45.0791 2596 MBR partitions:
12:37:45.0791 2596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
12:37:45.0791 2596 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x44D40000
12:37:45.0823 2596 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x44DA5000, BlocksNum 0x3D30800
12:37:45.0823 2596 ============================================================
12:37:45.0869 2596 C: <-> \Device\Harddisk0\DR0\Partition2
12:37:45.0916 2596 D: <-> \Device\Harddisk0\DR0\Partition3
12:37:45.0916 2596 ============================================================
12:37:45.0916 2596 Initialize success
12:37:45.0916 2596 ============================================================
12:37:49.0957 2324 ============================================================
12:37:49.0957 2324 Scan started
12:37:49.0957 2324 Mode: Manual;
12:37:49.0957 2324 ============================================================
12:37:50.0206 2324 ================ Scan system memory ========================
12:37:50.0206 2324 System memory - ok
12:37:50.0206 2324 ================ Scan services =============================
12:37:50.0409 2324 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
12:37:50.0409 2324 1394ohci - ok
12:37:50.0471 2324 [ 6E9C8B324980AFE454C6F7762E2B4478 ] acedrv07 C:\windows\system32\drivers\acedrv07.sys
12:37:50.0471 2324 acedrv07 - ok
12:37:50.0518 2324 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
12:37:50.0518 2324 ACPI - ok
12:37:50.0581 2324 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
12:37:50.0581 2324 AcpiPmi - ok
12:37:50.0627 2324 [ DC201246A14CB3B274DF59FAF539AB07 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
12:37:50.0627 2324 ACPIVPC - ok
12:37:50.0768 2324 [ 5E1A953C6472E7BB644892A4D0DF5E72 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:37:50.0783 2324 AdobeFlashPlayerUpdateSvc - ok
12:37:50.0846 2324 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
12:37:50.0846 2324 adp94xx - ok
12:37:50.0877 2324 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
12:37:50.0877 2324 adpahci - ok
12:37:50.0908 2324 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
12:37:50.0908 2324 adpu320 - ok
12:37:50.0939 2324 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
12:37:50.0939 2324 AeLookupSvc - ok
12:37:51.0002 2324 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
12:37:51.0017 2324 AFD - ok
12:37:51.0095 2324 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
12:37:51.0095 2324 agp440 - ok
12:37:51.0142 2324 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
12:37:51.0142 2324 ALG - ok
12:37:51.0173 2324 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
12:37:51.0173 2324 aliide - ok
12:37:51.0220 2324 [ 957A387F09BF497002B11BA609460F4C ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
12:37:51.0220 2324 AMD External Events Utility - ok
12:37:51.0267 2324 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
12:37:51.0267 2324 amdide - ok
12:37:51.0314 2324 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
12:37:51.0314 2324 AmdK8 - ok
12:37:51.0454 2324 [ 5A7F53E425BF675AB1B80435DA70F676 ] amdkmdag C:\windows\system32\DRIVERS\atipmdag.sys
12:37:51.0579 2324 amdkmdag - ok
12:37:51.0641 2324 [ D92AC218752B8F7F0A4296FCA417C4CF ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
12:37:51.0641 2324 amdkmdap - ok
12:37:51.0657 2324 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
12:37:51.0657 2324 AmdPPM - ok
12:37:51.0704 2324 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
12:37:51.0704 2324 amdsata - ok
12:37:51.0735 2324 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
12:37:51.0735 2324 amdsbs - ok
12:37:51.0751 2324 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
12:37:51.0751 2324 amdxata - ok
12:37:51.0813 2324 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
12:37:51.0813 2324 AppID - ok
12:37:51.0860 2324 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
12:37:51.0860 2324 AppIDSvc - ok
12:37:51.0891 2324 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
12:37:51.0891 2324 Appinfo - ok
12:37:52.0016 2324 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:37:52.0016 2324 Apple Mobile Device - ok
12:37:52.0047 2324 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
12:37:52.0047 2324 arc - ok
12:37:52.0063 2324 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
12:37:52.0063 2324 arcsas - ok
12:37:52.0109 2324 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
12:37:52.0109 2324 aswFsBlk - ok
12:37:52.0187 2324 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
12:37:52.0187 2324 aswMonFlt - ok
12:37:52.0234 2324 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
12:37:52.0234 2324 aswRdr - ok
12:37:52.0265 2324 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\windows\system32\drivers\aswSnx.sys
12:37:52.0281 2324 aswSnx - ok
12:37:52.0328 2324 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\windows\system32\drivers\aswSP.sys
12:37:52.0328 2324 aswSP - ok
12:37:52.0359 2324 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\windows\system32\drivers\aswTdi.sys
12:37:52.0359 2324 aswTdi - ok
12:37:52.0406 2324 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
12:37:52.0406 2324 AsyncMac - ok
12:37:52.0453 2324 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
12:37:52.0453 2324 atapi - ok
12:37:52.0531 2324 [ D6CAD7E5B05055BB8226BDCB1644DA27 ] athr C:\windows\system32\DRIVERS\athrx.sys
12:37:52.0562 2324 athr - ok
12:37:52.0593 2324 [ C5B7809742AD1B792BDD075B763B13A3 ] ATIAVPCI C:\windows\system32\DRIVERS\atinavrr.sys
12:37:52.0624 2324 ATIAVPCI - ok
12:37:52.0718 2324 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
12:37:52.0733 2324 AudioEndpointBuilder - ok
12:37:52.0749 2324 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
12:37:52.0765 2324 AudioSrv - ok
12:37:52.0858 2324 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:37:52.0858 2324 avast! Antivirus - ok
12:37:52.0905 2324 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
12:37:52.0921 2324 AxInstSV - ok
12:37:52.0967 2324 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
12:37:52.0967 2324 b06bdrv - ok
12:37:53.0014 2324 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
12:37:53.0014 2324 b57nd60a - ok
12:37:53.0155 2324 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
12:37:53.0155 2324 BBSvc - ok
12:37:53.0217 2324 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
12:37:53.0217 2324 BBUpdate - ok
12:37:53.0279 2324 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
12:37:53.0279 2324 BDESVC - ok
12:37:53.0326 2324 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
12:37:53.0326 2324 Beep - ok
12:37:53.0404 2324 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
12:37:53.0404 2324 BFE - ok
12:37:53.0482 2324 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
12:37:53.0498 2324 BITS - ok
12:37:53.0545 2324 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
12:37:53.0545 2324 blbdrive - ok
12:37:53.0607 2324 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:37:53.0607 2324 Bonjour Service - ok
12:37:53.0669 2324 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
12:37:53.0669 2324 bowser - ok
12:37:53.0701 2324 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
12:37:53.0701 2324 BrFiltLo - ok
12:37:53.0716 2324 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
12:37:53.0716 2324 BrFiltUp - ok
12:37:53.0779 2324 [ 34F786535F9245E4028C57B28248C9D8 ] Bridge0 C:\windows\system32\drivers\WDBridge.sys
12:37:53.0779 2324 Bridge0 - ok
12:37:53.0825 2324 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
12:37:53.0825 2324 Browser - ok
12:37:53.0857 2324 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
12:37:53.0857 2324 Brserid - ok
12:37:53.0888 2324 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
12:37:53.0888 2324 BrSerWdm - ok
12:37:53.0903 2324 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
12:37:53.0903 2324 BrUsbMdm - ok
12:37:53.0919 2324 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
12:37:53.0919 2324 BrUsbSer - ok
12:37:53.0966 2324 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
12:37:53.0966 2324 BthEnum - ok
12:37:53.0997 2324 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
12:37:53.0997 2324 BTHMODEM - ok
12:37:54.0028 2324 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
12:37:54.0028 2324 BthPan - ok
12:37:54.0075 2324 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
12:37:54.0091 2324 BTHPORT - ok
12:37:54.0137 2324 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
12:37:54.0137 2324 bthserv - ok
12:37:54.0169 2324 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
12:37:54.0169 2324 BTHUSB - ok
12:37:54.0200 2324 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\windows\system32\drivers\btusbflt.sys
12:37:54.0200 2324 btusbflt - ok
12:37:54.0247 2324 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\windows\system32\drivers\btwaudio.sys
12:37:54.0247 2324 btwaudio - ok
12:37:54.0293 2324 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\windows\system32\drivers\btwavdt.sys
12:37:54.0293 2324 btwavdt - ok
12:37:54.0371 2324 [ A8C22ACBE494D2F92FDB4C7EDD09528C ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
12:37:54.0387 2324 btwdins - ok
12:37:54.0418 2324 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
12:37:54.0418 2324 btwl2cap - ok
12:37:54.0449 2324 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
12:37:54.0449 2324 btwrchid - ok
12:37:54.0496 2324 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
12:37:54.0496 2324 cdfs - ok
12:37:54.0543 2324 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
12:37:54.0543 2324 cdrom - ok
12:37:54.0590 2324 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
12:37:54.0590 2324 CertPropSvc - ok
12:37:54.0637 2324 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
12:37:54.0637 2324 circlass - ok
12:37:54.0652 2324 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
12:37:54.0668 2324 CLFS - ok
12:37:54.0761 2324 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:37:54.0761 2324 clr_optimization_v2.0.50727_32 - ok
12:37:54.0793 2324 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:37:54.0793 2324 clr_optimization_v2.0.50727_64 - ok
12:37:54.0886 2324 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:37:54.0886 2324 clr_optimization_v4.0.30319_32 - ok
12:37:54.0949 2324 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:37:54.0949 2324 clr_optimization_v4.0.30319_64 - ok
12:37:54.0980 2324 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
12:37:54.0980 2324 CmBatt - ok
12:37:54.0995 2324 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
12:37:54.0995 2324 cmdide - ok
12:37:55.0042 2324 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
12:37:55.0042 2324 CNG - ok
12:37:55.0105 2324 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
12:37:55.0105 2324 Compbatt - ok
12:37:55.0167 2324 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
12:37:55.0167 2324 CompositeBus - ok
12:37:55.0167 2324 COMSysApp - ok
12:37:55.0214 2324 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
12:37:55.0214 2324 crcdisk - ok
12:37:55.0276 2324 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
12:37:55.0276 2324 CryptSvc - ok
12:37:55.0385 2324 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:37:55.0385 2324 cvhsvc - ok
12:37:55.0495 2324 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
12:37:55.0495 2324 DcomLaunch - ok
12:37:55.0557 2324 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
12:37:55.0557 2324 defragsvc - ok
12:37:55.0619 2324 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
12:37:55.0619 2324 DfsC - ok
12:37:55.0666 2324 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
12:37:55.0666 2324 Dhcp - ok
12:37:55.0697 2324 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
12:37:55.0697 2324 discache - ok
12:37:55.0744 2324 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
12:37:55.0744 2324 Disk - ok
12:37:55.0791 2324 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
12:37:55.0791 2324 Dnscache - ok
12:37:55.0838 2324 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
12:37:55.0838 2324 dot3svc - ok
12:37:55.0885 2324 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
12:37:55.0885 2324 DPS - ok
12:37:55.0916 2324 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
12:37:55.0916 2324 drmkaud - ok
12:37:55.0978 2324 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
12:37:55.0994 2324 DXGKrnl - ok
12:37:56.0025 2324 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
12:37:56.0025 2324 EapHost - ok
12:37:56.0087 2324 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
12:37:56.0150 2324 ebdrv - ok
12:37:56.0197 2324 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
12:37:56.0197 2324 EFS - ok
12:37:56.0275 2324 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
12:37:56.0275 2324 ehRecvr - ok
12:37:56.0337 2324 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
12:37:56.0337 2324 ehSched - ok
12:37:56.0368 2324 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
12:37:56.0384 2324 elxstor - ok
12:37:56.0431 2324 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
12:37:56.0431 2324 ErrDev - ok
12:37:56.0524 2324 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
12:37:56.0524 2324 EventSystem - ok
12:37:56.0587 2324 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
12:37:56.0587 2324 exfat - ok
12:37:56.0665 2324 Fabs - ok
12:37:56.0696 2324 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
12:37:56.0696 2324 fastfat - ok
12:37:56.0743 2324 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
12:37:56.0743 2324 Fax - ok
12:37:56.0774 2324 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
12:37:56.0789 2324 fdc - ok
12:37:56.0805 2324 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
12:37:56.0805 2324 fdPHost - ok
12:37:56.0805 2324 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
12:37:56.0821 2324 FDResPub - ok
12:37:56.0836 2324 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
12:37:56.0836 2324 FileInfo - ok
12:37:56.0852 2324 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
12:37:56.0852 2324 Filetrace - ok
12:37:56.0992 2324 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
12:37:57.0055 2324 FirebirdServerMAGIXInstance - ok
12:37:57.0101 2324 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
12:37:57.0101 2324 flpydisk - ok
12:37:57.0179 2324 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
12:37:57.0179 2324 FltMgr - ok
12:37:57.0226 2324 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
12:37:57.0242 2324 FontCache - ok
12:37:57.0289 2324 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:37:57.0289 2324 FontCache3.0.0.0 - ok
12:37:57.0335 2324 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
12:37:57.0335 2324 FsDepends - ok
12:37:57.0382 2324 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
12:37:57.0382 2324 fssfltr - ok
12:37:57.0491 2324 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:37:57.0538 2324 fsssvc - ok
12:37:57.0569 2324 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
12:37:57.0569 2324 Fs_Rec - ok
12:37:57.0616 2324 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
12:37:57.0616 2324 fvevol - ok
12:37:57.0647 2324 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
12:37:57.0663 2324 gagp30kx - ok
12:37:57.0710 2324 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
12:37:57.0710 2324 GEARAspiWDM - ok
12:37:57.0772 2324 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
12:37:57.0772 2324 gpsvc - ok
12:37:57.0928 2324 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:37:57.0928 2324 gupdate - ok
12:37:57.0959 2324 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:37:57.0975 2324 gupdatem - ok
12:37:57.0991 2324 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
12:37:57.0991 2324 hcw85cir - ok
12:37:58.0069 2324 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
12:37:58.0069 2324 HdAudAddService - ok
12:37:58.0131 2324 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
12:37:58.0131 2324 HDAudBus - ok
12:37:58.0147 2324 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
12:37:58.0147 2324 HECIx64 - ok
12:37:58.0178 2324 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
12:37:58.0178 2324 HidBatt - ok
12:37:58.0209 2324 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
12:37:58.0209 2324 HidBth - ok
12:37:58.0271 2324 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
12:37:58.0271 2324 HidIr - ok
12:37:58.0303 2324 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
12:37:58.0303 2324 hidserv - ok
12:37:58.0365 2324 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
12:37:58.0365 2324 HidUsb - ok
12:37:58.0427 2324 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
12:37:58.0427 2324 hkmsvc - ok
12:37:58.0474 2324 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
12:37:58.0474 2324 HomeGroupListener - ok
12:37:58.0521 2324 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
12:37:58.0537 2324 HomeGroupProvider - ok
12:37:58.0583 2324 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
12:37:58.0583 2324 HpSAMD - ok
12:37:58.0646 2324 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
12:37:58.0661 2324 HTTP - ok
12:37:58.0708 2324 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
12:37:58.0708 2324 hwpolicy - ok
12:37:58.0771 2324 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
12:37:58.0771 2324 i8042prt - ok
12:37:58.0802 2324 [ 073A606333B6F7BBF20AA856DF7F0997 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
12:37:58.0802 2324 iaStor - ok
12:37:58.0880 2324 [ CC800D2D9FD467542BAC7C186C4774AD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:37:58.0880 2324 IAStorDataMgrSvc - ok
12:37:58.0942 2324 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
12:37:58.0958 2324 iaStorV - ok
12:37:59.0036 2324 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:37:59.0051 2324 idsvc - ok
12:37:59.0176 2324 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
12:37:59.0270 2324 igfx - ok
12:37:59.0348 2324 [ D951D20153E51928F9DB2227D6FF5C7A ] IGRS C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
12:37:59.0348 2324 IGRS - ok
12:37:59.0395 2324 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
12:37:59.0395 2324 iirsp - ok
12:37:59.0441 2324 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
12:37:59.0457 2324 IKEEXT - ok
12:37:59.0566 2324 [ 06B774E74F7E2B8AE903A70C45A03D61 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
12:37:59.0613 2324 IntcAzAudAddService - ok
12:37:59.0660 2324 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
12:37:59.0660 2324 intelide - ok
12:37:59.0707 2324 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
12:37:59.0707 2324 intelppm - ok
12:37:59.0738 2324 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
12:37:59.0738 2324 IPBusEnum - ok
12:37:59.0785 2324 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
12:37:59.0785 2324 IpFilterDriver - ok
12:37:59.0847 2324 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
12:37:59.0847 2324 iphlpsvc - ok
12:37:59.0878 2324 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
12:37:59.0894 2324 IPMIDRV - ok
12:37:59.0909 2324 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
12:37:59.0909 2324 IPNAT - ok
12:37:59.0972 2324 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:37:59.0987 2324 iPod Service - ok
12:38:00.0034 2324 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
12:38:00.0034 2324 IRENUM - ok
12:38:00.0050 2324 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
12:38:00.0050 2324 isapnp - ok
12:38:00.0112 2324 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
12:38:00.0112 2324 iScsiPrt - ok
12:38:00.0159 2324 [ 3926C8C55A2CD2C94888BE39B4BEB629 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
12:38:00.0159 2324 JMCR - ok
12:38:00.0175 2324 [ CEE38AB6627CB2F8A97DD7D5A8449944 ] JmUsbCcgp C:\windows\system32\DRIVERS\jmccgp.sys
12:38:00.0175 2324 JmUsbCcgp - ok
12:38:00.0221 2324 [ 6BA6296905D46C003838D1DD05F38DDD ] JmUsbVideo C:\windows\system32\Drivers\jmcam.sys
12:38:00.0221 2324 JmUsbVideo - ok
12:38:00.0237 2324 [ 4DCA10EF74CB49D6460F23A34C3593FB ] JmUsbVideo2 C:\windows\system32\Drivers\jmcam_lo.sys
12:38:00.0237 2324 JmUsbVideo2 - ok
12:38:00.0268 2324 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys
12:38:00.0268 2324 k57nd60a - ok
12:38:00.0299 2324 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
12:38:00.0299 2324 kbdclass - ok
12:38:00.0346 2324 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
12:38:00.0346 2324 kbdhid - ok
12:38:00.0362 2324 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
12:38:00.0362 2324 KeyIso - ok
12:38:00.0409 2324 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
12:38:00.0409 2324 KSecDD - ok
12:38:00.0424 2324 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
12:38:00.0424 2324 KSecPkg - ok
12:38:00.0455 2324 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
12:38:00.0455 2324 ksthunk - ok
12:38:00.0471 2324 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
12:38:00.0487 2324 KtmRm - ok
12:38:00.0549 2324 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
12:38:00.0549 2324 LanmanServer - ok
12:38:00.0580 2324 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
12:38:00.0580 2324 LanmanWorkstation - ok
12:38:00.0674 2324 [ 61323B88EFE90F6B144A3611B3ED1D7D ] Lavasoft Ad-Aware Service C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
12:38:00.0689 2324 Lavasoft Ad-Aware Service - ok
12:38:00.0721 2324 [ C8B3131857931AE76798A741CC52B021 ] Lbd C:\windows\system32\DRIVERS\Lbd.sys
12:38:00.0721 2324 Lbd - ok
12:38:00.0767 2324 [ 7FCB3EC66361F157BCD5B5C33CE2AC16 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
12:38:00.0783 2324 Lenovo ReadyComm AppSvc - ok
12:38:00.0799 2324 [ 04D9897EAAAE535C4B7DD61574F1A021 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
12:38:00.0799 2324 Lenovo ReadyComm ConnSvc - ok
12:38:00.0830 2324 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys
12:38:00.0830 2324 LHDmgr - ok
12:38:00.0877 2324 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
12:38:00.0877 2324 lltdio - ok
12:38:00.0892 2324 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
12:38:00.0908 2324 lltdsvc - ok
12:38:00.0923 2324 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
12:38:00.0923 2324 lmhosts - ok
12:38:00.0986 2324 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:38:00.0986 2324 LMS - ok
12:38:01.0033 2324 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
12:38:01.0033 2324 LSI_FC - ok
12:38:01.0064 2324 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
12:38:01.0064 2324 LSI_SAS - ok
12:38:01.0079 2324 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
12:38:01.0095 2324 LSI_SAS2 - ok
12:38:01.0095 2324 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
12:38:01.0095 2324 LSI_SCSI - ok
12:38:01.0126 2324 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
12:38:01.0126 2324 luafv - ok
12:38:01.0189 2324 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
12:38:01.0189 2324 Mcx2Svc - ok
12:38:01.0220 2324 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
12:38:01.0220 2324 megasas - ok
12:38:01.0235 2324 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
12:38:01.0235 2324 MegaSR - ok
12:38:01.0313 2324 Microsoft SharePoint Workspace Audit Service - ok
12:38:01.0360 2324 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
12:38:01.0360 2324 MMCSS - ok
12:38:01.0391 2324 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
12:38:01.0391 2324 Modem - ok
12:38:01.0407 2324 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
12:38:01.0423 2324 monitor - ok
12:38:01.0469 2324 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
12:38:01.0485 2324 mouclass - ok
12:38:01.0532 2324 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
12:38:01.0532 2324 mouhid - ok
12:38:01.0579 2324 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
12:38:01.0579 2324 mountmgr - ok
12:38:01.0610 2324 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
12:38:01.0610 2324 mpio - ok
12:38:01.0625 2324 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
12:38:01.0625 2324 mpsdrv - ok
12:38:01.0703 2324 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
12:38:01.0719 2324 MpsSvc - ok
12:38:01.0781 2324 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
12:38:01.0781 2324 MRxDAV - ok
12:38:01.0813 2324 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
12:38:01.0813 2324 mrxsmb - ok
12:38:01.0859 2324 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
12:38:01.0859 2324 mrxsmb10 - ok
12:38:01.0906 2324 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
12:38:01.0906 2324 mrxsmb20 - ok
12:38:01.0953 2324 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
12:38:01.0953 2324 msahci - ok
12:38:01.0969 2324 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
12:38:01.0969 2324 msdsm - ok
12:38:02.0000 2324 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
12:38:02.0015 2324 MSDTC - ok
12:38:02.0031 2324 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
12:38:02.0031 2324 Msfs - ok
12:38:02.0047 2324 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
12:38:02.0047 2324 mshidkmdf - ok
12:38:02.0109 2324 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
12:38:02.0109 2324 msisadrv - ok
12:38:02.0171 2324 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
12:38:02.0171 2324 MSiSCSI - ok
12:38:02.0171 2324 msiserver - ok
12:38:02.0218 2324 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
12:38:02.0218 2324 MSKSSRV - ok
12:38:02.0218 2324 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
12:38:02.0218 2324 MSPCLOCK - ok
12:38:02.0218 2324 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
12:38:02.0218 2324 MSPQM - ok
12:38:02.0265 2324 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
12:38:02.0265 2324 MsRPC - ok
12:38:02.0312 2324 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
12:38:02.0312 2324 mssmbios - ok
12:38:02.0343 2324 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
12:38:02.0343 2324 MSTEE - ok
12:38:02.0359 2324 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
12:38:02.0359 2324 MTConfig - ok
12:38:02.0374 2324 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
12:38:02.0374 2324 Mup - ok
12:38:02.0421 2324 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
12:38:02.0421 2324 napagent - ok
12:38:02.0468 2324 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
12:38:02.0483 2324 NativeWifiP - ok
12:38:02.0608 2324 [ 7F79DA9E719D0774BDBC3622ABD3AFD9 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
12:38:02.0624 2324 NAUpdate - ok
12:38:02.0686 2324 [ 7B2D90BBBBED11C8DFBA441D34AE901E ] NBVol C:\windows\system32\DRIVERS\NBVol.sys
12:38:02.0686 2324 NBVol - ok
12:38:02.0733 2324 [ 4FE7B5757279D82C4D171E9F7FD52A75 ] NBVolUp C:\windows\system32\DRIVERS\NBVolUp.sys
12:38:02.0733 2324 NBVolUp - ok
12:38:02.0795 2324 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
12:38:02.0795 2324 NDIS - ok
12:38:02.0842 2324 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
12:38:02.0842 2324 NdisCap - ok
12:38:02.0873 2324 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
12:38:02.0873 2324 NdisTapi - ok
12:38:02.0920 2324 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
12:38:02.0920 2324 Ndisuio - ok
12:38:02.0951 2324 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
12:38:02.0951 2324 NdisWan - ok
12:38:02.0998 2324 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
12:38:02.0998 2324 NDProxy - ok
12:38:03.0029 2324 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
12:38:03.0029 2324 NetBIOS - ok
12:38:03.0061 2324 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
12:38:03.0076 2324 NetBT - ok
12:38:03.0092 2324 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
12:38:03.0092 2324 Netlogon - ok
12:38:03.0139 2324 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
12:38:03.0139 2324 Netman - ok
12:38:03.0154 2324 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
12:38:03.0154 2324 netprofm - ok
12:38:03.0201 2324 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:38:03.0201 2324 NetTcpPortSharing - ok
12:38:03.0341 2324 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys
12:38:03.0435 2324 netw5v64 - ok
12:38:03.0451 2324 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
12:38:03.0466 2324 nfrd960 - ok
12:38:03.0513 2324 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
12:38:03.0513 2324 NlaSvc - ok
12:38:03.0544 2324 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
12:38:03.0544 2324 Npfs - ok
12:38:03.0575 2324 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
12:38:03.0575 2324 nsi - ok
12:38:03.0607 2324 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
12:38:03.0607 2324 nsiproxy - ok
12:38:03.0685 2324 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
12:38:03.0716 2324 Ntfs - ok
12:38:03.0747 2324 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
12:38:03.0747 2324 Null - ok
12:38:03.0794 2324 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
12:38:03.0794 2324 nvraid - ok
12:38:03.0825 2324 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
12:38:03.0825 2324 nvstor - ok
12:38:03.0872 2324 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
12:38:03.0872 2324 nv_agp - ok
12:38:03.0919 2324 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
12:38:03.0919 2324 ohci1394 - ok
12:38:03.0981 2324 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:38:03.0981 2324 ose - ok
12:38:04.0106 2324 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:38:04.0199 2324 osppsvc - ok
12:38:04.0231 2324 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
12:38:04.0246 2324 p2pimsvc - ok
12:38:04.0262 2324 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
12:38:04.0262 2324 p2psvc - ok
12:38:04.0309 2324 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
12:38:04.0309 2324 Parport - ok
12:38:04.0340 2324 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
12:38:04.0340 2324 partmgr - ok
12:38:04.0355 2324 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
12:38:04.0355 2324 PcaSvc - ok
12:38:04.0402 2324 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
12:38:04.0418 2324 pci - ok
12:38:04.0449 2324 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
12:38:04.0449 2324 pciide - ok
12:38:04.0480 2324 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
12:38:04.0480 2324 pcmcia - ok
12:38:04.0496 2324 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
12:38:04.0496 2324 pcw - ok
12:38:04.0527 2324 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
12:38:04.0527 2324 PEAUTH - ok
12:38:04.0621 2324 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
12:38:04.0621 2324 PerfHost - ok
12:38:04.0730 2324 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
12:38:04.0761 2324 pla - ok
12:38:04.0839 2324 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
12:38:04.0839 2324 PlugPlay - ok
12:38:04.0855 2324 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
12:38:04.0855 2324 PNRPAutoReg - ok
12:38:04.0886 2324 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
12:38:04.0886 2324 PNRPsvc - ok
12:38:04.0933 2324 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
12:38:04.0948 2324 PolicyAgent - ok
12:38:04.0964 2324 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
12:38:04.0964 2324 Power - ok
12:38:05.0011 2324 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
12:38:05.0026 2324 PptpMiniport - ok
12:38:05.0042 2324 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
12:38:05.0042 2324 Processor - ok
12:38:05.0104 2324 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\windows\system32\profsvc.dll
12:38:05.0104 2324 ProfSvc - ok
12:38:05.0104 2324 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
12:38:05.0104 2324 ProtectedStorage - ok
12:38:05.0167 2324 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
12:38:05.0167 2324 Psched - ok
12:38:05.0167 2324 PS_MDP - ok
12:38:05.0213 2324 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
12:38:05.0245 2324 ql2300 - ok
12:38:05.0260 2324 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
12:38:05.0260 2324 ql40xx - ok
12:38:05.0276 2324 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
12:38:05.0291 2324 QWAVE - ok
12:38:05.0307 2324 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
12:38:05.0307 2324 QWAVEdrv - ok
12:38:05.0323 2324 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
12:38:05.0323 2324 RasAcd - ok
12:38:05.0354 2324 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
12:38:05.0354 2324 RasAgileVpn - ok
12:38:05.0385 2324 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
12:38:05.0385 2324 RasAuto - ok
12:38:05.0432 2324 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
12:38:05.0432 2324 Rasl2tp - ok
12:38:05.0479 2324 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
12:38:05.0494 2324 RasMan - ok
12:38:05.0510 2324 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
12:38:05.0510 2324 RasPppoe - ok
12:38:05.0557 2324 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
12:38:05.0557 2324 RasSstp - ok
12:38:05.0619 2324 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
12:38:05.0619 2324 rdbss - ok
12:38:05.0635 2324 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
12:38:05.0635 2324 rdpbus - ok
12:38:05.0650 2324 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
12:38:05.0650 2324 RDPCDD - ok
12:38:05.0681 2324 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
12:38:05.0681 2324 RDPENCDD - ok
12:38:05.0713 2324 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
12:38:05.0713 2324 RDPREFMP - ok
12:38:05.0759 2324 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
12:38:05.0759 2324 RDPWD - ok
12:38:05.0822 2324 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
12:38:05.0837 2324 rdyboost - ok
12:38:05.0853 2324 ReadyComm.DirectRouter - ok
12:38:05.0869 2324 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
12:38:05.0869 2324 RemoteAccess - ok
12:38:05.0900 2324 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
12:38:05.0915 2324 RemoteRegistry - ok
12:38:05.0978 2324 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
12:38:05.0978 2324 RFCOMM - ok
12:38:06.0025 2324 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
12:38:06.0025 2324 RpcEptMapper - ok
12:38:06.0056 2324 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
12:38:06.0056 2324 RpcLocator - ok
12:38:06.0087 2324 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
12:38:06.0103 2324 RpcSs - ok
12:38:06.0134 2324 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
12:38:06.0134 2324 rspndr - ok
12:38:06.0181 2324 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIVX.sys
12:38:06.0181 2324 RTHDMIAzAudService - ok
12:38:06.0196 2324 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
12:38:06.0196 2324 SamSs - ok
12:38:06.0243 2324 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
12:38:06.0243 2324 sbp2port - ok
12:38:06.0274 2324 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
12:38:06.0274 2324 SCardSvr - ok
12:38:06.0305 2324 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
12:38:06.0321 2324 scfilter - ok
12:38:06.0368 2324 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
12:38:06.0383 2324 Schedule - ok
12:38:06.0430 2324 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
12:38:06.0430 2324 SCPolicySvc - ok
12:38:06.0493 2324 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys
12:38:06.0493 2324 sdbus - ok
12:38:06.0539 2324 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
12:38:06.0555 2324 SDRSVC - ok
12:38:06.0586 2324 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
12:38:06.0586 2324 secdrv - ok
12:38:06.0633 2324 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
12:38:06.0633 2324 seclogon - ok
12:38:06.0649 2324 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
12:38:06.0649 2324 SENS - ok
12:38:06.0680 2324 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
12:38:06.0680 2324 SensrSvc - ok
12:38:06.0727 2324 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
12:38:06.0727 2324 Serenum - ok
12:38:06.0758 2324 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
12:38:06.0758 2324 Serial - ok
12:38:06.0773 2324 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
12:38:06.0773 2324 sermouse - ok
12:38:06.0820 2324 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
12:38:06.0820 2324 SessionEnv - ok
12:38:06.0851 2324 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
12:38:06.0851 2324 sffdisk - ok
12:38:06.0851 2324 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
12:38:06.0851 2324 sffp_mmc - ok
12:38:06.0867 2324 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
12:38:06.0867 2324 sffp_sd - ok
12:38:06.0929 2324 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
12:38:06.0929 2324 sfloppy - ok
12:38:06.0992 2324 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
12:38:07.0007 2324 Sftfs - ok
12:38:07.0085 2324 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:38:07.0101 2324 sftlist - ok
12:38:07.0117 2324 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
12:38:07.0117 2324 Sftplay - ok
12:38:07.0132 2324 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
12:38:07.0132 2324 Sftredir - ok
12:38:07.0179 2324 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
12:38:07.0179 2324 Sftvol - ok
12:38:07.0179 2324 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:38:07.0179 2324 sftvsa - ok
12:38:07.0226 2324 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
12:38:07.0226 2324 SharedAccess - ok
12:38:07.0273 2324 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
12:38:07.0273 2324 ShellHWDetection - ok
12:38:07.0304 2324 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
12:38:07.0304 2324 SiSRaid2 - ok
12:38:07.0335 2324 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
12:38:07.0335 2324 SiSRaid4 - ok
12:38:07.0429 2324 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:38:07.0429 2324 SkypeUpdate - ok
12:38:07.0491 2324 [ AD2FA5CB9E9EBF668786CCDAE5CFE458 ] Slidebar Notifier Service C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
12:38:07.0507 2324 Slidebar Notifier Service - ok
12:38:07.0538 2324 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
12:38:07.0538 2324 Smb - ok
12:38:07.0569 2324 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
12:38:07.0585 2324 SNMPTRAP - ok
12:38:07.0631 2324 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
12:38:07.0631 2324 spldr - ok
12:38:07.0709 2324 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
12:38:07.0709 2324 Spooler - ok
12:38:07.0819 2324 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
12:38:07.0881 2324 sppsvc - ok
12:38:07.0912 2324 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
12:38:07.0912 2324 sppuinotify - ok
12:38:07.0975 2324 [ B9657A0AFF28C1CB114ACC0CB93EE4BB ] sp_rsdrv2 C:\windows\system32\DRIVERS\stflt.sys
12:38:07.0975 2324 sp_rsdrv2 - ok
12:38:08.0021 2324 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
12:38:08.0021 2324 srv - ok
12:38:08.0084 2324 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
12:38:08.0084 2324 srv2 - ok
12:38:08.0099 2324 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
12:38:08.0099 2324 srvnet - ok
12:38:08.0146 2324 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
12:38:08.0146 2324 SSDPSRV - ok
12:38:08.0162 2324 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
12:38:08.0177 2324 SstpSvc - ok
12:38:08.0255 2324 [ DDD02F9CB4CB29FC1655F199B3432C3D ] ST2012_Svc C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
12:38:08.0287 2324 ST2012_Svc - ok
12:38:08.0318 2324 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
12:38:08.0318 2324 stexstor - ok
12:38:08.0365 2324 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
12:38:08.0380 2324 stisvc - ok
12:38:08.0427 2324 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
12:38:08.0427 2324 swenum - ok
12:38:08.0458 2324 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
12:38:08.0474 2324 swprv - ok
12:38:08.0521 2324 [ C7E556D216CC864E24FFA797B5C1DD14 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
12:38:08.0521 2324 SynTP - ok
12:38:08.0599 2324 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
12:38:08.0630 2324 SysMain - ok
12:38:08.0677 2324 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
12:38:08.0677 2324 TabletInputService - ok
12:38:08.0708 2324 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
12:38:08.0708 2324 TapiSrv - ok
12:38:08.0739 2324 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
12:38:08.0739 2324 TBS - ok
12:38:08.0817 2324 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
12:38:08.0848 2324 Tcpip - ok
12:38:08.0926 2324 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
12:38:08.0926 2324 TCPIP6 - ok
12:38:08.0973 2324 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
12:38:08.0973 2324 tcpipreg - ok
12:38:09.0051 2324 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
12:38:09.0051 2324 TDPIPE - ok
12:38:09.0098 2324 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
12:38:09.0098 2324 TDTCP - ok
12:38:09.0145 2324 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
12:38:09.0145 2324 tdx - ok
12:38:09.0176 2324 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
12:38:09.0191 2324 TermDD - ok
12:38:09.0223 2324 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
12:38:09.0238 2324 TermService - ok
12:38:09.0269 2324 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
12:38:09.0269 2324 Themes - ok
12:38:09.0301 2324 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
12:38:09.0301 2324 THREADORDER - ok
12:38:09.0332 2324 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
12:38:09.0332 2324 TrkWks - ok
12:38:09.0394 2324 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
12:38:09.0394 2324 TrustedInstaller - ok
12:38:09.0441 2324 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
12:38:09.0441 2324 tssecsrv - ok
12:38:09.0488 2324 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
12:38:09.0488 2324 TsUsbFlt - ok
12:38:09.0581 2324 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
12:38:09.0597 2324 tunnel - ok
12:38:09.0613 2324 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
12:38:09.0613 2324 uagp35 - ok
12:38:09.0659 2324 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
12:38:09.0659 2324 udfs - ok
12:38:09.0691 2324 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
12:38:09.0691 2324 UI0Detect - ok
12:38:09.0784 2324 [ FDB805B2749DACE784BD05125979B478 ] uigxrdr C:\windows\system32\DRIVERS\uigxrdr.sys
12:38:09.0784 2324 uigxrdr - ok
12:38:09.0784 2324 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
12:38:09.0784 2324 uliagpkx - ok
12:38:09.0847 2324 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
12:38:09.0847 2324 umbus - ok
12:38:09.0862 2324 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
12:38:09.0878 2324 UmPass - ok
12:38:10.0003 2324 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:38:10.0049 2324 UNS - ok
12:38:10.0081 2324 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
12:38:10.0096 2324 upnphost - ok
12:38:10.0143 2324 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
12:38:10.0143 2324 USBAAPL64 - ok
12:38:10.0205 2324 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
12:38:10.0205 2324 usbaudio - ok
12:38:10.0252 2324 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
12:38:10.0252 2324 usbccgp - ok
12:38:10.0299 2324 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
12:38:10.0299 2324 usbcir - ok
12:38:10.0361 2324 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
12:38:10.0361 2324 usbehci - ok
12:38:10.0408 2324 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
12:38:10.0408 2324 usbhub - ok
12:38:10.0455 2324 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
12:38:10.0455 2324 usbohci - ok
12:38:10.0486 2324 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
12:38:10.0486 2324 usbprint - ok
12:38:10.0502 2324 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
12:38:10.0502 2324 USBSTOR - ok
12:38:10.0517 2324 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
12:38:10.0517 2324 usbuhci - ok
12:38:10.0549 2324 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
12:38:10.0564 2324 usbvideo - ok
12:38:10.0595 2324 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
12:38:10.0595 2324 UxSms - ok
12:38:10.0611 2324 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
12:38:10.0611 2324 VaultSvc - ok
12:38:10.0658 2324 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
12:38:10.0658 2324 vdrvroot - ok
12:38:10.0720 2324 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
12:38:10.0720 2324 vds - ok
12:38:10.0767 2324 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
12:38:10.0767 2324 vga - ok
12:38:10.0783 2324 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
12:38:10.0783 2324 VgaSave - ok
12:38:10.0876 2324 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
12:38:10.0876 2324 vhdmp - ok
12:38:10.0923 2324 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
12:38:10.0923 2324 viaide - ok
12:38:10.0939 2324 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
12:38:10.0939 2324 volmgr - ok
12:38:10.0985 2324 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
12:38:10.0985 2324 volmgrx - ok
12:38:11.0001 2324 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
12:38:11.0001 2324 volsnap - ok
12:38:11.0048 2324 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
12:38:11.0048 2324 vsmraid - ok
12:38:11.0141 2324 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
12:38:11.0173 2324 VSS - ok
12:38:11.0188 2324 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
12:38:11.0188 2324 vwifibus - ok
12:38:11.0219 2324 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
12:38:11.0235 2324 vwififlt - ok
12:38:11.0251 2324 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
12:38:11.0251 2324 vwifimp - ok
12:38:11.0282 2324 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
12:38:11.0282 2324 W32Time - ok
12:38:11.0313 2324 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
12:38:11.0313 2324 WacomPen - ok
12:38:11.0375 2324 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
12:38:11.0375 2324 WANARP - ok
12:38:11.0407 2324 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
12:38:11.0407 2324 Wanarpv6 - ok
12:38:11.0469 2324 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
12:38:11.0500 2324 wbengine - ok
12:38:11.0563 2324 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
12:38:11.0563 2324 WbioSrvc - ok
12:38:11.0609 2324 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
12:38:11.0609 2324 wcncsvc - ok
12:38:11.0656 2324 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
12:38:11.0656 2324 WcsPlugInService - ok
12:38:11.0687 2324 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
12:38:11.0687 2324 Wd - ok
12:38:11.0703 2324 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
12:38:11.0719 2324 Wdf01000 - ok
12:38:11.0719 2324 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
12:38:11.0734 2324 WdiServiceHost - ok
12:38:11.0734 2324 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
12:38:11.0734 2324 WdiSystemHost - ok
12:38:11.0765 2324 [ 2A444ACF7DD446505BCC801F8F6AE5FD ] wdmirror C:\windows\system32\DRIVERS\WDMirror.sys
12:38:11.0765 2324 wdmirror - ok
12:38:11.0828 2324 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
12:38:11.0828 2324 WebClient - ok
12:38:11.0859 2324 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
12:38:11.0875 2324 Wecsvc - ok
12:38:11.0890 2324 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
12:38:11.0890 2324 wercplsupport - ok
12:38:11.0921 2324 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
12:38:11.0921 2324 WerSvc - ok
12:38:11.0968 2324 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
12:38:11.0968 2324 WfpLwf - ok
12:38:12.0015 2324 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
12:38:12.0015 2324 WimFltr - ok
12:38:12.0031 2324 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
12:38:12.0031 2324 WIMMount - ok
12:38:12.0046 2324 WinDefend - ok
12:38:12.0046 2324 WinHttpAutoProxySvc - ok
12:38:12.0124 2324 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
12:38:12.0124 2324 Winmgmt - ok
12:38:12.0202 2324 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
12:38:12.0249 2324 WinRM - ok
12:38:12.0296 2324 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
12:38:12.0311 2324 WinUsb - ok
12:38:12.0358 2324 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
12:38:12.0358 2324 Wlansvc - ok
12:38:12.0421 2324 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:38:12.0421 2324 wlcrasvc - ok
12:38:12.0514 2324 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:38:12.0561 2324 wlidsvc - ok
12:38:12.0623 2324 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
12:38:12.0623 2324 WmiAcpi - ok
12:38:12.0655 2324 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
12:38:12.0655 2324 wmiApSrv - ok
12:38:12.0686 2324 WMPNetworkSvc - ok
12:38:12.0717 2324 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
12:38:12.0717 2324 WPCSvc - ok
12:38:12.0748 2324 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
12:38:12.0748 2324 WPDBusEnum - ok
12:38:12.0779 2324 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
12:38:12.0779 2324 ws2ifsl - ok
12:38:12.0795 2324 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
12:38:12.0795 2324 wscsvc - ok
12:38:12.0826 2324 WSearch - ok
12:38:12.0842 2324 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
12:38:12.0842 2324 wsvd - ok
12:38:12.0920 2324 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
12:38:12.0951 2324 wuauserv - ok
12:38:12.0967 2324 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
12:38:12.0967 2324 WudfPf - ok
12:38:13.0029 2324 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
12:38:13.0029 2324 WUDFRd - ok
12:38:13.0076 2324 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
12:38:13.0076 2324 wudfsvc - ok
12:38:13.0107 2324 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
12:38:13.0123 2324 WwanSvc - ok
12:38:13.0154 2324 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
12:38:13.0154 2324 xusb21 - ok
12:38:13.0279 2324 [ 74983ADDCA2D9618512C088D856D6615 ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files (x86)\Lenovo\PlayMovie\000.fcl
12:38:13.0279 2324 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
12:38:13.0294 2324 ================ Scan global ===============================
12:38:13.0310 2324 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
12:38:13.0372 2324 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
12:38:13.0372 2324 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
12:38:13.0403 2324 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
12:38:13.0419 2324 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
12:38:13.0419 2324 [Global] - ok
12:38:13.0435 2324 ================ Scan MBR ==================================
12:38:13.0435 2324 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:38:13.0653 2324 \Device\Harddisk0\DR0 - ok
12:38:13.0653 2324 ================ Scan VBR ==================================
12:38:13.0653 2324 [ BE3837824BF4EEB3DCEAEAE5B643EFF8 ] \Device\Harddisk0\DR0\Partition1
12:38:13.0653 2324 \Device\Harddisk0\DR0\Partition1 - ok
12:38:13.0684 2324 [ 88DA574ACCB5E130753789F64863F7D5 ] \Device\Harddisk0\DR0\Partition2
12:38:13.0700 2324 \Device\Harddisk0\DR0\Partition2 - ok
12:38:13.0731 2324 [ 1035C8FAF224E2A7F8A8C418687B65F3 ] \Device\Harddisk0\DR0\Partition3
12:38:13.0731 2324 \Device\Harddisk0\DR0\Partition3 - ok
12:38:13.0731 2324 ============================================================
12:38:13.0731 2324 Scan finished
12:38:13.0731 2324 ============================================================
12:38:13.0747 2648 Detected object count: 0
12:38:13.0747 2648 Actual detected object count: 0

Vielen herzlichen Dank für Deine Mühen !!
Ohne Dich wäre ich verloren !

Servus,

Zitat:

Zitat von guru67 (Beitrag 931287)

1. Schritt - registry cleaner gelöscht (wie löscht man dann all die windows temp Dateien die im Laufe der Zeit so auflaufen ... sind manchmal Gb?)

Dafür gebe ich dir nach der Bereinigung eine Empfehlung. :)

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Servus M-K-D-B !

Ich habe DEinen letzten Beitrag noch nicht ausgeführt. Ich habe einfach nur mal ausprobiert, ob mein Problem noch besteht. Und oh Wunder es ist weg! Ich schreibe gerade von dem infizierten Benuzerkonto. schon komisch, oder ? Ich traue der Sache noch nicht. Soll ich mit dem Combofix einfach wie beschrieben weitermachen?

Danke für Deinen Rat !

Servus,

bitte führe ComboFix wie beschrieben aus.
Danach sehen wir weiter. :)

Combofix Logfile:

Code:

ComboFix 12-10-04.02 - Jan 05.10.2012  16:37:56.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6077.3647 [GMT 2:00]

ausgeführt von:: c:\users\Jan_2\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Lavasoft Ad-Watch Live! Virenschutz *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\pmt_0piot.pad

c:\programdata\trz1EB8.tmp

c:\users\Jan_2\Documents\~WRL0005.tmp

c:\users\Jonas\Documents\~WRL0691.tmp

c:\users\Jonas\Documents\~WRL3161.tmp

c:\windows\s.bat

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-09-05 bis 2012-10-05  ))))))))))))))))))))))))))))))

.

.

2012-10-05 14:50 . 2012-10-05 14:50        --------        d-----w-        c:\users\Regina\AppData\Local\temp

2012-10-05 14:50 . 2012-10-05 14:50        --------        d-----w-        c:\users\Jonas\AppData\Local\temp

2012-10-05 14:50 . 2012-10-05 14:50        --------        d-----w-        c:\users\Jan\AppData\Local\temp

2012-10-05 14:50 . 2012-10-05 14:50        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-10-05 14:50 . 2012-10-05 14:50        --------        d-----w-        c:\users\Anna\AppData\Local\temp

2012-10-05 11:32 . 2012-08-30 07:27        9308616        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{C442EDBF-2DAE-45A6-941E-801251AED2FB}\mpengine.dll

2012-10-04 09:02 . 2012-10-04 09:03        --------        d-----w-        c:\users\Gast

2012-10-04 08:27 . 2012-10-04 08:27        --------        d-----w-        c:\users\Jan\AppData\Local\adawarebp

2012-10-04 08:25 . 2012-10-04 08:25        --------        d-----w-        c:\users\Jan\AppData\Roaming\LavasoftStatistics

2012-10-04 08:24 . 2012-10-04 08:24        --------        d-----w-        c:\programdata\blekko toolbars

2012-10-04 08:23 . 2012-10-04 08:24        --------        d-----w-        c:\program files (x86)\adawaretb

2012-10-03 21:20 . 2012-10-03 21:20        --------        d-----w-        c:\users\Jan\AppData\Roaming\Malwarebytes

2012-10-03 21:20 . 2012-10-03 21:20        --------        d-----w-        c:\programdata\Malwarebytes

2012-10-03 21:20 . 2012-10-03 21:20        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2012-10-03 21:20 . 2012-09-07 15:04        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-10-03 20:28 . 2012-10-03 20:28        51496        ----a-w-        c:\windows\system32\drivers\stflt.sys

2012-10-03 20:28 . 2012-10-05 14:00        --------        d-----w-        c:\programdata\Spyware Terminator

2012-10-03 20:28 . 2012-10-03 20:28        --------        d-----w-        c:\users\Jan\AppData\Roaming\Spyware Terminator

2012-10-03 20:26 . 2012-10-03 20:28        --------        d-----w-        c:\program files (x86)\Spyware Terminator

2012-10-03 19:37 . 2012-10-04 10:30        --------        d-----w-        c:\programdata\klbufxxvvhtvhnf

2012-09-27 09:33 . 2012-08-21 11:01        33240        ----a-w-        c:\windows\system32\drivers\GEARAspiWDM.sys

2012-09-27 09:32 . 2012-09-27 09:32        --------        d-----w-        c:\program files\iPod

2012-09-27 09:32 . 2012-09-27 09:33        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-09-27 09:32 . 2012-09-27 09:33        --------        d-----w-        c:\program files\iTunes

2012-09-23 08:52 . 2012-08-24 10:14        816640        ----a-w-        c:\windows\system32\jscript.dll

2012-09-23 08:52 . 2012-08-24 10:12        2144768        ----a-w-        c:\windows\system32\iertutil.dll

2012-09-23 08:52 . 2012-08-24 06:52        387584        ----a-w-        c:\program files (x86)\Internet Explorer\jsdbgui.dll

2012-09-23 08:52 . 2012-08-24 10:25        887296        ----a-w-        c:\program files\Internet Explorer\iedvtool.dll

2012-09-23 08:52 . 2012-08-24 10:24        499200        ----a-w-        c:\program files\Internet Explorer\jsdbgui.dll

2012-09-23 08:52 . 2012-08-24 06:53        678912        ----a-w-        c:\program files (x86)\Internet Explorer\iedvtool.dll

2012-09-23 08:52 . 2012-08-24 11:15        17810944        ----a-w-        c:\windows\system32\mshtml.dll

2012-09-23 08:52 . 2012-08-24 10:39        10925568        ----a-w-        c:\windows\system32\ieframe.dll

2012-09-13 20:40 . 2012-09-13 20:40        9232584        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-09-13 14:49 . 2012-09-13 14:49        --------        d-----w-        c:\program files (x86)\Common Files\Skype

2012-09-12 18:21 . 2012-09-12 18:21        --------        d-----w-        c:\users\Jan_2\AppData\Roaming\GMX

2012-09-12 18:21 . 2012-09-12 18:21        --------        d-----w-        c:\users\Jan_2\AppData\Local\GMX

2012-09-12 09:15 . 2012-08-22 18:12        1913200        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2012-09-12 09:15 . 2012-08-22 18:12        376688        ----a-w-        c:\windows\system32\drivers\netio.sys

2012-09-12 09:15 . 2012-08-22 18:12        288624        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-04 08:22 . 2011-02-27 19:15        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2012-10-04 08:22 . 2011-02-27 19:15        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2012-10-04 08:22 . 2011-04-09 05:25        1236816        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2012-09-21 10:23 . 2011-03-14 06:12        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2012-09-21 10:23 . 2011-03-14 06:12        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2012-09-14 14:54 . 2011-02-27 19:15        1236816        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2012-09-12 18:38 . 2011-03-23 17:33        64462936        ----a-w-        c:\windows\system32\MRT.exe

2012-08-21 11:01 . 2011-03-03 18:35        125872        ----a-w-        c:\windows\system32\GEARAspi64.dll

2012-08-21 11:01 . 2011-03-03 18:35        106928        ----a-w-        c:\windows\SysWow64\GEARAspi.dll

2012-08-21 09:13 . 2011-02-26 14:39        359464        ----a-w-        c:\windows\system32\drivers\aswSP.sys

2012-08-21 09:13 . 2011-02-26 14:39        59728        ----a-w-        c:\windows\system32\drivers\aswTdi.sys

2012-08-21 09:13 . 2011-02-26 14:39        969200        ----a-w-        c:\windows\system32\drivers\aswSnx.sys

2012-08-21 09:13 . 2012-03-16 20:06        54072        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys

2012-08-21 09:13 . 2011-02-26 14:39        71600        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys

2012-08-21 09:13 . 2011-02-26 14:39        25232        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys

2012-08-21 09:12 . 2011-02-26 14:39        41224        ----a-w-        c:\windows\avastSS.scr

2012-08-21 09:12 . 2011-02-26 14:39        227648        ----a-w-        c:\windows\SysWow64\aswBoot.exe

2012-08-21 09:12 . 2011-02-26 14:39        285328        ----a-w-        c:\windows\system32\aswBoot.exe

2012-07-18 18:15 . 2012-08-15 10:22        3148800        ----a-w-        c:\windows\system32\win32k.sys

2012-07-14 14:47 . 2012-07-14 14:47        466456        ----a-w-        c:\windows\system32\wrap_oal.dll

2012-07-14 14:47 . 2012-07-14 14:47        444952        ----a-w-        c:\windows\SysWow64\wrap_oal.dll

2012-07-14 14:47 . 2012-07-14 14:47        122904        ----a-w-        c:\windows\system32\OpenAL32.dll

2012-07-14 14:47 . 2012-07-14 14:47        109080        ----a-w-        c:\windows\SysWow64\OpenAL32.dll

2012-07-12 09:04 . 2012-07-08 16:29        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2012-07-12 09:04 . 2011-05-21 07:03        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-09 11:42 . 2012-07-09 11:42        4547984        ----a-w-        c:\windows\system32\usbaaplrc.dll

2012-07-09 11:42 . 2012-07-09 11:42        52736        ----a-w-        c:\windows\system32\drivers\usbaapl64.sys

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

.

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

2012-09-20 20:06        87448        ----a-w-        c:\program files (x86)\adawaretb\adawareDx.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

2010-09-28 21:44        1400712        ----a-w-        c:\program files (x86)\Ask.com\GenericAskToolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\adawaretb\adawareDx.dll" [2012-09-20 87448]

.

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

.

[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        94208        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        94208        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        94208        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-05 98304]

"MuteSync"="c:\progra~2\Lenovo\LENOVO~2\MuteSync.exe" [2009-12-28 336384]

"PlayMovie"="c:\program files (x86)\Lenovo\PlayMovie\PMVService.exe" [2010-01-21 177384]

"Lenovo SplitScreen"="c:\program files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe" [2010-04-01 778592]

"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-02-03 167008]

"Lenovo SlideNav2"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe" [2009-12-30 318400]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-08-08 540056]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 786760]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-1-12 1082656]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages        REG_MULTI_SZ           kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

.

R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 136176]

R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-12-14 53800]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]

R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 136176]

R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-15 38152]

R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]

R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-17 575304]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]

R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-03-03 69376]

S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]

S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]

S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 uigxrdr;uigxrdr;c:\windows\system32\DRIVERS\uigxrdr.sys [2011-11-16 199752]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2010/08/12 13:15];c:\program files (x86)\Lenovo\PlayMovie\000.fcl [2010-01-21 18:05 146928]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 202752]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2012-09-23 1737728]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S2 Slidebar Notifier Service;Slidebar Notifier Service;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [2009-12-30 69568]

S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [2012-10-03 51496]

S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2012-09-06 1148664]

S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]

S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-05-05 6366720]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 186880]

S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]

S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-03-26 160880]

S3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver;c:\windows\system32\DRIVERS\jmccgp.sys [2010-02-05 17904]

S3 JmUsbVideo;JMicron 31x Upper Filter Driver;c:\windows\system32\Drivers\jmcam.sys [2010-02-05 56688]

S3 JmUsbVideo2;JMicron 31x Lower Filter Driver;c:\windows\system32\Drivers\jmcam_lo.sys [2010-02-05 31088]

S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-03-03 17152]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

IgrsSvcs        REG_MULTI_SZ           ReadyComm.DirectRouter PS_MDP

<NO NAME>        REG_SZ                 

.

Inhalt des "geplante Tasks" Ordners

.

2012-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-08 09:04]

.

2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 17:07]

.

2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 17:07]

.

2012-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000Core.job

- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]

.

2012-10-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000UA.job

- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]

.

2012-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006Core.job

- c:\users\Jan_2\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]

.

2012-10-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006UA.job

- c:\users\Jan_2\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-08-21 09:11        133400        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-23 10775072]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-23 2040352]

"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]

"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-03-11 4448704]

"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-11 7056832]

"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]

"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-09-06 2777296]

"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-09-06 3673808]

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://www.google.de/

uLocal Page = c:\windows\system32\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Bild an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

IE: Free YouTube Download - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Seite an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 192.168.178.1

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Toolbar-Locked - (no file)

SafeBoot-mcmscsvc

SafeBoot-MCODS

Toolbar-Locked - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{F6BD6330-76F8-44D9-B775-87614E2D8374} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

HKLM-Run-SynBtnAsst - c:\program files (x86)\Synaptics\SynTP\SynBtnAsst.exe

AddRemove-Adobe Shockwave Player - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files (x86)\Lenovo\PlayMovie\000.fcl"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrustedInstaller\Security]

@DACL=(02 0000)

@SACL=

"Security"=hex:01,00,14,80,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02,

   00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,\

.

Zeit der Fertigstellung: 2012-10-05  16:55:15

ComboFix-quarantined-files.txt  2012-10-05 14:55

.

Vor Suchlauf: 9 Verzeichnis(se), 249.774.116.864 Bytes frei

Nach Suchlauf: 14 Verzeichnis(se), 249.810.206.720 Bytes frei

.

- - End Of File - - 85D2A82D492CFB506D39EDC7C9026141

--- --- ---

Servus,

Schritt 1
Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast:

Code:

Lavasoft Ad-Watch Live! Virenschutz

avast! Antivirus

Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Ausserdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über Systemsteuerung => Programme deinstallieren.
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast.

Zitat:

Speedy hat letztens eine einleuchtende Erklärung dazu geliefert: "Man stelle sich einen Torwart vor, der das Tor hüten soll (Anti-Virus-Programm), der Ball kommt angeflogen (Virus), der Torhüter konzentriert sich auf den Ball und fängt ihn. Jetzt stelle Dir zwei Torhüter im Tor vor ...., die knallen aneinander und der Ball kann ungehindert ins Tor wandern."

Schritt 2
Hinweis für Mitleser:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm vom folgenden Download-Spiegel neu herunter:

BleepingComputer.com

und speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!

Drücke die Windows + R Taste --> Notepad (hinein schreiben) --> OK

Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.

Code:

Folder::

c:\programdata\blekko toolbars

c:\programdata\klbufxxvvhtvhnf

C:\Program Files (x86)\Ask.com
 

Registry::

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
 

[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

Speichere dies als CFScript.txt auf Deinem Desktop.

Wichtig:

Stelle deine Anti Viren Software temprär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
Danach wieder anstellen nicht vergessen!
Bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein.
Dies kann dazu führen, dass ComboFix sich aufhängt.
Schließe alle laufenden Programme. Gehe sicher das ComboFix ungehindert arbeiten kann.
Mache nichts am PC solange ComboFix läuft.

http://i266.photobucket.com/albums/i.../CFScriptB.gif

In Bezug auf obiges Bild, ziehe CFScript.txt in die ComboFix.exe
Wenn ComboFix fertig ist, wird es ein Log erstellen, C:\ComboFix.txt. Bitte füge es hier als Antwort ein.

Falls im Skript die Anweisung Suspect:: oder Collect:: enthalten ist, wird eine Message-Box erscheinen, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen.

Schritt 3
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

Schritt 4
Starte bitte OTL.exe.
Wähle unter
Extra Registrierung: Benutze Safe List und klicke auf den Scan Button.
Poste die OTL.txt und die Extras.txt hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von ComboFix,
die Logdatei von AdwCleaner,
die beiden Logdateien von OTL.

Servus

Habe mich für Avast entschieden.

Combofix Logfile:

Code:

ComboFix 12-10-04.02 - Jan 06.10.2012  11:08:08.3.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6077.4075 [GMT 2:00]

ausgeführt von:: c:\users\Jan\Desktop\ComboFix.exe

Benutzte Befehlsschalter :: c:\users\Jan\Desktop\CFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Ask.com

c:\program files (x86)\Ask.com\cb_a769.ico

c:\program files (x86)\Ask.com\cobrand.ico

c:\program files (x86)\Ask.com\config.xml

c:\program files (x86)\Ask.com\favicon.ico

c:\program files (x86)\Ask.com\fv_a3b0.ico

c:\program files (x86)\Ask.com\GenericAskToolbar.dll

c:\program files (x86)\Ask.com\mupcfg.xml

c:\program files (x86)\Ask.com\SaUpdate.exe

c:\program files (x86)\Ask.com\UpdateTask.exe

c:\programdata\klbufxxvvhtvhnf

c:\programdata\klbufxxvvhtvhnf\btn-green.png

c:\programdata\klbufxxvvhtvhnf\corners-btn.png

c:\programdata\klbufxxvvhtvhnf\corners1.png

c:\programdata\klbufxxvvhtvhnf\corners2.png

c:\programdata\klbufxxvvhtvhnf\corners3.png

c:\programdata\klbufxxvvhtvhnf\corners4.png

c:\programdata\klbufxxvvhtvhnf\de-flag.png

c:\programdata\klbufxxvvhtvhnf\de-image.png

c:\programdata\klbufxxvvhtvhnf\ie6-7.css

c:\programdata\klbufxxvvhtvhnf\jquery.main.js

c:\programdata\klbufxxvvhtvhnf\McAfee.png

c:\programdata\klbufxxvvhtvhnf\pays-de.png

c:\programdata\klbufxxvvhtvhnf\steps-de.png

c:\programdata\klbufxxvvhtvhnf\steps-en.png

c:\programdata\klbufxxvvhtvhnf\style.css

c:\programdata\klbufxxvvhtvhnf\tabs.png

c:\programdata\klbufxxvvhtvhnf\wait.html

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-09-06 bis 2012-10-06  ))))))))))))))))))))))))))))))

.

.

2012-10-06 09:17 . 2012-10-06 09:17        --------        d-----w-        c:\users\Regina\AppData\Local\temp

2012-10-06 09:17 . 2012-10-06 09:17        --------        d-----w-        c:\users\Jonas\AppData\Local\temp

2012-10-06 09:17 . 2012-10-06 09:17        --------        d-----w-        c:\users\Jan_2\AppData\Local\temp

2012-10-06 09:17 . 2012-10-06 09:17        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-10-06 09:17 . 2012-10-06 09:17        --------        d-----w-        c:\users\Anna\AppData\Local\temp

2012-10-06 08:22 . 2012-10-06 08:22        105        ----a-w-        C:\prefs.js

2012-10-05 14:55 . 2012-10-06 09:17        --------        d-----w-        c:\users\Jan\AppData\Local\temp

2012-10-05 11:32 . 2012-08-30 07:27        9308616        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{C442EDBF-2DAE-45A6-941E-801251AED2FB}\mpengine.dll

2012-10-04 09:02 . 2012-10-04 09:03        --------        d-----w-        c:\users\Gast

2012-10-04 08:27 . 2012-10-04 08:27        --------        d-----w-        c:\users\Jan\AppData\Local\adawarebp

2012-10-04 08:25 . 2012-10-04 08:25        --------        d-----w-        c:\users\Jan\AppData\Roaming\LavasoftStatistics

2012-10-03 21:20 . 2012-10-03 21:20        --------        d-----w-        c:\users\Jan\AppData\Roaming\Malwarebytes

2012-10-03 21:20 . 2012-10-03 21:20        --------        d-----w-        c:\programdata\Malwarebytes

2012-10-03 21:20 . 2012-10-03 21:20        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2012-10-03 21:20 . 2012-09-07 15:04        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-10-03 20:28 . 2012-10-03 20:28        51496        ----a-w-        c:\windows\system32\drivers\stflt.sys

2012-09-27 09:33 . 2012-08-21 11:01        33240        ----a-w-        c:\windows\system32\drivers\GEARAspiWDM.sys

2012-09-27 09:32 . 2012-09-27 09:32        --------        d-----w-        c:\program files\iPod

2012-09-27 09:32 . 2012-09-27 09:33        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-09-27 09:32 . 2012-09-27 09:33        --------        d-----w-        c:\program files\iTunes

2012-09-23 08:52 . 2012-08-24 10:14        816640        ----a-w-        c:\windows\system32\jscript.dll

2012-09-23 08:52 . 2012-08-24 10:12        2144768        ----a-w-        c:\windows\system32\iertutil.dll

2012-09-23 08:52 . 2012-08-24 06:52        387584        ----a-w-        c:\program files (x86)\Internet Explorer\jsdbgui.dll

2012-09-23 08:52 . 2012-08-24 10:25        887296        ----a-w-        c:\program files\Internet Explorer\iedvtool.dll

2012-09-23 08:52 . 2012-08-24 10:24        499200        ----a-w-        c:\program files\Internet Explorer\jsdbgui.dll

2012-09-23 08:52 . 2012-08-24 06:53        678912        ----a-w-        c:\program files (x86)\Internet Explorer\iedvtool.dll

2012-09-23 08:52 . 2012-08-24 11:15        17810944        ----a-w-        c:\windows\system32\mshtml.dll

2012-09-23 08:52 . 2012-08-24 10:39        10925568        ----a-w-        c:\windows\system32\ieframe.dll

2012-09-13 20:40 . 2012-09-13 20:40        9232584        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-09-13 14:49 . 2012-09-13 14:49        --------        d-----w-        c:\program files (x86)\Common Files\Skype

2012-09-12 18:21 . 2012-09-12 18:21        --------        d-----w-        c:\users\Jan_2\AppData\Roaming\GMX

2012-09-12 18:21 . 2012-09-12 18:21        --------        d-----w-        c:\users\Jan_2\AppData\Local\GMX

2012-09-12 09:15 . 2012-08-22 18:12        1913200        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2012-09-12 09:15 . 2012-08-22 18:12        376688        ----a-w-        c:\windows\system32\drivers\netio.sys

2012-09-12 09:15 . 2012-08-22 18:12        288624        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-04 08:22 . 2011-02-27 19:15        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2012-10-04 08:22 . 2011-02-27 19:15        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2012-10-04 08:22 . 2011-04-09 05:25        1236816        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2012-09-21 10:23 . 2011-03-14 06:12        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2012-09-21 10:23 . 2011-03-14 06:12        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2012-09-14 14:54 . 2011-02-27 19:15        1236816        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2012-09-12 18:38 . 2011-03-23 17:33        64462936        ----a-w-        c:\windows\system32\MRT.exe

2012-08-21 11:01 . 2011-03-03 18:35        125872        ----a-w-        c:\windows\system32\GEARAspi64.dll

2012-08-21 11:01 . 2011-03-03 18:35        106928        ----a-w-        c:\windows\SysWow64\GEARAspi.dll

2012-08-21 09:13 . 2011-02-26 14:39        359464        ----a-w-        c:\windows\system32\drivers\aswSP.sys

2012-08-21 09:13 . 2011-02-26 14:39        59728        ----a-w-        c:\windows\system32\drivers\aswTdi.sys

2012-08-21 09:13 . 2011-02-26 14:39        969200        ----a-w-        c:\windows\system32\drivers\aswSnx.sys

2012-08-21 09:13 . 2012-03-16 20:06        54072        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys

2012-08-21 09:13 . 2011-02-26 14:39        71600        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys

2012-08-21 09:13 . 2011-02-26 14:39        25232        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys

2012-08-21 09:12 . 2011-02-26 14:39        41224        ----a-w-        c:\windows\avastSS.scr

2012-08-21 09:12 . 2011-02-26 14:39        227648        ----a-w-        c:\windows\SysWow64\aswBoot.exe

2012-08-21 09:12 . 2011-02-26 14:39        285328        ----a-w-        c:\windows\system32\aswBoot.exe

2012-07-18 18:15 . 2012-08-15 10:22        3148800        ----a-w-        c:\windows\system32\win32k.sys

2012-07-14 14:47 . 2012-07-14 14:47        466456        ----a-w-        c:\windows\system32\wrap_oal.dll

2012-07-14 14:47 . 2012-07-14 14:47        444952        ----a-w-        c:\windows\SysWow64\wrap_oal.dll

2012-07-14 14:47 . 2012-07-14 14:47        122904        ----a-w-        c:\windows\system32\OpenAL32.dll

2012-07-14 14:47 . 2012-07-14 14:47        109080        ----a-w-        c:\windows\SysWow64\OpenAL32.dll

2012-07-12 09:04 . 2012-07-08 16:29        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2012-07-12 09:04 . 2011-05-21 07:03        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-09 11:42 . 2012-07-09 11:42        4547984        ----a-w-        c:\windows\system32\usbaaplrc.dll

2012-07-09 11:42 . 2012-07-09 11:42        52736        ----a-w-        c:\windows\system32\drivers\usbaapl64.sys

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        94208        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        94208        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        94208        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-05 98304]

"MuteSync"="c:\progra~2\Lenovo\LENOVO~2\MuteSync.exe" [2009-12-28 336384]

"PlayMovie"="c:\program files (x86)\Lenovo\PlayMovie\PMVService.exe" [2010-01-21 177384]

"Lenovo SplitScreen"="c:\program files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe" [2010-04-01 778592]

"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-02-03 167008]

"Lenovo SlideNav2"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe" [2009-12-30 318400]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 786760]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-1-12 1082656]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages        REG_MULTI_SZ           kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 136176]

R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]

R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-12-14 53800]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]

R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 136176]

R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-15 38152]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]

R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]

R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-17 575304]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]

R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]

R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]

S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]

S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 uigxrdr;uigxrdr;c:\windows\system32\DRIVERS\uigxrdr.sys [2011-11-16 199752]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2010/08/12 13:15];c:\program files (x86)\Lenovo\PlayMovie\000.fcl [2010-01-21 18:05 146928]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 202752]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]

S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]

S2 Slidebar Notifier Service;Slidebar Notifier Service;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [2009-12-30 69568]

S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]

S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-05-05 6366720]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 186880]

S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]

S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-03-26 160880]

S3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver;c:\windows\system32\DRIVERS\jmccgp.sys [2010-02-05 17904]

S3 JmUsbVideo;JMicron 31x Upper Filter Driver;c:\windows\system32\Drivers\jmcam.sys [2010-02-05 56688]

S3 JmUsbVideo2;JMicron 31x Lower Filter Driver;c:\windows\system32\Drivers\jmcam_lo.sys [2010-02-05 31088]

S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

IgrsSvcs        REG_MULTI_SZ           ReadyComm.DirectRouter PS_MDP

<NO NAME>        REG_SZ                 

.

Inhalt des "geplante Tasks" Ordners

.

2012-10-06 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-08 09:04]

.

2012-10-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 17:07]

.

2012-10-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 17:07]

.

2012-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000Core.job

- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]

.

2012-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000UA.job

- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]

.

2012-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006Core.job

- c:\users\Jan_2\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]

.

2012-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006UA.job

- c:\users\Jan_2\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-08-21 09:11        133400        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-23 10775072]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-23 2040352]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]

"SynBtnAsst"="c:\program files (x86)\Synaptics\SynTP\SynBtnAsst.exe" [BU]

"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]

"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-03-11 4448704]

"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-11 7056832]

"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]

"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [BU]

"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [BU]

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://www.google.de/

uLocal Page = c:\windows\system32\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Bild an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

IE: Free YouTube Download - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Seite an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 192.168.178.1

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll

Toolbar-Locked - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{F6BD6330-76F8-44D9-B775-87614E2D8374} - (no file)

AddRemove-Adobe Shockwave Player - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files (x86)\Lenovo\PlayMovie\000.fcl"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrustedInstaller\Security]

@DACL=(02 0000)

@SACL=

"Security"=hex:01,00,14,80,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02,

   00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,\

.

Zeit der Fertigstellung: 2012-10-06  11:19:48

ComboFix-quarantined-files.txt  2012-10-06 09:19

ComboFix2.txt  2012-10-06 09:02

ComboFix3.txt  2012-10-05 14:55

.

Vor Suchlauf: 13 Verzeichnis(se), 250.942.205.952 Bytes frei

Nach Suchlauf: 14 Verzeichnis(se), 250.622.988.288 Bytes frei

.

- - End Of File - - 5D0F8F34B9C9B147D7CF6824E9C99E74

--- --- ---

Servus,

Ok, folge bitte den Schritten 3 und 4 meiner letzten Antwort und poste die Logdateien dazu wie beschrieben. :)

# AdwCleaner v2.003 - Datei am 10/06/2012 um 11:24:42 erstellt
# Aktualisiert am 23/09/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Jan - SUPERHIRN
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jan\Desktop\adwcleaner.exe
# Option [Suche]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Users\Anna\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\Gast\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\Jan\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\Jan\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Users\Jan_2\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\Jonas\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\Regina\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\AskToolbarInfo
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v22.0.1229.79

Datei : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gefunden [l.41] : keyword = "blekko",

Datei : C:\Users\Jan_2\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [4266 octets] - [06/10/2012 11:24:42]

########## EOF - C:\AdwCleaner[R1].txt - [4326 octets] ##########

OTL Logfile:

Code:

OTL logfile created on: 06.10.2012 11:26:02 - Run 3

OTL by OldTimer - Version 3.2.70.2     Folder = C:\Users\Jan\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

5,93 Gb Total Physical Memory | 3,97 Gb Available Physical Memory | 66,87% Memory free

11,87 Gb Paging File | 9,92 Gb Available in Paging File | 83,61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 550,62 Gb Total Space | 233,51 Gb Free Space | 42,41% Space Free | Partition Type: NTFS

Drive D: | 30,59 Gb Total Space | 28,76 Gb Free Space | 93,99% Space Free | Partition Type: NTFS

 

Computer Name: SUPERHIRN | User Name: Jan | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.10.04 17:02:04 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe

PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe

PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe

PRC - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe

PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010.02.04 00:48:12 | 000,167,008 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe

PRC - [2010.01.24 12:47:46 | 001,021,888 | ---- | M] (Lenovo) -- C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe

PRC - [2010.01.21 20:05:08 | 000,177,384 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\PlayMovie\PMVService.exe

PRC - [2009.12.19 04:52:48 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe

PRC - [2009.11.20 17:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2009.11.04 23:45:46 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2009.11.04 23:45:44 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2009.12.19 04:52:48 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe

MOD - [2009.12.19 04:51:18 | 000,133,024 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll

MOD - [2009.12.19 04:50:38 | 000,161,696 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2010.05.05 17:25:52 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.07.12 11:04:44 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate)

SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc)

SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2011.07.22 15:26:40 | 000,690,472 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.01.12 18:15:24 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)

SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2009.12.30 08:27:00 | 000,069,568 | ---- | M] (Lenovo) [Auto | Running] -- C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe -- (Slidebar Notifier Service)

SRV - [2009.11.20 17:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)

SRV - [2009.11.17 17:00:54 | 000,575,304 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)

SRV - [2009.11.04 23:45:46 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2009.11.04 23:45:44 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)

SRV - [2009.08.14 16:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)

SRV - [2009.07.16 20:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)

SRV - [2009.07.15 07:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)

SRV - [2009.07.15 07:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012.08.21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2012.08.21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2012.08.21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2012.08.21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2012.08.21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2012.08.21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.11.16 19:18:56 | 000,199,752 | ---- | M] (1&1 Mail & Media GmbH) [File_System | System | Running] -- C:\Windows\SysNative\drivers\uigxrdr.SYS -- (uigxrdr)

DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2011.07.13 14:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)

DRV:64bit: - [2011.07.13 14:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)

DRV:64bit: - [2011.06.19 17:02:25 | 000,125,440 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\acedrv07.sys -- (acedrv07)

DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2010.05.05 18:06:04 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)

DRV:64bit: - [2010.05.05 16:31:58 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010.05.03 13:19:40 | 000,317,488 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010.03.26 09:03:20 | 000,160,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)

DRV:64bit: - [2010.02.05 19:20:32 | 000,056,688 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcam.sys -- (JmUsbVideo)

DRV:64bit: - [2010.02.05 18:51:30 | 000,031,088 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcam_lo.sys -- (JmUsbVideo2)

DRV:64bit: - [2010.02.05 17:23:40 | 000,017,904 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmccgp.sys -- (JmUsbCcgp)

DRV:64bit: - [2010.01.27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2010.01.15 20:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)

DRV:64bit: - [2010.01.15 02:51:20 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2010.01.15 02:51:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2010.01.15 02:51:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009.12.14 10:03:50 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)

DRV:64bit: - [2009.11.20 17:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009.11.06 14:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009.10.19 02:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)

DRV:64bit: - [2009.10.16 05:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)

DRV:64bit: - [2009.09.17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)

DRV:64bit: - [2009.08.21 10:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009.07.21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)

DRV:64bit: - [2009.07.16 13:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror)

DRV:64bit: - [2009.07.16 05:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0)

DRV:64bit: - [2009.07.16 04:31:24 | 001,383,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atinavrr.sys -- (ATIAVPCI)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.04.07 08:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2008.08.06 14:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2010.01.21 20:05:40 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/08/12 13:15:18] [Kernel | Auto | Running] -- C:\Program Files (x86)\Lenovo\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=PV&apn_dtid=YYYYYYYYDE&apn_uid=FCF7DA51-8231-4B97-B14E-D52AA13A310E&apn_sauid=5901B2D2-58E6-4B6B-A8A1-B9D637A0E3DD

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=CAC0FB192098C153A67098506D474687&q={searchTerms}

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

 
 ========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

 

 

 
 ========== Chrome  ==========

 

CHR - homepage: hxxp://www.google.com/

CHR - default_search_provider: blekko (Enabled)

CHR - default_search_provider: search_url = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=CAC0FB192098C153A67098506D474687&q={searchTerms}

CHR - default_search_provider: suggest_url = 

CHR - homepage: hxxp://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll

CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll

CHR - plugin: Adobe Acrobat (Disabled) = c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: YouTube = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google-Suche = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: avast! WebRep = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\

CHR - Extension: Google Mail = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2012.10.06 11:17:10 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\Toolbar\WebBrowser: (no name) - {F6BD6330-76F8-44D9-B775-87614E2D8374} - No CLSID value found.

O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)

O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)

O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found

O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe File not found

O4:64bit: - HKLM..\Run: [SynBtnAsst] C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe (Synaptics Incorporated)

O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Lenovo SlideNav2] C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe (Lenovo)

O4 - HKLM..\Run: [Lenovo SplitScreen] C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe (Lenovo)

O4 - HKLM..\Run: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~2\MuteSync.exe (Lenovo)

O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Lenovo\PlayMovie\PMVService.exe (CyberLink Corp.)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [YouCam Mirror Tray icon] c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O7 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found

O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found

O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://mia.bt.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)

O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB (Reg Error: Unable to open value key)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06722159-FF20-46B1-A2BD-3AD4D81DC868}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FA392A3-8BFA-441B-86A4-155291E091C8}: DhcpNameServer = 60.2.0.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.10.06 11:19:50 | 000,000,000 | ---D | C] -- C:\windows\temp

[2012.10.06 10:41:00 | 004,762,471 | R--- | C] (Swearware) -- C:\Users\Jan\Desktop\ComboFix.exe

[2012.10.05 16:55:17 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\temp

[2012.10.05 16:32:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe

[2012.10.05 16:32:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe

[2012.10.05 16:32:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe

[2012.10.05 16:29:08 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012.10.05 16:28:48 | 000,000,000 | ---D | C] -- C:\windows\erdnt

[2012.10.05 12:29:19 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jan\Desktop\tdsskiller.exe

[2012.10.05 12:28:15 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Jan\Desktop\aswMBR.exe

[2012.10.04 17:02:28 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe

[2012.10.04 10:59:46 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\{D3BD5893-9AC7-48E4-8652-CCEBDD14425B}

[2012.10.04 10:27:57 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\adawarebp

[2012.10.04 10:25:27 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\LavasoftStatistics

[2012.10.03 23:20:35 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes

[2012.10.03 23:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.10.03 23:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.10.03 23:20:13 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

[2012.10.03 23:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.10.03 22:28:19 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys

[2012.09.27 11:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

[2012.09.27 11:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012.09.27 11:33:39 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\drivers\GEARAspiWDM.sys

[2012.09.27 11:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012.09.27 11:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2012.09.27 11:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

[2012.09.23 10:53:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll

[2012.09.23 10:53:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll

[2012.09.23 10:53:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll

[2012.09.23 10:53:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll

[2012.09.23 10:53:06 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe

[2012.09.23 10:53:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe

[2012.09.23 10:53:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll

[2012.09.23 10:53:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll

[2012.09.23 10:53:04 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl

[2012.09.23 10:53:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl

[2012.09.23 10:53:03 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll

[2012.09.23 10:53:03 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll

[2012.09.23 10:53:00 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll

[2012.09.23 10:53:00 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll

[2012.09.23 10:52:56 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll

[2012.09.13 22:40:35 | 009,232,584 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe

[2012.09.13 16:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2012.09.13 16:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2012.09.12 11:15:24 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys

[2012.09.12 11:15:24 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS

[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.10.06 11:21:38 | 000,513,501 | ---- | M] () -- C:\Users\Jan\Desktop\adwcleaner.exe

[2012.10.06 11:17:10 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts

[2012.10.06 11:13:00 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000UA.job

[2012.10.06 10:59:00 | 000,001,120 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006UA.job

[2012.10.06 10:59:00 | 000,001,068 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006Core.job

[2012.10.06 10:41:10 | 004,762,471 | R--- | M] (Swearware) -- C:\Users\Jan\Desktop\ComboFix.exe

[2012.10.06 10:40:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2012.10.06 10:37:00 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.10.06 10:27:59 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.10.06 10:27:59 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.10.06 10:22:13 | 000,000,105 | ---- | M] () -- C:\prefs.js

[2012.10.06 10:19:32 | 000,001,100 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.10.06 10:19:11 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat

[2012.10.06 10:19:01 | 483,835,903 | -HS- | M] () -- C:\hiberfil.sys

[2012.10.06 10:17:53 | 000,001,060 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000Core.job

[2012.10.06 10:16:14 | 000,000,064 | ---- | M] () -- C:\windows\SysWow64\rp_stats.dat

[2012.10.06 10:16:14 | 000,000,044 | ---- | M] () -- C:\windows\SysWow64\rp_rules.dat

[2012.10.05 12:33:48 | 000,000,512 | ---- | M] () -- C:\Users\Jan\Desktop\MBR.dat

[2012.10.05 12:29:04 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jan\Desktop\tdsskiller.exe

[2012.10.05 12:27:55 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Jan\Desktop\aswMBR.exe

[2012.10.04 17:02:04 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe

[2012.10.04 17:01:03 | 000,000,000 | ---- | M] () -- C:\Users\Jan\defogger_reenable

[2012.10.04 17:00:16 | 000,050,477 | ---- | M] () -- C:\Users\Jan\Desktop\Defogger.exe

[2012.10.04 10:14:44 | 000,002,478 | ---- | M] () -- C:\Users\Jan\Desktop\Google Chrome.lnk

[2012.10.03 23:20:17 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.03 22:28:19 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys

[2012.10.03 21:37:44 | 000,076,359 | ---- | M] () -- C:\ProgramData\lllzwmpyjsqgsyt

[2012.10.02 18:26:57 | 001,500,294 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2012.10.02 18:26:57 | 000,654,852 | ---- | M] () -- C:\windows\SysNative\perfh007.dat

[2012.10.02 18:26:57 | 000,616,694 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2012.10.02 18:26:57 | 000,130,434 | ---- | M] () -- C:\windows\SysNative\perfc007.dat

[2012.10.02 18:26:57 | 000,106,816 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2012.10.01 11:41:58 | 624,797,340 | ---- | M] () -- C:\windows\MEMORY.DMP

[2012.09.27 11:33:40 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012.09.13 22:40:44 | 009,232,584 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe

[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.10.06 11:21:38 | 000,513,501 | ---- | C] () -- C:\Users\Jan\Desktop\adwcleaner.exe

[2012.10.06 10:22:13 | 000,000,105 | ---- | C] () -- C:\prefs.js

[2012.10.05 16:32:56 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe

[2012.10.05 16:32:56 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe

[2012.10.05 16:32:56 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe

[2012.10.05 16:32:56 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe

[2012.10.05 16:32:56 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe

[2012.10.05 12:33:48 | 000,000,512 | ---- | C] () -- C:\Users\Jan\Desktop\MBR.dat

[2012.10.05 10:46:34 | 000,050,477 | ---- | C] () -- C:\Users\Jan\Desktop\Defogger.exe

[2012.10.04 17:01:03 | 000,000,000 | ---- | C] () -- C:\Users\Jan\defogger_reenable

[2012.10.03 23:20:17 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.03 21:37:40 | 000,076,359 | ---- | C] () -- C:\ProgramData\lllzwmpyjsqgsyt

[2012.09.27 11:33:40 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012.09.23 12:13:50 | 624,797,340 | ---- | C] () -- C:\windows\MEMORY.DMP

[2012.07.15 10:30:32 | 000,000,017 | ---- | C] () -- C:\Users\Jan\AppData\Local\resmon.resmoncfg

[2012.07.14 16:49:10 | 000,006,631 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\.freeciv-client-rc-2.3

[2012.04.12 09:05:36 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat

[2011.06.24 16:04:23 | 000,000,218 | ---- | C] () -- C:\Users\Jan\.recently-used.xbel

[2011.06.22 18:20:24 | 000,000,200 | ---- | C] () -- C:\Users\Jan\Goya.ini

[2011.06.22 18:19:59 | 000,000,046 | ---- | C] () -- C:\windows\Goya.INI

[2011.06.19 11:40:22 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\AV32UID.DAT

[2011.06.18 23:07:11 | 000,000,000 | ---- | C] () -- C:\windows\MusicMaker.INI

[2011.06.18 21:48:08 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\acedrv07.dll

[2011.06.18 21:27:56 | 000,010,240 | ---- | C] () -- C:\windows\SysWow64\vidx16.dll

[2011.06.18 21:25:39 | 000,049,152 | ---- | C] () -- C:\windows\SysWow64\mgxasio2.dll

[2011.06.18 21:18:50 | 000,006,537 | ---- | C] () -- C:\windows\mgxoschk.ini

[2011.05.15 19:26:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2011.04.20 17:31:59 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat

[2011.04.20 17:31:59 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat

[2011.03.23 22:58:03 | 001,527,912 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2011.03.03 19:51:07 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini

[2011.02.26 15:52:36 | 000,000,783 | ---- | C] () -- C:\ProgramData\profile.xml

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 

< End of report >

--- --- ---

OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 06.10.2012 11:26:02 - Run 3

OTL by OldTimer - Version 3.2.70.2     Folder = C:\Users\Jan\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

5,93 Gb Total Physical Memory | 3,97 Gb Available Physical Memory | 66,87% Memory free

11,87 Gb Paging File | 9,92 Gb Available in Paging File | 83,61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 550,62 Gb Total Space | 233,51 Gb Free Space | 42,41% Space Free | Partition Type: NTFS

Drive D: | 30,59 Gb Total Space | 28,76 Gb Free Space | 93,99% Space Free | Partition Type: NTFS

 

Computer Name: SUPERHIRN | User Name: Jan | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Unable to open value key

htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Unable to open value key

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Unable to open value key

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Unable to open value key

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Unable to open value key

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Unable to open value key

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 
 ========== Firewall Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{06A2CD4C-191D-42EA-BA2A-081754EE1912}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{1B56E26A-B4B4-49DF-8D5C-195429BF46BD}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{278C55FC-930C-4F9D-B6E3-E7E13B7DEEE6}" = rport=137 | protocol=17 | dir=out | app=system | 

"{2E2D2420-E602-4667-AC7F-FCC1C6291925}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{3129F9FD-38DD-4CDB-87AD-B4783D12875D}" = rport=138 | protocol=17 | dir=out | app=system | 

"{3938C8DA-8829-48D2-9CB6-81C3D18F35AB}" = lport=137 | protocol=17 | dir=in | app=system | 

"{3993FB93-D958-435F-B2A0-C35F109B4F01}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{3AA82262-21BF-458E-80AE-6A8D264A9DDC}" = lport=138 | protocol=17 | dir=in | app=system | 

"{4CD838BB-EE10-4885-BBF7-240D670E8242}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{590D2B42-3033-4C31-A66A-2BDE1474810A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 

"{5C273F80-189E-43BA-AF34-0F4348F75450}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{5E31F651-729A-46C9-BB97-4EF6019D7394}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{6D1977F5-5C72-46A3-A606-C6340DEDC4E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{84F86885-C7B5-4E04-91F8-94BB5BCFE897}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{854532CF-836C-4100-9281-7A77CCB6D14A}" = lport=445 | protocol=6 | dir=in | app=system | 

"{9327EE23-189C-48ED-85A3-9C9DB1E761F0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{A1560F0C-EC8B-40DA-A9A3-05CE38A2F860}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{A57B87DE-8B48-4BB4-ADE2-DFB9060F5183}" = rport=139 | protocol=6 | dir=out | app=system | 

"{A76805BB-2FEE-4A4A-A234-273BF4909ABC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{A91BAE25-F6C0-4A9B-B21D-BB519D7356CC}" = lport=139 | protocol=6 | dir=in | app=system | 

"{B89C10B2-2B0F-4DB8-B001-70A9430BA00A}" = rport=445 | protocol=6 | dir=out | app=system | 

"{C046CBCE-8B18-4C78-B6FD-932243D0E9B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{CB5CA2D1-9276-45AE-9A0E-4BC819D57DBB}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{D3BD9A0E-DB26-47DE-B578-883DF2DDE38D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{D9032A42-DB3B-4322-AD2C-536034D7F228}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{E08B3DB6-489E-41F6-9740-D2D5299C0821}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{EBA599D9-8F5A-450D-A2D0-DEF68C5EFEF6}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{F8149C99-94F7-460E-A259-75A99AC7AEB4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{015CE07C-CCB0-4E36-944A-14DE97EEC01C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{03472033-611F-4767-AE3E-DCC526E80553}" = dir=in | app=c:\program files (x86)\lenovo\playmovie\playmovie.exe | 

"{16AD594F-BF4B-424C-9079-78C0449DDCBA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{326370D1-EBF1-440A-977C-A3BDCFD77434}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{3C678971-6775-441B-AD4E-AEAA456A0426}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{41E15F97-3AC3-41F3-A16C-6735EA1FA611}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe | 

"{49B5C86E-AACF-45F0-B4E6-9C4E45AEE617}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{4EC451FE-F92C-41D9-AAF3-C31E755399D7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{4EDA282F-C97D-43AF-BF8A-0E27155E84F5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{524BCCD2-5B31-4DD4-866D-BE81EFBC5F6D}" = dir=in | app=c:\windows\system32\igrssvcs.exe | 

"{55DF5AE8-D02C-4A45-91EA-207374D433FA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 

"{5639874F-D477-42A2-92C8-6CB906373A96}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{5E2B415C-BC45-440D-AC0F-BD9E60A6CA7E}" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe | 

"{65A9B5B8-B818-48C1-AD80-FDB0B2FD0C4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{65B99C60-96DD-4C30-A6C0-CD62646CB663}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe | 

"{6648B268-6853-4028-98A5-217158849B24}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{712848A1-5DAD-4C3D-B716-FAC29A491BB2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{743D4E2D-94F9-4DFF-A1D3-E613508EB7C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{7566229C-13DC-480A-8D0C-75612CB577FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{78E6A186-9F79-404E-9BB6-C29A93591D3E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 

"{7CC40C5E-75C0-4BDF-9EAE-B4AD3FA1DA39}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{7D4F8BDE-D008-41B6-9D80-A7896F6C9CC8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 

"{7D760158-9944-4C32-AE23-88464B4594E5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{8330347D-DD07-4EAA-B2E0-2B4DABD42C50}" = dir=out | app=c:\windows\system32\igrssvcs.exe | 

"{86F169F7-5652-443F-88E3-B8384C5A7003}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe | 

"{88B2B54B-8604-4E85-9621-38804469188E}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe | 

"{8C41C7A8-8C8A-4BEC-8B3D-F05EB937F1D9}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe | 

"{8C7D3D97-E73E-4C59-9576-64F659D396A2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{92B01DD7-846A-4059-A5ED-B195CA7832ED}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 

"{97AA661E-C2F1-49CF-9878-A946CF973D85}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 

"{97FDBA51-C4FE-4463-B2A5-273B85EAA0A5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{9C8E10AC-9BE6-43BB-8145-BD7A76721ED0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 

"{9D4FB561-4C4C-4950-B4AC-2E6CB53BA479}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 

"{ABEF77FD-802A-40C6-9305-C053D4EFD129}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{AE9C0479-4301-4A2C-9E57-B40927E1AB0B}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{B3B6AA24-0B74-4DB3-BFFC-D93B1D2B89A7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{BA917D03-7EA3-4CFC-9A1A-FFCE3EC0C322}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{BEF600C0-8EF5-4292-993F-EB6958633647}" = dir=in | app=c:\program files (x86)\lenovo\playmovie\pmvservice.exe | 

"{C6472E23-9528-4D20-8396-4349A7C62598}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{CA34795B-1985-4CB4-A848-C916DC83243C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{CC60A25C-B73B-48CB-A912-99D525264568}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{D3175696-A7A9-462A-B5EA-970E896B5BA4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 

"{DC81BE8C-BE00-4A3E-A4D5-DC4ADAF608EC}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{E0A1797F-B59D-4FA9-950F-E35863FDE2AB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{E86F62AE-4AB1-4C15-BB7E-3E84A35D2AB2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{E92A6133-30B1-47AB-B264-767D30E5CBC4}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe | 

"{EC8F43CE-303D-4517-93D1-C0C954FD0629}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{F009F8E5-0B14-43B0-9BB8-97FF822AB6B9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 

"{F23B3ABC-E5FA-467B-BC96-9A8C14EE2963}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe | 

"{FA409F6A-DD32-4C27-B433-F26468324CB2}" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe | 

"{FD902B70-3F0F-4090-ABE3-56845EDDC540}" = protocol=6 | dir=out | app=system | 

"TCP Query User{0CCC8848-D238-4711-8878-E2422C09AC58}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 

"TCP Query User{17119520-1254-429B-8E93-FB4C2307E95C}C:\users\regina\appdata\roaming\peufe\kyiv.exe" = protocol=6 | dir=in | app=c:\users\regina\appdata\roaming\peufe\kyiv.exe | 

"TCP Query User{31EA19B2-2240-4592-87BF-7701081B1873}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe | 

"TCP Query User{32212F9C-2A40-465F-A786-41F5C38544FA}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 

"TCP Query User{3604CFB1-D7C8-40A2-993B-B7230BEB47F3}C:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe | 

"TCP Query User{36212708-32F3-485E-A246-2A7F1283634A}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 

"TCP Query User{5C6DD1B1-2755-44DC-9807-7A9B5752B115}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe | 

"TCP Query User{6B2BA6D8-4751-400B-82AD-D4A7B478F32B}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 

"TCP Query User{D41AE055-D140-4567-9956-B780FD980510}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 

"UDP Query User{175BD25B-3E7C-405D-88A1-3AEAAF56CCEB}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 

"UDP Query User{6C8237C5-088B-49E3-95D5-BAABA1D0245F}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 

"UDP Query User{79366E6A-F8B2-4436-9812-D18F6B8904C6}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 

"UDP Query User{89A77771-4F8C-418C-99D9-DC0C77EDC526}C:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe | 

"UDP Query User{A2232FFC-1341-44E2-A9DE-E37AD6997372}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 

"UDP Query User{A2BAEE41-242E-4C17-B224-A308BF99E51F}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe | 

"UDP Query User{C4B0298C-C8F2-4C24-95F2-0DBADDFD0CC3}C:\users\regina\appdata\roaming\peufe\kyiv.exe" = protocol=17 | dir=in | app=c:\users\regina\appdata\roaming\peufe\kyiv.exe | 

"UDP Query User{CBEF827F-644D-4C82-974F-4BF1F8EC2E0F}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe | 

"UDP Query User{D20BFE61-B8DA-421D-A143-E851B9C96060}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety

"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support

"{793C0787-9638-9FCA-E424-D30FB5E5A752}" = ATI Catalyst Install Manager

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010

"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software

"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{C0DD912A-04BB-7012-EDC7-7D550893437E}" = ccc-utility64

"{CF29845C-705E-4450-A3FF-1D4754455AB9}" = Hybrid TV

"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector

"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources

"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers

"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1)

"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)

"DF9F23E360B18E10871A49C3BC1AEDA269B8E0E2" = Windows Driver Package - YUAN High-Tech Development Co., Ltd (ATIAVPCI) MEDIA  (07/16/2009 6.14.10.373)

"DFEA59689C004DFD0378309F3A583EA32D78A1B3" = Windows Driver Package - Broadcom Bluetooth  (01/06/2010 6.2.0.9416)

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"SynTPDeinstKey" = Synaptics Pointing Device Driver

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11

"{03AF6BF4-D234-1D9C-ED0F-568354B2A852}" = Catalyst Control Center Core Implementation

"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion

"{061034DA-ED68-4BDD-ACB9-4D0C6F90878F}" = MAGIX Music Maker 17 Trial (Soundpaket)

"{06FF834F-B3A1-8329-B228-EE357A584D70}" = CCC Help Greek

"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11

"{0749E1E5-BD6B-474C-BD21-48891526113E}" = MAGIX Music Maker 17 Download-Version

"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management

"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11

"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime

"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11

"{1226C38C-55A1-FDC4-CF37-2D5681173B34}" = CCC Help Finnish

"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5

"{19B084B8-8B95-9D62-A855-EBD890711489}" = Catalyst Control Center Graphics Light

"{1C98779A-56B1-AB70-0059-E6378B24EA66}" = CCC Help Korean

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{212D3D92-9FCC-EDDA-FFE4-426FE49030C5}" = Catalyst Control Center Graphics Full New

"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31

"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010

"{28ABE740-47F3-441B-9437-852F6A64EFF8}" = Lenovo_Wireless_Driver

"{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync

"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic

"{307702F6-FD2C-484A-8F2E-A1DCE85FD9CC}_is1" = 2weistein

"{330EBB01-9183-F56F-F9C9-CA20DD078234}" = CCC Help Hungarian

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)

"{3B233580-C1A3-B02F-93FC-48AC12905962}" = Catalyst Control Center InstallProxy

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology

"{3F7F9151-03DF-AA1E-6E2A-5FF7887F2FC7}" = CCC Help French

"{4162E4B4-DB62-4719-9921-A59B2671C1CB}" = Nero Recode 11

"{444D37B2-074E-5691-2B45-C02798972D32}" = CCC Help Chinese Traditional

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4D96D2F0-8FB4-45C2-9B80-2DCB88016316}_is1" = Machinarium

"{4E9DC986-7FC9-36BD-3C72-1B516F4F56C8}" = CCC Help Thai

"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.6

"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)

"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI

"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)

"{575B376D-0FDB-6046-4A04-9AD21BA578E4}" = CCC Help Polish

"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)

"{5885739F-97FF-4907-AC74-065515FFAFF0}" = Catalyst Control Center - Branding

"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3

"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{676482CF-ACEC-2EC6-29DE-BE3EB6AD829A}" = CCC Help Italian

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7388E582-8139-0498-7D38-98CE054A5553}" = CCC Help Norwegian

"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync

"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7865FE7A-60F5-9909-1E82-758B2F7F214B}" = Catalyst Control Center Graphics Previews Vista

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime

"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2

"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11

"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.6.0

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{8708B14E-C6E7-0069-2FCE-80DD0D99E8AF}" = CCC Help Turkish

"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010

"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010

"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010

"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010

"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010

"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010

"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010

"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010

"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010

"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010

"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010

"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{9453ED84-747C-DCB4-03D3-8D6DDB7D37AA}" = CCC Help Chinese Standard

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9D8491AD-D0D2-4B51-AA4A-A8B67795A553}" = Nero Burning ROM 11

"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1

"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples

"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Play Movie

"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11

"{AB47C549-E7D0-0093-2213-CDE2F49ED170}" = CCC Help Portuguese

"{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts

"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1

"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)

"{BB7DF440-DD8D-805A-2692-B196282338B9}" = CCC Help Spanish

"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media

"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11

"{C01D45AF-5BB5-085E-66BD-809952B65E29}" = CCC Help Czech

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser

"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari

"{C818D1A1-0E4E-354D-AD70-7A026585DE80}" = CCC Help Russian

"{CBE7C598-6525-54B3-7BAB-1C0FD28CB58A}" = CCC Help German

"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFE383C3-6877-AD3C-14CC-F6F1EBA3468B}" = CCC Help English

"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)

"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar

"{DB6F1190-E0EE-4037-2B18-3E60D2D4C68D}" = Catalyst Control Center Graphics Full Existing

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DF24EF87-0BDA-D8E7-71C0-AAAE928317DF}" = CCC Help Dutch

"{DFA154FD-9089-4E90-1236-E2BD6741B256}" = CCC Help Swedish

"{DFB19121-0609-49C1-92B1-546E5A940FE8}" = Onekey Theater

"{E04D1AC1-B3AF-4C1A-B7E0-B37A058271CE}" = MAGIX Screenshare

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11

"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic

"{E89BAE75-3446-43BA-B180-7F11692A9778}" = nero.prerequisites.msi

"{E8D7B35C-93B1-317E-9403-2BBBA2154ABF}" = Google Talk Plugin

"{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}" = Nero 11

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)

"{ED731DBB-37A3-54A3-3288-5A8A189BBE93}" = ccc-core-static

"{EDC5A04C-27E3-F9A1-C225-E826890A4CE7}" = CCC Help Japanese

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F18357C8-C4D9-718C-65F4-98227EDF00D9}" = Catalyst Control Center Localization All

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F335B24B-0159-3C5D-DCCE-0E2ECD625166}" = CCC Help Danish

"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples

"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic

"{F5608FF7-17C0-440A-80C7-29C48363BD87}" = Lenovo EasyCamera

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171

"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)

"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11

"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Shockwave Player" = Adobe Shockwave Player

"AllDup_is1" = AllDup 3.3.20

"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9

"ASIO4ALL" = ASIO4ALL

"avast" = avast! Free Antivirus

"ElsterFormular 13.2.0.8623p" = ElsterFormular

"ElsterFormular für Privatanwender 12.3.2.6814p" = ElsterFormular für Privatanwender

"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.10.722

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228

"Freeciv-2.3.1-gtk2" = Freeciv 2.3.1 (GTK+ client)

"GMX Upload-Manager" = GMX Upload-Manager

"Hardcopy(C__Program Files (x86)_Hardcopy)" = Hardcopy (C:\Program Files (x86)\Hardcopy)

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync

"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare

"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV

"Karlsson" = Karlsson

"Lenovo SlideNav2" = Lenovo SlideNav

"Lenovo SplitScreen" = Lenovo SplitScreen

"MAGIX Music Maker 16 Premium D" = MAGIX Music Maker 16 Premium

"MAGIX Screenshare D" = MAGIX Screenshare

"MAGIX_MSI_mm17" = MAGIX Music Maker 17 Download-Version

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400

"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010

"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010

"OpenAL" = OpenAL

"SopCast" = SopCast 3.3.2

"Unknown Horizons" = Unknown Horizons

"VLC media player" = VLC media player 1.1.7

"WinLiveSuite" = Windows Live Essentials

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"Google Chrome" = Google Chrome

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 30.09.2012 16:18:08 | Computer Name = superhirn | Source = Application Hang | ID = 1002

Description = Programm hardcopy.exe, Version 2011.7.2.0 kann nicht mehr unter Windows

 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,

 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 780    Startzeit: 

01cd9f486b0e9e45    Endzeit: 15    Anwendungspfad: C:\Program Files (x86)\Hardcopy\hardcopy.exe
 

Berichts-ID:

 e5fab153-0b3b-11e2-a821-c80aa9f6e46e  

 

Error - 01.10.2012 16:14:34 | Computer Name = superhirn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,

 Zeitstempel: 0x503723f6  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,

 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften

 Prozesses: 0x86c  Startzeit der fehlerhaften Anwendung: 0x01cda0114d7c30cb  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad

 des fehlerhaften Moduls: unknown  Berichtskennung: 9d8e1df8-0c04-11e2-9212-c80aa9f6e46e

 

Error - 01.10.2012 16:14:37 | Computer Name = superhirn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,

 Zeitstempel: 0x503723f6  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,

 Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0xc0000028  Fehleroffset: 0x0009087d  ID des fehlerhaften

 Prozesses: 0x86c  Startzeit der fehlerhaften Anwendung: 0x01cda0114d7c30cb  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad

 des fehlerhaften Moduls: C:\windows\SysWOW64\ntdll.dll  Berichtskennung: 9f496906-0c04-11e2-9212-c80aa9f6e46e

 

Error - 03.10.2012 11:38:16 | Computer Name = superhirn | Source = Lavasoft Ad-Aware Service | ID = 0

Description = 

 

Error - 03.10.2012 20:15:40 | Computer Name = superhirn | Source = SideBySide | ID = 16842827

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-

 oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"

 in Zeile 2.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

 

Error - 03.10.2012 20:19:25 | Computer Name = superhirn | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\Nero\Nero 11\nero recode\NeroBRServer.exe.Manifest".  Die abhängige Assemblierung

 "ACME,processorArchitecture="x86",type="win32",version="11.0.0.0"" konnte nicht

 gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

 

Error - 03.10.2012 20:20:11 | Computer Name = superhirn | Source = SideBySide | ID = 16842787

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\Nero\Nero 11\nero waveeditor\NMDllHost.exe.Manifest". Fehler in Manifest-

 oder Richtliniendatei "c:\program files (x86)\Nero\Nero 11\nero waveeditor\SMC\SMC.MANIFEST"

 in Zeile  3.  Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der

 angeforderten Komponente überein.  Verweis: SMC,processorArchitecture="x86",type="win32",version="8.1.0.0".

Definition:

 SMC,processorArchitecture="x86",type="win32",version="8.0.0.0".  Verwenden Sie das

 Programm "sxstrace.exe" für eine detaillierte Diagnose.

 

Error - 04.10.2012 04:07:23 | Computer Name = superhirn | Source = Lavasoft Ad-Aware Service | ID = 0

Description = 

 

Error - 04.10.2012 04:25:07 | Computer Name = superhirn | Source = MsiInstaller | ID = 11706

Description = 

 

Error - 05.10.2012 04:39:58 | Computer Name = superhirn | Source = MsiInstaller | ID = 11719

Description = 

 

[ Media Center Events ]

Error - 09.09.2012 17:12:42 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 23:12:42 - Fehler beim Herstellen der Internetverbindung.  23:12:42 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 17:12:52 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 23:12:47 - Fehler beim Herstellen der Internetverbindung.  23:12:47 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 18:12:57 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 00:12:57 - Fehler beim Herstellen der Internetverbindung.  00:12:57 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 18:13:07 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 00:13:02 - Fehler beim Herstellen der Internetverbindung.  00:13:02 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 19:13:12 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 01:13:12 - Fehler beim Herstellen der Internetverbindung.  01:13:12 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 09.09.2012 19:13:22 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 01:13:17 - Fehler beim Herstellen der Internetverbindung.  01:13:17 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 04.10.2012 01:35:50 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 07:35:47 - Fehler beim Herstellen der Internetverbindung.  07:35:50 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 04.10.2012 02:21:53 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 07:36:01 - Fehler beim Herstellen der Internetverbindung.  07:36:01 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 04.10.2012 03:21:41 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 09:21:40 - Fehler beim Herstellen der Internetverbindung.  09:21:41 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 04.10.2012 03:21:59 | Computer Name = superhirn | Source = MCUpdate | ID = 0

Description = 09:21:46 - Fehler beim Herstellen der Internetverbindung.  09:21:46 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 06.10.2012 04:20:12 | Computer Name = superhirn | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Application Virtualization Client" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1053

 

Error - 06.10.2012 04:20:12 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Client Virtualization Handler" ist vom Dienst "Application

 Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet

 wurde:   %%1053

 

Error - 06.10.2012 04:20:46 | Computer Name = superhirn | Source = Service Control Manager | ID = 7026

Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:

   acedrv07

 

Error - 06.10.2012 04:22:53 | Computer Name = superhirn | Source = Service Control Manager | ID = 7000

Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 06.10.2012 04:54:35 | Computer Name = superhirn | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 06.10.2012 04:58:56 | Computer Name = superhirn | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 06.10.2012 05:13:15 | Computer Name = superhirn | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 06.10.2012 05:16:35 | Computer Name = superhirn | Source = Application Popup | ID = 1060

Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys

 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version

 des Treibers zu erhalten.

 

Error - 06.10.2012 05:16:35 | Computer Name = superhirn | Source = Application Popup | ID = 1060

Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys

 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version

 des Treibers zu erhalten.

 

Error - 06.10.2012 05:17:12 | Computer Name = superhirn | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

 

< End of report >

--- --- ---