Seite 1 von 3 123 LetzteLetzte
Ergebnis 1 bis 10 von 23

Thema: Toolbar deinstallieren

  1. #1
    Vielschreiber
    Registriert seit
    14.06.2006
    Beiträge
    326

    Toolbar deinstallieren

    Hallo zusammen,

    nach einem Download bei chip.de hatte ich eine Toolbar (nicht über haken, ggf. in den Nutzungsbedingungen? ...). Könnt ihr mal auf die Logs schauen, ob da nun wieder alles sauber ist? Danke.

    • Hijackthis
      Code:
      Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 18:03:57, on 01.06.2013
      Platform: Windows 7 SP1 (WinNT 6.00.3505)
      MSIE: Internet Explorer v9.00 (9.00.8112.16483)
      Boot mode: Normal
      
      Running processes:
      C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
      C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
      C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
      C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
      C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
      C:\Windows\SysWOW64\rundll32.exe
      C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
      C:\ProgramData\Lenovo\G12\MemMonG12.exe
      C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
      C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
      C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
      C:\Windows\SysWOW64\RunDll32.exe
      C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
      C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
      C:\Users\*ADMIN\Desktop\Security\HijackThis.exe
      C:\Windows\SysWOW64\DllHost.exe
      
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&q={searchTerms}&installDate=01/06/2013
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&q={searchTerms}&installDate=01/06/2013
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=hp&installDate=01/06/2013
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&q={searchTerms}&installDate=01/06/2013
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&q={searchTerms}&installDate=01/06/2013
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=userinit.exe
      O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
      O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
      O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
      O2 - BHO: IEPlugin - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
      O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
      O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
      O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
      O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
      O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
      O4 - HKLM\..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
      O4 - HKLM\..\Run: [MemMonG12] C:\ProgramData\Lenovo\G12\MemMonG12.exe
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [MobileAccess] C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe -silentExitIfNotFirst
      O4 - HKLM\..\Run: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
      O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
      O4 - HKUS\S-1-5-21-2472223549-3450205605-2806634343-1001\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Beamer')
      O4 - HKUS\S-1-5-21-2472223549-3450205605-2806634343-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Beamer')
      O4 - Global Startup: Bluetooth.lnk = ?
      O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
      O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
      O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
      O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
      O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
      O8 - Extra context menu item: Free YouTube Download - C:\Users\*ADMIN\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
      O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
      O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
      O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
      O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
      O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
      O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
      O16 - DPF: {A6616B31-4860-41E2-98E3-CA7649AF172F} (Launch Control) - file:///D:/launch.ocx
      O17 - HKLM\System\CCS\Services\Tcpip\..\{DD58A476-2D14-416F-ADB0-434DC232BE90}: NameServer = 139.7.30.126 139.7.30.125
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
      O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
      O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
      O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
      O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: Acronis Nonstop Backup-Dienst (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
      O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
      O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
      O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
      O23 - Service: HOSTS Anti-PUPs - Unknown owner - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe
      O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
      O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
      O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
      O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
      O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
      O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
      O23 - Service: ThinkVantage Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
      O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      O23 - Service: Macheen Service (MacheenService) - Macheen - C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
      O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
      O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: SAPSetup Automatic Workstation Update Service (NWSAPAutoWorkstationUpdateSvc) - SAP AG - C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
      O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
      O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
      O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
      O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
      O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
      O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
      O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
      O23 - Service: Anzeige am Bildschirm (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: VIPAppService - Symantec Corporation - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: Web Update Wizard Service V4 (WebUpdate4) - Data Perceptions / PowerProgrammer - C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
      O23 - Service: Mobile Broadband Service (WMCoreService) - Ericsson AB - C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
      O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
      
      --
      End of file - 19753 bytes
    • hjtscanlist
      Code:
       
                              $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                              º                                    º 
                                          hjtscanlist v2.0              
                              º                                    º 
                              $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
      
      Microsoft Windows [Version 6.1.7601]
       
       
      C:
      
        01.06.2013 17:09     C:\Windows --------- 40960   
             C:\pagefile.sys ---------    
             C:\hiberfil.sys ---------    
        01.06.2013 17:08     C:\Program Files (x86) --------- 28672   
        01.06.2013 17:08     C:\Config.Msi --------- 159744   
        01.06.2013 17:08     C:\AdwCleaner[S4].txt --------- 1244   
        01.06.2013 17:02     C:\JRT --------- 20480   
        01.06.2013 16:05     C:\System Volume Information --------- 20480   
        01.06.2013 15:57     C:\ProgramData --------- 20480   
        01.06.2013 15:33     C:\AdwCleaner[S3].txt --------- 4300   
        01.06.2013 00:59     C:\RHDSetup.log --------- 2986   
        14.03.2013 04:01     C:\Program Files --------- 12288   
        09.03.2013 13:01     C:\ldiag --------- 0   
        10.02.2013 20:01     C:\AdwCleaner[S2].txt --------- 2995   
        10.02.2013 20:01     C:\AdwCleaner[R3].txt --------- 2956   
        10.02.2013 19:59     C:\AdwCleaner[R2].txt --------- 2898   
        10.02.2013 19:52     C:\unzipped --------- 0   
        18.11.2012 23:16     C:\$Recycle.Bin --------- 4096   
        18.11.2012 23:16     C:\Users --------- 4096   
        02.09.2012 23:56     C:\SWTOOLS --------- 4096   
        01.09.2012 20:45     C:\temp --------- 0   
        01.09.2012 20:44     C:\vcredist_x86.log --------- 489748   
        19.08.2012 02:47     C:\DRIVERS --------- 0   
        18.08.2012 17:09     C:\swshare --------- 0   
        18.08.2012 17:00     C:\MSOCache --------- 0   
        18.08.2012 16:53     C:\Programme --------- 0   
        18.08.2012 16:53     C:\Dokumente und Einstellungen --------- 0   
        20.07.2012 04:47     C:\mfg --------- 0   
        19.07.2012 19:13     C:\Intel --------- 0   
        24.02.2011 19:03     C:\BOOTSECT.BAK --------- 8192   
        24.02.2011 19:03     C:\Boot --------- 4096   
        21.11.2010 05:23     C:\bootmgr --------- 383786   
        14.07.2009 07:08     C:\Documents and Settings --------- 0   
        14.07.2009 05:20     C:\PerfLogs --------- 0   
      ----------------------------------------
      
       
      C:\Windows
      
        01.06.2013 17:14     C:\Windows\WindowsUpdate.log --------- 1795084   
        01.06.2013 17:09     C:\Windows\setuperr.log --------- 0   
        01.06.2013 17:09     C:\Windows\setupact.log --------- 56   
        01.06.2013 17:09     C:\Windows\bootstat.dat --------- 67584   
        01.06.2013 11:35     C:\Windows\WebUpdateSvc4.INI --------- 31   
        23.04.2013 06:54     C:\Windows\PWMBTHLV.EXE --------- 2692904   
        19.08.2012 21:54     C:\Windows\lenovo_fastboot.img --------- 629702144   
        18.08.2012 16:53     C:\Windows\firstboot.dat --------- 0   
        19.07.2012 19:18     C:\Windows\ocsetup_install_OEMHelpCustomization.etl --------- 131072   
        19.07.2012 19:18     C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.txt --------- 28728   
        19.07.2012 12:32     C:\Windows\CSUP.TXT --------- 12   
        11.02.2012 08:36     C:\Windows\splwow64.exe --------- 67072   
        13.12.2011 11:01     C:\Windows\RtlExUpd.dll --------- 1698408   
        08.12.2011 22:56     C:\Windows\explorer.exe --------- 2871808   
        04.11.2011 09:53     C:\Windows\ConnectionProfiles.dat --------- 35404   
        25.03.2011 14:58     C:\Windows\MFGCLEAN.CMD --------- 1271   
        21.11.2010 05:25     C:\Windows\twain_32.dll --------- 51200   
        21.11.2010 05:24     C:\Windows\bfsvc.exe --------- 71168   
        10.11.2010 02:28     C:\Windows\WLXPGSS.SCR --------- 301936   
        14.07.2009 07:09     C:\Windows\win.ini --------- 403   
        14.07.2009 06:54     C:\Windows\WindowsShell.Manifest --------- 749   
        14.07.2009 03:39     C:\Windows\write.exe --------- 10240   
        14.07.2009 03:39     C:\Windows\regedit.exe --------- 427008   
        14.07.2009 03:39     C:\Windows\notepad.exe --------- 193536   
        14.07.2009 03:39     C:\Windows\hh.exe --------- 16896   
        14.07.2009 03:39     C:\Windows\HelpPane.exe --------- 733696   
        14.07.2009 03:39     C:\Windows\fveupdate.exe --------- 15360   
        14.07.2009 03:14     C:\Windows\winhlp32.exe --------- 9728   
        14.07.2009 03:14     C:\Windows\twunk_32.exe --------- 31232   
        14.07.2009 01:06     C:\Windows\mib.bin --------- 43131   
        10.06.2009 23:41     C:\Windows\twunk_16.exe --------- 49680   
        10.06.2009 23:41     C:\Windows\twain.dll --------- 94784   
        10.06.2009 23:08     C:\Windows\system.ini --------- 219   
        10.06.2009 22:52     C:\Windows\WMSysPr9.prx --------- 316640   
        10.06.2009 22:36     C:\Windows\msdfmap.ini --------- 1405   
        10.06.2009 22:31     C:\Windows\Starter.xml --------- 48201   
        10.06.2009 22:30     C:\Windows\PROFESSIONAL.xml --------- 53551   
        10.06.2009 22:30     C:\Windows\HomeBasic.xml --------- 48223   
        20.12.2007 12:11     C:\Windows\MouseWiz.exe --------- 1840968   
        07.03.1999 19:38     C:\Windows\corelpf.lrs --------- 28252   
        10.12.1996 01:06     C:\Windows\iccsigs.dat --------- 39095   
      ----------------------------------------
      
       
      C:\Windows\System
      
      ----------------------------------------
      
       
      C:\Windows\System32
      
       01.06.2013 18:03     C:\Windows\system32\hjtscanlist.txt --------- 5285  
       01.06.2013 17:23     C:\Windows\system32\config --------- 28672  
       01.06.2013 17:17     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 34208  
       01.06.2013 17:17     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 34208  
       01.06.2013 17:14     C:\Windows\system32\perfh009.dat --------- 652148  
       01.06.2013 17:14     C:\Windows\system32\perfc009.dat --------- 121080  
       01.06.2013 17:14     C:\Windows\system32\perfh007.dat --------- 696870  
       01.06.2013 17:14     C:\Windows\system32\perfc007.dat --------- 148134  
       01.06.2013 17:14     C:\Windows\system32\PerfStringBackup.INI --------- 1612484  
       01.06.2013 17:09     C:\Windows\system32\Ikeext.etl --------- 65536  
       01.06.2013 17:00     C:\Windows\system32\catroot --------- 4096  
       01.06.2013 17:00     C:\Windows\system32\DriverStore --------- 4096  
       01.06.2013 15:18     C:\Windows\system32\Tasks --------- 4096  
       01.06.2013 15:18     C:\Windows\system32\drivers --------- 65536  
       01.06.2013 12:07     C:\Windows\system32\catroot2 --------- 12288  
       21.05.2013 18:34     C:\Windows\system32\wdi --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\pt-BR --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\it-IT --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\pt-PT --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\pl-PL --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\ko-KR --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\hu-HU --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\zh-HK --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\el-GR --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\nl-NL --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\fr-FR --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\fi-FI --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\sv-SE --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\tr-TR --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\es-ES --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\zh-TW --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\de-DE --------- 262144  
       18.05.2013 11:06     C:\Windows\system32\cs-CZ --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\zh-CN --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\ja-JP --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\ru-RU --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\nb-NO --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\da-DK --------- 4096  
       18.05.2013 11:06     C:\Windows\system32\en-US --------- 327680  
       18.05.2013 11:01     C:\Windows\system32\WinBioPlugIns --------- 4096  
       17.05.2013 11:05     C:\Windows\system32\FNTCACHE.DAT --------- 2974072  
       17.05.2013 11:04     C:\Windows\system32\migration --------- 4096  
       17.05.2013 08:00     C:\Windows\system32\MRT.exe --------- 75016696  
       05.05.2013 23:36     C:\Windows\system32\mshtml.dll --------- 17818624  
       05.05.2013 23:16     C:\Windows\system32\mshtml.tlb --------- 2382848  
       30.04.2013 22:04     C:\Windows\system32\NDF --------- 4096  
       24.04.2013 01:23     C:\Windows\system32\SynTPCo14.dll --------- 178416  
       23.04.2013 06:54     C:\Windows\system32\PWMCP64V.cpl --------- 2812712  
       10.04.2013 05:30     C:\Windows\system32\win32k.sys --------- 3153920  
       05.04.2013 03:19     C:\Windows\system32\ieframe.dll --------- 10926080  
       05.04.2013 03:08     C:\Windows\system32\jscript9.dll --------- 2312704  
       05.04.2013 03:01     C:\Windows\system32\urlmon.dll --------- 1346560  
       05.04.2013 03:00     C:\Windows\system32\wininet.dll --------- 1392128  
       05.04.2013 02:59     C:\Windows\system32\inetcpl.cpl --------- 1494528  
       05.04.2013 02:58     C:\Windows\system32\url.dll --------- 237056  
       05.04.2013 02:57     C:\Windows\system32\jsproxy.dll --------- 85504  
       05.04.2013 02:56     C:\Windows\system32\ieUnatt.exe --------- 173056  
       05.04.2013 02:55     C:\Windows\system32\jscript.dll --------- 816640  
       05.04.2013 02:55     C:\Windows\system32\vbscript.dll --------- 599040  
       05.04.2013 02:54     C:\Windows\system32\msfeeds.dll --------- 729088  
       05.04.2013 02:54     C:\Windows\system32\iertutil.dll --------- 2147840  
       05.04.2013 02:51     C:\Windows\system32\mshtmled.dll --------- 96768  
       05.04.2013 02:46     C:\Windows\system32\ieui.dll --------- 248320  
       19.03.2013 08:04     C:\Windows\system32\ntoskrnl.exe --------- 5550424  
       19.03.2013 07:53     C:\Windows\system32\wwansvc.dll --------- 230400  
       19.03.2013 07:53     C:\Windows\system32\wwanprotdim.dll --------- 48640  
       19.03.2013 07:46     C:\Windows\system32\csrsrv.dll --------- 43520  
       19.03.2013 05:06     C:\Windows\system32\smss.exe --------- 112640  
       09.03.2013 19:28     C:\Windows\system32\DRVSTORE --------- 4096  
       04.03.2013 19:56     C:\Windows\system32\wfp --------- 0  
       04.03.2013 19:56     C:\Windows\system32\WLANProfiles --------- 0  
       04.03.2013 19:56     C:\Windows\system32\wbem --------- 65536  
       04.03.2013 19:53     C:\Windows\system32\LogFiles --------- 4096  
       27.02.2013 14:12     C:\Windows\system32\tccoinst.dll --------- 20440  
       27.02.2013 08:02     C:\Windows\system32\consent.exe --------- 111448  
       27.02.2013 07:52     C:\Windows\system32\shell32.dll --------- 14172672  
       27.02.2013 07:52     C:\Windows\system32\shdocvw.dll --------- 197120  
       27.02.2013 07:48     C:\Windows\system32\authui.dll --------- 1930752  
       27.02.2013 07:47     C:\Windows\system32\appinfo.dll --------- 70144  
       25.02.2013 23:26     C:\Windows\system32\SynTPAPI.dll --------- 229616  
       25.02.2013 23:26     C:\Windows\system32\SynTPCo16.dll --------- 180464  
       25.02.2013 23:25     C:\Windows\system32\SynCOM.dll --------- 1038064  
       19.02.2013 20:35     C:\Windows\system32\Gfxres.pl-PL.resources --------- 142423  
       19.02.2013 20:35     C:\Windows\system32\OpenCL.dll --------- 56832  
       19.02.2013 20:35     C:\Windows\system32\igfxcmrt64.dll --------- 501760  
       19.02.2013 20:35     C:\Windows\system32\igdbcl64.dll --------- 3582976  
       19.02.2013 20:35     C:\Windows\system32\Intel_OpenCL_ICD64.dll --------- 56832  
       19.02.2013 20:35     C:\Windows\system32\igdrcl64.dll --------- 27662848  
       19.02.2013 20:35     C:\Windows\system32\Gfxres.sl-SI.resources --------- 137621  
       19.02.2013 20:35     C:\Windows\system32\igfxext.exe --------- 251712  
       19.02.2013 20:35     C:\Windows\system32\Gfxres.fr-FR.resources --------- 145211  
       19.02.2013 20:35     C:\Windows\system32\igfx11cmrt64.dll --------- 482304  
       19.02.2013 20:35     C:\Windows\system32\igfxcmjit64.dll --------- 4571136  
       19.02.2013 20:35     C:\Windows\system32\igfxress.dll --------- 9007616  
       19.02.2013 20:35     C:\Windows\system32\Gfxres.th-TH.resources --------- 223233  
       19.02.2013 20:35     C:\Windows\system32\difx64.exe --------- 184640  
       19.02.2013 20:35     C:\Windows\system32\Gfxres.de-DE.resources --------- 147101  
       19.02.2013 20:35     C:\Windows\system32\Gfxres.nl-NL.resources --------- 143730  
       19.02.2013 20:35     C:\Windows\system32\igfxrhun.lrc --------- 438272  
       19.02.2013 20:35     C:\Windows\system32\Gfxres.da-DK.resources --------- 136873  
      ----------------------------------------
      
       
      C:\Windows\Prefetch
      
       01.06.2013 18:03     C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf --------- 17644  
       01.06.2013 18:02     C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf --------- 80258  
       01.06.2013 18:01     C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf --------- 105704  
       01.06.2013 18:00     C:\Windows\Prefetch\FIREFOX.EXE-18ACFCFF.pf --------- 301288  
       01.06.2013 18:00     C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf --------- 16518  
       01.06.2013 17:59     C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf --------- 79222  
       01.06.2013 17:59     C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf --------- 109708  
       01.06.2013 17:59     C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf --------- 17234  
       01.06.2013 17:59     C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf --------- 14428  
       01.06.2013 17:58     C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf --------- 157600  
       01.06.2013 17:58     C:\Windows\Prefetch\ACWIN7HLPR.EXE-495ECAC8.pf --------- 108100  
       01.06.2013 17:58     C:\Windows\Prefetch\ACHELPER64.EXE-A37050C3.pf --------- 33426  
       01.06.2013 17:57     C:\Windows\Prefetch\IGFXSRVC.EXE-96A493A4.pf --------- 68440  
       01.06.2013 17:57     C:\Windows\Prefetch\AVWSC.EXE-9DE67EBB.pf --------- 71354  
       01.06.2013 17:55     C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf --------- 122698  
       01.06.2013 17:31     C:\Windows\Prefetch\UPDATE.EXE-0D8A637E.pf --------- 162540  
       01.06.2013 17:31     C:\Windows\Prefetch\UPDRGUI.EXE-D0FBFF97.pf --------- 30104  
       01.06.2013 17:31     C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf --------- 291338  
       01.06.2013 17:31     C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf --------- 26258  
       01.06.2013 17:26     C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf --------- 140432  
       01.06.2013 17:26     C:\Windows\Prefetch\SVCGUIHLPR.EXE-DA3E81E8.pf --------- 42360  
       01.06.2013 17:25     C:\Windows\Prefetch\DLLHOST.EXE-E7777CC4.pf --------- 50524  
       01.06.2013 17:23     C:\Windows\Prefetch\RUNDLL32.EXE-A3E35360.pf --------- 72148  
       01.06.2013 17:23     C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf --------- 13358  
       01.06.2013 17:20     C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf --------- 18138  
       01.06.2013 17:20     C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf --------- 31194  
       01.06.2013 17:20     C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf --------- 60886  
       01.06.2013 17:20     C:\Windows\Prefetch\LSCSERVICE32.EXE-A243B387.pf --------- 104608  
       01.06.2013 17:20     C:\Windows\Prefetch\CSC.EXE-BE9AC2DF.pf --------- 47840  
       01.06.2013 17:20     C:\Windows\Prefetch\CVTRES.EXE-2B9D810D.pf --------- 14222  
       01.06.2013 17:20     C:\Windows\Prefetch\LSC.EXE-71F82078.pf --------- 108860  
       01.06.2013 17:20     C:\Windows\Prefetch\LSCSERVICE.EXE-376091C6.pf --------- 71010  
       01.06.2013 17:20     C:\Windows\Prefetch\FP_SMBIOS.EXE-3D3F24E1.pf --------- 19716  
       01.06.2013 17:20     C:\Windows\Prefetch\VERIFYFRAMEWORK.EXE-04F23DDE.pf --------- 10254  
       01.06.2013 17:18     C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf --------- 544154  
       01.06.2013 17:14     C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf --------- 24534  
       01.06.2013 17:12     C:\Windows\Prefetch\VIPAPPSERVICE.EXE-D24F84DE.pf --------- 15546  
       01.06.2013 17:12     C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf --------- 36914  
       01.06.2013 17:12     C:\Windows\Prefetch\NWSAPAUTOWORKSTATIONUPDATESER-DAF68ACF.pf --------- 30290  
       01.06.2013 17:12     C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-73BE9E78.pf --------- 65850  
       01.06.2013 17:12     C:\Windows\Prefetch\UNS.EXE-E6E49771.pf --------- 56950  
       01.06.2013 17:12     C:\Windows\Prefetch\LMS.EXE-8C70F87D.pf --------- 19940  
       01.06.2013 17:12     C:\Windows\Prefetch\PRIVACYICONCLIENT.EXE-65AC0F3F.pf --------- 267852  
       01.06.2013 17:12     C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf --------- 18898  
       01.06.2013 17:12     C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf --------- 13556  
       01.06.2013 17:12     C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf --------- 18096  
       01.06.2013 17:12     C:\Windows\Prefetch\ReadyBoot --------- 4096  
       01.06.2013 17:11     C:\Windows\Prefetch\IPMGUI.EXE-F9CAB886.pf --------- 60810  
       01.06.2013 17:11     C:\Windows\Prefetch\IGFXEXT.EXE-D5F523DB.pf --------- 40498  
       01.06.2013 17:11     C:\Windows\Prefetch\RUNDLL32.EXE-4D876747.pf --------- 22004  
       01.06.2013 17:11     C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 2882307  
       01.06.2013 17:11     C:\Windows\Prefetch\AgGlFaultHistory.db --------- 803980  
       01.06.2013 17:11     C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 5335422  
       01.06.2013 17:11     C:\Windows\Prefetch\AgRobust.db --------- 290944  
       01.06.2013 17:11     C:\Windows\Prefetch\PfSvPerfStats.bin --------- 584  
       01.06.2013 17:08     C:\Windows\Prefetch\NCLMSBTSRVEX.EXE-E88FCECF.pf --------- 19730  
       01.06.2013 17:07     C:\Windows\Prefetch\RUNDLL32.EXE-87432CEE.pf --------- 31508  
       01.06.2013 17:07     C:\Windows\Prefetch\AVCENTER.EXE-FD66D2A7.pf --------- 115928  
       01.06.2013 17:05     C:\Windows\Prefetch\SC.EXE-1CF1DE92.pf --------- 10434  
       01.06.2013 16:41     C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf --------- 22262  
       01.06.2013 16:14     C:\Windows\Prefetch\ACROBAT.EXE-85353ACD.pf --------- 183956  
       01.06.2013 16:07     C:\Windows\Prefetch\MESSAGECENTERPLUS.EXE-B8623F48.pf --------- 23882  
       01.06.2013 15:56     C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf --------- 379318  
       01.06.2013 15:53     C:\Windows\Prefetch\CLHNSERVICEFORPOWERDVD12.EXE-A7F58E23.pf --------- 263180  
       01.06.2013 15:52     C:\Windows\Prefetch\SMBHLPR.EXE-B2C8BDF5.pf --------- 31178  
       01.06.2013 15:52     C:\Windows\Prefetch\VIRTSCRL.EXE-3A8FAAD3.pf --------- 21208  
       01.06.2013 15:52     C:\Windows\Prefetch\ACTBENABLER.EXE-3E5E93A4.pf --------- 11794  
       01.06.2013 15:52     C:\Windows\Prefetch\RUNDLL32.EXE-C0FFADC8.pf --------- 43244  
       01.06.2013 15:52     C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf --------- 11352  
       01.06.2013 15:52     C:\Windows\Prefetch\EFSUI.EXE-92E32A3C.pf --------- 20964  
       01.06.2013 15:52     C:\Windows\Prefetch\MPNOTIFY.EXE-83D4091E.pf --------- 9424  
       01.06.2013 15:37     C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf --------- 142468  
       01.06.2013 15:37     C:\Windows\Prefetch\NCLINSTALLER64.EXE-BABBDE05.pf --------- 32154  
       01.06.2013 15:37     C:\Windows\Prefetch\SCHTASK.EXE-7A446FE0.pf --------- 105726  
       01.06.2013 15:37     C:\Windows\Prefetch\RUNDLL32.EXE-9C55A9A3.pf --------- 18328  
       01.06.2013 15:37     C:\Windows\Prefetch\READER_SL.EXE-38C1D083.pf --------- 24538  
       01.06.2013 15:37     C:\Windows\Prefetch\PWMDBSVC.EXE-8611775E.pf --------- 44350  
       01.06.2013 15:37     C:\Windows\Prefetch\ACFNF5.EXE-38A555D4.pf --------- 42776  
       01.06.2013 15:37     C:\Windows\Prefetch\PCEE4.EXE-9BE09898.pf --------- 42860  
       01.06.2013 15:36     C:\Windows\Prefetch\RUNDLL32.EXE-5032A03B.pf --------- 17128  
       01.06.2013 15:36     C:\Windows\Prefetch\FMAPP.EXE-A7C5C8ED.pf --------- 8276  
       01.06.2013 15:36     C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf --------- 235344  
       01.06.2013 14:50     C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf --------- 92792  
       01.06.2013 14:34     C:\Windows\Prefetch\THUNDERBIRD.EXE-A0DA674F.pf --------- 231852  
       01.06.2013 14:19     C:\Windows\Prefetch\OSPPSVC.EXE-E53D3CC0.pf --------- 44866  
       01.06.2013 13:26     C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2472223549-3450205605-2806634343-1000.db --------- 1200177  
       01.06.2013 13:26     C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2472223549-3450205605-2806634343-1000.db --------- 3171628  
       01.06.2013 12:40     C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_7_700_20-5B0FD894.pf --------- 66006  
       01.06.2013 12:40     C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-F1B02F03.pf --------- 358942  
       01.06.2013 12:39     C:\Windows\Prefetch\ADOBEARM.EXE-7105D3A2.pf --------- 62912  
       01.06.2013 12:39     C:\Windows\Prefetch\RUNDLL32.EXE-FF7D6E17.pf --------- 44510  
       01.06.2013 12:39     C:\Windows\Prefetch\TPSHOCKS.EXE-A042C03B.pf --------- 17088  
       01.06.2013 12:39     C:\Windows\Prefetch\TPKNRRES.EXE-31391EC7.pf --------- 34816  
       01.06.2013 12:38     C:\Windows\Prefetch\AgCx_SC4.db --------- 344575  
       01.06.2013 12:36     C:\Windows\Prefetch\BTSTACKSERVER.EXE-1AC2744D.pf --------- 179560  
       01.06.2013 12:35     C:\Windows\Prefetch\PELMICED.EXE-CFE00207.pf --------- 18706  
       01.06.2013 12:35     C:\Windows\Prefetch\TPNUMLK.EXE-99D62B2F.pf --------- 25482  
       01.06.2013 12:35     C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf --------- 96688  
       01.06.2013 12:15     C:\Windows\Prefetch\SERVICELAYER.EXE-E41856E2.pf --------- 78090  
       01.06.2013 12:14     C:\Windows\Prefetch\STARTER4G.EXE-5DE902E2.pf --------- 18786  
       01.06.2013 12:10     C:\Windows\Prefetch\TPNUMLKD.EXE-A66F752B.pf --------- 158896  
       01.06.2013 12:10     C:\Windows\Prefetch\IWRAP.EXE-20582B89.pf --------- 50940  
       01.06.2013 12:07     C:\Windows\Prefetch\RAVBG64.EXE-44375395.pf --------- 93518  
       01.06.2013 12:07     C:\Windows\Prefetch\RAVCPL64.EXE-D6B4B613.pf --------- 36192  
       01.06.2013 12:02     C:\Windows\Prefetch\ADCTL.EXE-2E90854C.pf --------- 23030  
       01.06.2013 11:59     C:\Windows\Prefetch\TRAYCTRLNOTIFY.EXE-64751DE0.pf --------- 24168  
       01.06.2013 11:59     C:\Windows\Prefetch\FSRREMOS.EXE-3CB02EDD.pf --------- 23522  
       01.06.2013 11:59     C:\Windows\Prefetch\ICO.EXE-2EB5A5F7.pf --------- 11854  
       01.06.2013 11:59     C:\Windows\Prefetch\SCHEDHLP.EXE-D0E56EB2.pf --------- 17202  
       01.06.2013 11:56     C:\Windows\Prefetch\SYNTPENH.EXE-E6DC1353.pf --------- 54160  
       01.06.2013 11:41     C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf --------- 338276  
       01.06.2013 11:32     C:\Windows\Prefetch\AgCx_SC1.db --------- 738924  
       01.06.2013 11:31     C:\Windows\Prefetch\AgCx_SC1.db.trx --------- 395800  
       01.06.2013 11:31     C:\Windows\Prefetch\AVSCAN.EXE-EDA6668B.pf --------- 199562  
       01.06.2013 00:29     C:\Windows\Prefetch\RUNDLL32.EXE-1304AE86.pf --------- 26648  
       01.06.2013 00:25     C:\Windows\Prefetch\NCLRSSRV.EXE-9FA9AAC1.pf --------- 46814  
       01.06.2013 00:25     C:\Windows\Prefetch\NCLUSBSRV64.EXE-45E879E4.pf --------- 14748  
       31.05.2013 22:16     C:\Windows\Prefetch\SVCHOST.EXE-7AC6742A.pf --------- 16992  
       31.05.2013 22:16     C:\Windows\Prefetch\AgCx_SC2.db --------- 991774  
       31.05.2013 17:02     C:\Windows\Prefetch\AVNOTIFY.EXE-377AF47F.pf --------- 187704  
       31.05.2013 13:35     C:\Windows\Prefetch\IGFXPERS.EXE-254DBA08.pf --------- 31880  
       31.05.2013 13:35     C:\Windows\Prefetch\TPONSCR.EXE-8F0D2CD5.pf --------- 25990  
       31.05.2013 12:45     C:\Windows\Prefetch\FIXMAPI.EXE-0C83F412.pf --------- 18722  
       31.05.2013 12:44     C:\Windows\Prefetch\EXCEL.EXE-A3633949.pf --------- 162028  
       31.05.2013 11:15     C:\Windows\Prefetch\OSE.EXE-2B23CA4C.pf --------- 12946  
       31.05.2013 11:13     C:\Windows\Prefetch\ADOBE AIR INSTALLER.EXE-AEE39887.pf --------- 67598  
       31.05.2013 11:07     C:\Windows\Prefetch\UPDATER-C2DA76F4.pf --------- 94406  
       31.05.2013 11:06     C:\Windows\Prefetch\ADOBE AIR UPDATER.EXE-EF9530F3.pf --------- 101860  
       30.05.2013 20:56     C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf --------- 17576  
       30.05.2013 20:56     C:\Windows\Prefetch\Layout.ini --------- 1218222  
       30.05.2013 20:32     C:\Windows\Prefetch\SDIAGNHOST.EXE-8D72177C.pf --------- 142854  
       30.05.2013 18:17     C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf --------- 243018  
       30.05.2013 16:00     C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf --------- 4072  
       30.05.2013 12:31     C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf --------- 9260  
       28.05.2013 21:27     C:\Windows\Prefetch\SYNTPLPR.EXE-FA172972.pf --------- 14060  
       28.05.2013 10:20     C:\Windows\Prefetch\POWERCFG.EXE-668FA411.pf --------- 127348  
       27.05.2013 23:19     C:\Windows\Prefetch\PWRACT.EXE-BC373465.pf --------- 19772  
       27.05.2013 23:18     C:\Windows\Prefetch\SC.EXE-945D79AE.pf --------- 6866  
       27.05.2013 23:10     C:\Windows\Prefetch\BTTRAY.EXE-0B1E41FC.pf --------- 29466  
       27.05.2013 23:10     C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 2440834  
       26.05.2013 15:45     C:\Windows\Prefetch\RUNDLL32.EXE-E52411D5.pf --------- 38472  
       25.05.2013 20:30     C:\Windows\Prefetch\AgCx_SC3_EC44082E5032062D.db --------- 614558  
       25.05.2013 20:01     C:\Windows\Prefetch\MSGCHECK.EXE-7279B079.pf --------- 90428  
       25.05.2013 17:00     C:\Windows\Prefetch\AgCx_S1_S-1-5-21-2472223549-3450205605-2806634343-1000.snp.db --------- 4390930  
       14.05.2013 17:45     C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2472223549-3450205605-2806634343-1001.db --------- 772956  
       14.05.2013 17:45     C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2472223549-3450205605-2806634343-1001.db --------- 1326366  
       13.05.2013 22:58     C:\Windows\Prefetch\AgCx_SC3_378E9CA7DA27ABDB.db --------- 824558  
       13.05.2013 22:17     C:\Windows\Prefetch\AgCx_S2_S-1-5-21-2472223549-3450205605-2806634343-1001.snp.db --------- 6475287  
       08.05.2013 21:26     C:\Windows\Prefetch\AgCx_S1_S-1-5-21-2472223549-3450205605-2806634343-1001.snp.db --------- 3579215  
       06.05.2013 18:59     C:\Windows\Prefetch\AgCx_S2_S-1-5-21-2472223549-3450205605-2806634343-1000.snp.db --------- 5229900  
       22.11.2012 16:25     C:\Windows\Prefetch\AgCx_S3_S-1-5-21-2472223549-3450205605-2806634343-1001.snp.db --------- 5160159  
       18.08.2012 23:46     C:\Windows\Prefetch\AgAppLaunch.db --------- 334168  
      ----------------------------------------
      
       
      C:\Windows\Tasks
      
       01.06.2013 17:31     C:\Windows\Tasks\Adobe Flash Player Updater.job --------- 884  
       01.06.2013 17:09     C:\Windows\Tasks\SA.DAT --------- 6  
       07.04.2013 23:47     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32640  
      ----------------------------------------
      
       
      C:\Windows\Temp
      
       01.06.2013 17:11     C:\Windows\Temp\lpksetup-20130601-171040-0.log --------- 2682  
       01.06.2013 15:51     C:\Windows\Temp\lpksetup-20130601-155129-0.log --------- 2682  
       01.06.2013 15:36     C:\Windows\Temp\lpksetup-20130601-153624-0.log --------- 2682  
       01.06.2013 12:38     C:\Windows\Temp\lpksetup-20130601-123822-0.log --------- 2674  
       01.06.2013 12:13     C:\Windows\Temp\lpksetup-20130601-121352-0.log --------- 2682  
       01.06.2013 12:10     C:\Windows\Temp\lpksetup-20130601-120952-0.log --------- 2682  
       01.06.2013 11:59     C:\Windows\Temp\lpksetup-20130601-115907-0.log --------- 2682  
       01.06.2013 11:36     C:\Windows\Temp\{E1358ABB-B4AC-49FF-B1F3-6569D0F16204} --------- 4096  
       01.06.2013 11:35     C:\Windows\Temp\FXSAPIDebugLogFile.txt --------- 0  
       01.06.2013 11:35     C:\Windows\Temp\FXSTIFFDebugLogFile.txt --------- 0  
       01.06.2013 01:21     C:\Windows\Temp\lpksetup-20130601-012114-0.log --------- 2682  
       23.01.2013 11:54     C:\Windows\Temp\CLDigitalHome --------- 0  
      ----------------------------------------
      
       
      C:\Users\***AD~1\AppData\Local\Temp
      
       01.06.2013 18:03     C:\Users\***AD~1\AppData\Local\Temp\DalMeasurementFile2.log --------- 148708  
       01.06.2013 17:59     C:\Users\***AD~1\AppData\Local\Temp\{18aea4d1-109e-4bef-970b-65cb2a51ea35} --------- 0  
       01.06.2013 17:12     C:\Users\***AD~1\AppData\Local\Temp\AdobeARM.log --------- 14348  
       01.06.2013 17:10     C:\Users\***AD~1\AppData\Local\Temp\WPDNSE --------- 0  
       01.06.2013 17:10     C:\Users\***AD~1\AppData\Local\Temp\bgciu.bmp --------- 921654  
       01.06.2013 17:06     C:\Users\***AD~1\AppData\Local\Temp\JRT.txt --------- 629  
       01.06.2013 17:02     C:\Users\***AD~1\AppData\Local\Temp\HOSTS.txt --------- 51700  
       01.06.2013 17:02     C:\Users\***AD~1\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe --------- 285455  
       01.06.2013 17:00     C:\Users\***AD~1\AppData\Local\Temp\Uninstaller.exe --------- 906704  
       01.06.2013 16:45     C:\Users\***AD~1\AppData\Local\Temp\samples.sar --------- 11495862  
       01.06.2013 16:08     C:\Users\***AD~1\AppData\Local\Temp\InterVideo --------- 0  
       01.06.2013 16:05     C:\Users\***AD~1\AppData\Local\Temp\EvernoteSetup.log --------- 8079  
       01.06.2013 15:57     C:\Users\***AD~1\AppData\Local\Temp\1697578F-4785-438B-A317-63A0A8A76E11 --------- 0  
       01.06.2013 15:56     C:\Users\***AD~1\AppData\Local\Temp\MSI54b1f.LOG --------- 202  
       01.06.2013 15:56     C:\Users\***AD~1\AppData\Local\Temp\MSI54b1a.LOG --------- 202  
       01.06.2013 15:56     C:\Users\***AD~1\AppData\Local\Temp\MSI54b15.LOG --------- 220  
       01.06.2013 15:56     C:\Users\***AD~1\AppData\Local\Temp\MSI54b10.LOG --------- 206  
       01.06.2013 15:56     C:\Users\***AD~1\AppData\Local\Temp\MSI54b0b.LOG --------- 206  
       01.06.2013 15:54     C:\Users\***AD~1\AppData\Local\Temp\PCULog0.txt --------- 3971  
       01.06.2013 15:54     C:\Users\***AD~1\AppData\Local\Temp\_TMP540215436 --------- 2  
       01.06.2013 15:54     C:\Users\***AD~1\AppData\Local\Temp\_TMP540222844 --------- 2  
       01.06.2013 15:16     C:\Users\***AD~1\AppData\Local\Temp\DEMD9AE.tmp --------- 32038  
       01.06.2013 12:35     C:\Users\***AD~1\AppData\Local\Temp\qtsingleapp-NokiaO-b889-2-lockfile --------- 0  
       01.06.2013 12:08     C:\Users\***AD~1\AppData\Local\Temp\_isdelet.ini --------- 1266  
       01.06.2013 12:07     C:\Users\***AD~1\AppData\Local\Temp\pft9158~tmp --------- 4096  
       01.06.2013 12:07     C:\Users\***AD~1\AppData\Local\Temp\plf9108.tmp --------- 4533  
       01.06.2013 11:33     C:\Users\***AD~1\AppData\Local\Temp\NOSEventMessages.dll --------- 1536  
       01.06.2013 01:02     C:\Users\***AD~1\AppData\Local\Temp\iProInstLogs --------- 4096  
       01.06.2013 01:02     C:\Users\***AD~1\AppData\Local\Temp\Intel©_PROSet_Wireless_Software_20130601010027.log --------- 34543  
       01.06.2013 01:02     C:\Users\***AD~1\AppData\Local\Temp\Intel©_PROSet_Wireless_Software_20130601010027_2_WiFi.log --------- 2362376  
       01.06.2013 01:01     C:\Users\***AD~1\AppData\Local\Temp\PanDhcpDnsInstall.txt --------- 645  
       01.06.2013 01:01     C:\Users\***AD~1\AppData\Local\Temp\Intel©_PROSet_Wireless_Software_20130601010027_1_Driver.log --------- 1950450  
       01.06.2013 00:59     C:\Users\***AD~1\AppData\Local\Temp\LMBCInstall.log --------- 1025696  
       01.06.2013 00:55     C:\Users\***AD~1\AppData\Local\Temp\btwinlog.txt --------- 134141  
       01.06.2013 00:43     C:\Users\***AD~1\AppData\Local\Temp\tvsuSetup.log --------- 1462340  
       09.05.2013 21:22     C:\Users\***AD~1\AppData\Local\Temp\Search.ico --------- 4286  
       09.05.2013 21:22     C:\Users\***AD~1\AppData\Local\Temp\Delete.ico --------- 4158  
       09.05.2013 21:22     C:\Users\***AD~1\AppData\Local\Temp\AdwCleaner.jpg --------- 16291  
       09.05.2013 21:22     C:\Users\***AD~1\AppData\Local\Temp\Donate.ico --------- 4286  
       09.05.2013 21:22     C:\Users\***AD~1\AppData\Local\Temp\Uninstall.ico --------- 4030  
       14.03.2013 10:22     C:\Users\***AD~1\AppData\Local\Temp\DT.gadget.~0000 --------- 3330794  
       09.03.2013 19:29     C:\Users\***AD~1\AppData\Local\Temp\qtsingleapp-NokiaO-b889-1-lockfile --------- 0  
       23.01.2013 12:54     C:\Users\***AD~1\AppData\Local\Temp\Low --------- 0  
       23.01.2013 11:37     C:\Users\***AD~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0  
       25.09.2009 21:03     C:\Users\***AD~1\AppData\Local\Temp\config.ini --------- 185  
       25.09.2009 15:38     C:\Users\***AD~1\AppData\Local\Temp\UninstallerGer.dll --------- 770048  
       25.09.2009 15:38     C:\Users\***AD~1\AppData\Local\Temp\WtgDriverInstallX.dll --------- 24576  
       25.09.2009 15:38     C:\Users\***AD~1\AppData\Local\Temp\UninstallerIta.dll --------- 688128  
      ----------------------------------------
      
       
      C:\Program Files
      
       01.06.2013 01:01     C:\Program Files\Intel --------- 4096  
       18.05.2013 11:06     C:\Program Files\ThinkVantage Fingerprint Software --------- 12288  
       18.05.2013 11:01     C:\Program Files\Common Files --------- 4096  
       17.05.2013 11:04     C:\Program Files\Internet Explorer --------- 4096  
       05.05.2013 19:25     C:\Program Files\Lenovo --------- 4096  
       05.05.2013 01:06     C:\Program Files\CCleaner --------- 4096  
       14.03.2013 04:01     C:\Program Files\Microsoft Silverlight --------- 4096  
       08.03.2013 12:32     C:\Program Files\DIFX --------- 0  
       09.02.2013 00:05     C:\Program Files\AuthenTec --------- 0  
       07.10.2012 14:54     C:\Program Files\iTunes --------- 4096  
       07.10.2012 14:53     C:\Program Files\iPod --------- 0  
       02.09.2012 23:32     C:\Program Files\Intel Corporation --------- 0  
       01.09.2012 20:36     C:\Program Files\Shark007 --------- 4096  
       01.09.2012 09:50     C:\Program Files\Windows Mail --------- 4096  
       01.09.2012 09:50     C:\Program Files\Windows Sidebar --------- 4096  
       01.09.2012 09:50     C:\Program Files\DVD Maker --------- 4096  
       01.09.2012 09:50     C:\Program Files\Windows Media Player --------- 4096  
       01.09.2012 09:50     C:\Program Files\Windows Photo Viewer --------- 4096  
       01.09.2012 09:50     C:\Program Files\Windows Journal --------- 4096  
       01.09.2012 09:50     C:\Program Files\Windows Defender --------- 4096  
       26.08.2012 12:23     C:\Program Files\Oracle --------- 0  
       20.08.2012 00:39     C:\Program Files\DivX --------- 4096  
       20.08.2012 00:28     C:\Program Files\VideoLAN --------- 0  
       19.08.2012 23:08     C:\Program Files\Bonjour --------- 0  
       18.08.2012 22:30     C:\Program Files\Adobe --------- 0  
       18.08.2012 19:03     C:\Program Files\Google --------- 0  
       18.08.2012 17:01     C:\Program Files\Microsoft Office --------- 0  
       18.08.2012 16:53     C:\Program Files\Windows NT --------- 4096  
       18.08.2012 16:53     C:\Program Files\Gemeinsame Dateien --------- 0  
       19.07.2012 19:19     C:\Program Files\Windows Live --------- 0  
       19.07.2012 19:19     C:\Program Files\Protector Suite --------- 0  
       19.07.2012 19:17     C:\Program Files\MLPS --------- 0  
       19.07.2012 19:16     C:\Program Files\Lenovo Graphics Software --------- 0  
       19.07.2012 19:16     C:\Program Files\DisplayLink Core Software --------- 8192  
       19.07.2012 19:15     C:\Program Files\ThinkPad --------- 0  
       19.07.2012 19:12     C:\Program Files\Realtek --------- 0  
       19.07.2012 19:05     C:\Program Files\Synaptics --------- 0  
       21.11.2010 05:31     C:\Program Files\Windows Portable Devices --------- 0  
       14.07.2009 07:32     C:\Program Files\Reference Assemblies --------- 0  
       14.07.2009 07:32     C:\Program Files\MSBuild --------- 0  
       14.07.2009 07:09     C:\Program Files\Uninstall Information --------- 0  
       14.07.2009 06:54     C:\Program Files\desktop.ini --------- 174  
      ----------------------------------------
      
       
      C:\ProgramData\.. 
      
      ***ADMIN    
      Beamer    
      Public    
      Default    
      Default User    
      All Users    
      desktop.ini    
      ----------------------------------------
      
       
      C:\Windows\system32\drivers\etc\hosts
      
      ***
      ----------------------------------------
      
       
      
      Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
      ========================= ======== ================ =========== ===============
      System Idle Process              0 Services                   0            24 K
      System                           4 Services                   0           936 K
      smss.exe                       572 Services                   0         1.200 K
      csrss.exe                      956 Services                   0         5.084 K
      wininit.exe                    592 Services                   0         4.572 K
      csrss.exe                      660 Console                    1        54.628 K
      services.exe                   692 Services                   0        13.444 K
      lsass.exe                      744 Services                   0        15.312 K
      lsm.exe                        972 Services                   0         4.808 K
      winlogon.exe                  1036 Console                    1         7.448 K
      svchost.exe                   1144 Services                   0        11.044 K
      ibmpmsvc.exe                  1252 Services                   0         3.928 K
      svchost.exe                   1308 Services                   0        11.472 K
      svchost.exe                   1408 Services                   0        21.004 K
      svchost.exe                   1456 Services                   0       252.292 K
      svchost.exe                   1492 Services                   0        49.192 K
      svchost.exe                   1616 Services                   0         5.848 K
      svchost.exe                   1672 Services                   0        15.884 K
      DisplayLinkManager.exe        1764 Services                   0        13.624 K
      svchost.exe                   1920 Services                   0        19.412 K
      svchost.exe                    628 Services                   0        19.364 K
      upeksvr.exe                   1728 Console                    1        11.936 K
      wlanext.exe                   2200 Services                   0        16.128 K
      conhost.exe                   2208 Services                   0         2.804 K
      spoolsv.exe                   2292 Services                   0        14.016 K
      sched.exe                     2340 Services                   0         2.004 K
      AcPrfMgrSvc.exe               2496 Services                   0         9.856 K
      schedul2.exe                  2528 Services                   0         5.940 K
      armsvc.exe                    2572 Services                   0         3.912 K
      afcdpsrv.exe                  2612 Services                   0         7.236 K
      avguard.exe                   2640 Services                   0        32.748 K
      AppleMobileDeviceService.     2700 Services                   0         9.584 K
      mDNSResponder.exe             2764 Services                   0         6.076 K
      btwdins.exe                   2960 Services                   0         7.700 K
      EvtEng.exe                    3040 Services                   0        14.016 K
      FBService.exe                 2072 Services                   0         4.472 K
      avshadow.exe                  2900 Services                   0         4.120 K
      DisplayLinkUserAgent.exe      1928 Console                    1         6.472 K
      HeciServer.exe                3192 Services                   0         5.536 K
      iviRegMgr.exe                 3232 Services                   0         4.120 K
      Jhi_service.exe               3260 Services                   0         5.424 K
      taskhost.exe                  3528 Console                    1         9.704 K
      dwm.exe                       3608 Console                    1        39.192 K
      explorer.exe                  3652 Console                    1        99.464 K
      AcDeskBandHlpr.exe            3836 Console                    1        11.312 K
      TPKNRSVC.exe                  3964 Services                   0         3.292 K
      vcamsvc.exe                   3988 Services                   0        15.276 K
      lvvsst.exe                    4020 Services                   0         6.488 K
      LSSrvc.exe                    4040 Services                   0         4.372 K
      virtscrl.exe                  4060 Console                    1         7.624 K
      NBService.exe                 2212 Services                   0         7.968 K
      PMBDeviceInfoProvider.exe     3572 Services                   0         4.612 K
      RegSrvc.exe                   3668 Services                   0         7.600 K
      svchost.exe                   3824 Services                   0         9.028 K
      TPHKSVC.exe                   3268 Services                   0         6.544 K
      WebUpdateSvc4.exe             3888 Services                   0         6.056 K
      tpnumlkd.exe                  1732 Console                    1         7.584 K
      WLIDSVC.EXE                   1644 Services                   0        12.100 K
      mini_WMCore.exe               4136 Services                   0         7.528 K
      WLIDSVCM.EXE                  4180 Services                   0         3.476 K
      ZeroConfigService.exe         4192 Services                   0        17.532 K
      AcSvc.exe                     4232 Services                   0        19.260 K
      FXSSVC.exe                    4304 Services                   0         6.932 K
      unsecapp.exe                  4312 Services                   0         5.332 K
      WmiPrvSE.exe                  4388 Services                   0        10.596 K
      micmute.exe                   4424 Services                   0         7.936 K
      tphkload.exe                  4500 Services                   0        10.352 K
      rundll32.exe                  4808 Console                    1         3.860 K
      TPONSCR.exe                   4824 Console                    1         6.784 K
      shtctky.exe                   4832 Console                    1         6.980 K
      TpShocks.exe                  4976 Console                    1         4.968 K
      TpKnrres.exe                  4988 Console                    1         7.984 K
      schedhlp.exe                  5040 Console                    1         4.672 K
      ico.exe                       5056 Console                    1         4.248 K
      FSRremoS.EXE                  5092 Console                    1         6.672 K
      hkcmd.exe                     4100 Console                    1         6.812 K
      igfxpers.exe                  4792 Console                    1         9.724 K
      SynTPEnh.exe                  5144 Console                    1        14.384 K
      PELMICED.EXE                  5164 Console                    1         8.292 K
      RAVCpl64.exe                  5236 Console                    1        10.768 K
      RAVBg64.exe                   5244 Console                    1        10.476 K
      NokiaSuite.exe                5252 Console                    1        55.672 K
      BTTray.exe                    5268 Console                    1        15.008 K
      iusb3mon.exe                  5364 Console                    1         5.400 K
      pcee4.exe                     5432 Console                    1        35.972 K
      rundll32.exe                  5448 Console                    1         3.928 K
      rundll32.exe                  5592 Console                    1        16.472 K
      avgnt.exe                     5624 Console                    1         7.860 K
      MemMonG12.exe                 5676 Console                    1         5.452 K
      FMAPP.exe                     5864 Console                    1         3.376 K
      MobileAccess.exe              5984 Console                    1        46.656 K
      HOSTS_Anti-Adware_main.ex     5992 Console                    1         7.572 K
      svchost.exe                   5604 Services                   0         5.212 K
      SearchIndexer.exe             5684 Services                   0        23.156 K
      WUDFHost.exe                  4380 Services                   0         5.868 K
      SCHTASK.EXE                   1552 Console                    1         6.256 K
      WUDFHost.exe                  6156 Services                   0         5.336 K
      rundll32.exe                  6292 Console                    1         4.844 K
      svchost.exe                   6344 Services                   0         5.972 K
      PWMDBSVC.exe                  6388 Services                   0         7.056 K
      BTStackServer.exe             6464 Console                    1        25.388 K
      ServiceLayer.exe              6772 Services                   0         7.252 K
      SvcGuiHlpr.exe                6836 Services                   0         8.824 K
      SynTPHelper.exe               6980 Console                    1         3.680 K
      NclUSBSrv64.exe               7068 Services                   0         4.312 K
      NclRSSrv.exe                  4292 Services                   0         3.384 K
      NclMSBTSrvEx.exe              6632 Console                    1         5.624 K
      taskeng.exe                   3168 Console                    1         6.496 K
      MCPLaunch.exe                 4148 Console                    1           528 K
      PrivacyIconClient.exe         3912 Console                    1        33.536 K
      svchost.exe                   2628 Services                   0         5.900 K
      LMS.exe                       7924 Services                   0         5.596 K
      UNS.exe                       3952 Services                   0        15.180 K
      PresentationFontCache.exe     5224 Services                   0        22.092 K
      MacheenService.exe            8040 Services                   0        18.932 K
      NwSapAutoWorkstationUpdat     7396 Services                   0         7.240 K
      VIPAppService.exe             7208 Services                   0         5.924 K
      audiodg.exe                   7988 Services                   0        18.104 K
      taskhost.exe                  6012 Console                    1        11.704 K
      WmiPrvSE.exe                  7756 Services                   0         7.184 K
      firefox.exe                   5860 Console                    1       189.556 K
      cmd.exe                       8964 Console                    1         3.816 K
      conhost.exe                   7488 Console                    1         5.948 K
      tasklist.exe                  1604 Console                    1         5.760 K
      
       
      ***** Ende des Scans 01.06.2013 um 18:03:06,72 ***

    • OTL

      Code:
      OTL logfile created on: 01.06.2013 17:14:54 - Run 1
      OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\***\Desktop
      64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
       
      15,70 Gb Total Physical Memory | 12,91 Gb Available Physical Memory | 82,19% Memory free
      31,40 Gb Paging File | 28,43 Gb Available in Paging File | 90,54% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]
       
      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 450,62 Gb Total Space | 353,38 Gb Free Space | 78,42% Space Free | Partition Type: NTFS
      Drive D: | 465,76 Gb Total Space | 452,76 Gb Free Space | 97,21% Space Free | Partition Type: NTFS
      Drive E: | 465,76 Gb Total Space | 6,96 Gb Free Space | 1,49% Space Free | Partition Type: NTFS
      Drive Q: | 13,67 Gb Total Space | 2,89 Gb Free Space | 21,17% Space Free | Partition Type: NTFS
       
      Computer Name: ***| User Name: *** | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
       
      ========== Processes (SafeList) ==========
       
      PRC - [2013.06.01 17:14:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
      PRC - [2013.06.01 17:02:17 | 000,302,961 | ---- | M] () -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
      PRC - [2013.05.25 16:42:11 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      PRC - [2013.05.07 22:32:09 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
      PRC - [2013.04.23 06:54:00 | 001,667,368 | ---- | M] (Lenovo) -- C:\Program Files (x86)\***Pad\Utilities\PWMDBSVC.EXE
      PRC - [2013.04.23 06:54:00 | 000,127,784 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~2\***Pad\UTILIT~1\SCHTASK.exe
      PRC - [2013.04.19 15:30:20 | 000,583,744 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
      PRC - [2013.04.19 15:30:20 | 000,125,504 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe
      PRC - [2013.04.19 15:30:16 | 000,127,072 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\micmute.exe
      PRC - [2013.04.17 13:02:54 | 000,155,864 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
      PRC - [2013.04.17 13:02:50 | 000,032,480 | ---- | M] (Macheen) -- C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
      PRC - [2013.03.30 13:40:44 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
      PRC - [2013.03.30 13:40:29 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
      PRC - [2013.03.18 17:26:10 | 000,272,680 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
      PRC - [2013.03.18 17:26:00 | 000,133,416 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
      PRC - [2013.03.18 17:25:40 | 000,846,120 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
      PRC - [2013.03.18 17:07:58 | 000,602,112 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
      PRC - [2013.02.11 01:29:33 | 000,131,072 | ---- | M] (Lenovo) -- C:\ProgramData\Lenovo\G12\MemMonG12.exe
      PRC - [2013.01.28 14:22:44 | 000,188,200 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\vcamsvc.exe
      PRC - [2013.01.28 14:22:38 | 000,293,672 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TpKnrres.exe
      PRC - [2013.01.28 14:22:34 | 000,061,736 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe
      PRC - [2013.01.16 13:05:24 | 000,278,800 | ---- | M] (Data Perceptions / PowerProgrammer) -- C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
      PRC - [2012.12.21 18:56:44 | 001,090,040 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
      PRC - [2012.12.19 10:49:34 | 000,732,648 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
      PRC - [2012.12.19 10:49:16 | 000,127,464 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
      PRC - [2012.12.19 10:49:12 | 000,149,480 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
      PRC - [2012.08.19 00:41:16 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
      PRC - [2012.06.19 20:23:10 | 000,165,568 | ---- | M] (SAP AG) -- C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
      PRC - [2012.05.15 16:45:22 | 000,065,336 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
      PRC - [2012.04.19 00:15:38 | 000,084,080 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
      PRC - [2012.02.28 10:20:58 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      PRC - [2012.02.28 10:20:56 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      PRC - [2012.02.28 10:20:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      PRC - [2012.02.26 20:01:56 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
      PRC - [2012.02.03 10:30:06 | 000,655,400 | R--- | M] (Ericsson AB) -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
      PRC - [2012.01.17 08:29:24 | 000,169,776 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
      PRC - [2011.09.22 22:21:12 | 000,395,344 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
      PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
      PRC - [2008.08.29 15:20:56 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
      PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
       
       
      ========== Modules (No Company Name) ==========
       
      MOD - [2013.06.01 17:02:17 | 000,302,961 | ---- | M] () -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
      MOD - [2013.05.25 16:42:11 | 003,128,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
      MOD - [2013.05.17 08:01:23 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll
      MOD - [2013.05.17 07:59:55 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll
      MOD - [2013.05.17 07:59:44 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
      MOD - [2013.05.17 07:59:40 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll
      MOD - [2013.05.17 07:59:33 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
      MOD - [2013.05.17 07:59:30 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
      MOD - [2013.02.14 16:57:06 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
      MOD - [2013.02.14 16:57:02 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll
      MOD - [2013.01.13 14:41:39 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
      MOD - [2013.01.13 14:41:19 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll
      MOD - [2013.01.13 14:25:00 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
      MOD - [2013.01.13 14:24:47 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
      MOD - [2013.01.13 14:24:44 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
      MOD - [2013.01.13 14:24:41 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
      MOD - [2012.12.21 18:57:44 | 000,276,984 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
      MOD - [2012.12.21 18:57:44 | 000,093,176 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
      MOD - [2012.12.21 18:57:28 | 002,653,176 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
      MOD - [2012.12.21 18:57:28 | 000,364,536 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
      MOD - [2012.12.21 18:57:26 | 011,166,712 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
      MOD - [2012.12.21 18:57:24 | 000,206,328 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
      MOD - [2012.12.21 18:57:22 | 001,347,064 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
      MOD - [2012.12.21 18:57:22 | 001,014,776 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
      MOD - [2012.12.21 18:57:22 | 000,720,888 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
      MOD - [2012.12.21 18:57:20 | 008,507,384 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
      MOD - [2012.12.21 18:57:20 | 000,520,696 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
      MOD - [2012.12.21 18:57:18 | 002,481,144 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
      MOD - [2012.12.21 18:57:18 | 002,354,168 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
      MOD - [2012.12.21 18:57:14 | 000,446,456 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
      MOD - [2012.12.21 18:57:10 | 000,207,352 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
      MOD - [2012.12.21 18:57:10 | 000,035,832 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
      MOD - [2012.12.21 18:57:08 | 000,033,272 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
      MOD - [2012.12.21 18:56:40 | 000,438,264 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
      MOD - [2012.12.21 18:56:00 | 000,606,200 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
      MOD - [2012.12.21 16:29:52 | 000,391,600 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
      MOD - [2012.12.21 16:29:52 | 000,059,280 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
      MOD - [2012.12.21 16:29:14 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
      MOD - [2012.07.20 04:55:07 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
      MOD - [2012.07.20 04:54:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
      MOD - [2010.11.21 05:24:01 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
      MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
       
       
      ========== Services (SafeList) ==========
       
      SRV:64bit: - [2012.12.11 07:22:08 | 000,060,272 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
      SRV:64bit: - [2011.12.28 22:48:24 | 000,049,480 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
      SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
      SRV - [2013.06.01 17:02:17 | 000,285,795 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -- (HOSTS Anti-PUPs)
      SRV - [2013.05.25 16:42:11 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
      SRV - [2013.05.17 23:36:44 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
      SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
      SRV - [2013.04.23 06:54:00 | 001,667,368 | ---- | M] (Lenovo) [On_Demand | Running] -- C:\Program Files (x86)\***Pad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
      SRV - [2013.04.23 06:54:00 | 001,664,808 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\***Pad\Utilities\PWMEWSVC.EXE -- (PwmEWSvc)
      SRV - [2013.04.23 06:54:00 | 000,320,576 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Program Files (x86)\***Pad\Utilities\DZSVC64.EXE -- (DozeSvc)
      SRV - [2013.04.19 15:30:20 | 000,125,504 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
      SRV - [2013.04.19 15:30:16 | 000,127,072 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
      SRV - [2013.04.19 15:30:02 | 000,145,808 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
      SRV - [2013.04.17 13:02:50 | 000,032,480 | ---- | M] (Macheen) [Auto | Running] -- C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe -- (MacheenService)
      SRV - [2013.04.11 15:30:30 | 000,022,376 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
      SRV - [2013.03.30 13:40:44 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
      SRV - [2013.03.30 13:40:29 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
      SRV - [2013.03.18 17:26:10 | 000,272,680 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
      SRV - [2013.03.18 17:26:00 | 000,133,416 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
      SRV - [2013.02.19 20:34:50 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
      SRV - [2013.02.08 17:40:34 | 003,386,608 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
      SRV - [2013.02.08 17:40:08 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
      SRV - [2013.02.08 17:39:48 | 000,621,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
      SRV - [2013.02.08 17:39:14 | 000,149,744 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
      SRV - [2013.01.28 14:22:44 | 000,188,200 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\vcamsvc.exe -- (LENOVO.TVTVCAM)
      SRV - [2013.01.28 14:22:34 | 000,061,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
      SRV - [2013.01.28 14:22:14 | 000,058,664 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
      SRV - [2013.01.21 08:40:38 | 001,006,384 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\***Pad\Bluetooth Software\btwdins.exe -- (btwdins)
      SRV - [2013.01.16 13:05:24 | 000,278,800 | ---- | M] (Data Perceptions / PowerProgrammer) [Auto | Running] -- C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe -- (WebUpdate4)
      SRV - [2012.12.19 10:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
      SRV - [2012.08.19 00:41:16 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
      SRV - [2012.08.18 22:15:43 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
      SRV - [2012.08.18 22:15:38 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
      SRV - [2012.08.10 20:49:38 | 000,136,288 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
      SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
      SRV - [2012.06.19 20:23:10 | 000,165,568 | ---- | M] (SAP AG) [Auto | Running] -- C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe -- (NWSAPAutoWorkstationUpdateSvc)
      SRV - [2012.05.10 15:45:58 | 000,143,936 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc)
      SRV - [2012.04.19 00:15:38 | 000,084,080 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService)
      SRV - [2012.02.28 10:20:58 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
      SRV - [2012.02.28 10:20:56 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
      SRV - [2012.02.28 10:20:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
      SRV - [2012.02.03 10:30:06 | 000,655,400 | R--- | M] (Ericsson AB) [Auto | Running] -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
      SRV - [2012.02.02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
      SRV - [2012.01.17 08:29:24 | 000,169,776 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe -- (FastbootService)
      SRV - [2011.11.09 20:11:05 | 008,447,848 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Programme\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
      SRV - [2011.09.22 22:21:28 | 001,114,280 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
      SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
      SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
      SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
      SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
      SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
      SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
      SRV - [2008.08.29 15:20:56 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
      SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
       
       
      ========== Driver Services (SafeList) ==========
       
      DRV:64bit: - [2013.04.23 06:54:00 | 000,029,512 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DZHDD64.SYS -- (DzHDD64)
      DRV:64bit: - [2013.04.23 06:54:00 | 000,020,736 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
      DRV:64bit: - [2013.03.30 13:40:47 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
      DRV:64bit: - [2013.03.30 13:40:47 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
      DRV:64bit: - [2013.03.30 13:40:47 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
      DRV:64bit: - [2013.02.25 23:26:08 | 000,470,256 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
      DRV:64bit: - [2013.02.19 20:34:56 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
      DRV:64bit: - [2013.02.05 11:00:26 | 011,518,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
      DRV:64bit: - [2012.12.11 07:22:08 | 000,042,824 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
      DRV:64bit: - [2012.12.04 01:08:28 | 000,598,808 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
      DRV:64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
      DRV:64bit: - [2012.09.25 03:32:10 | 000,165,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
      DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
      DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
      DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
      DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
      DRV:64bit: - [2012.08.20 17:23:52 | 000,147,288 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
      DRV:64bit: - [2012.08.19 01:39:28 | 000,117,888 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmnsusbser.sys -- (cmnsusbser)
      DRV:64bit: - [2012.08.19 00:41:17 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
      DRV:64bit: - [2012.08.19 00:41:13 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273)
      DRV:64bit: - [2012.08.19 00:41:09 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
      DRV:64bit: - [2012.08.19 00:41:04 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
      DRV:64bit: - [2012.07.23 11:11:44 | 000,148,328 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
      DRV:64bit: - [2012.07.20 04:59:52 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
      DRV:64bit: - [2012.07.17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
      DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
      DRV:64bit: - [2012.05.30 13:42:10 | 000,569,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
      DRV:64bit: - [2012.05.02 03:48:28 | 000,184,144 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
      DRV:64bit: - [2012.04.19 17:36:26 | 000,035,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
      DRV:64bit: - [2012.04.19 17:36:26 | 000,025,528 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
      DRV:64bit: - [2012.03.28 13:16:48 | 000,216,704 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877)
      DRV:64bit: - [2012.03.26 14:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
      DRV:64bit: - [2012.03.06 08:59:42 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
      DRV:64bit: - [2012.03.06 08:59:40 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
      DRV:64bit: - [2012.02.26 20:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
      DRV:64bit: - [2012.02.26 20:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
      DRV:64bit: - [2012.02.26 20:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
      DRV:64bit: - [2012.01.13 10:08:42 | 000,102,440 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\l36wgps64.sys -- (l36wgps)
      DRV:64bit: - [2012.01.11 05:30:58 | 000,360,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
      DRV:64bit: - [2011.12.28 22:48:24 | 000,025,416 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
      DRV:64bit: - [2011.12.26 11:10:44 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
      DRV:64bit: - [2011.12.08 23:06:07 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
      DRV:64bit: - [2011.12.08 23:06:07 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
      DRV:64bit: - [2011.12.07 18:59:52 | 000,027,432 | ---- | M] (***Vantage Communications Utility) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvtvcamd.sys -- (tvtvcamd)
      DRV:64bit: - [2011.12.07 10:54:20 | 000,282,152 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WwanUsbMp64.sys -- (WwanUsbServ)
      DRV:64bit: - [2011.12.05 21:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
      DRV:64bit: - [2011.10.05 11:38:32 | 000,029,736 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wwussf64.sys -- (ecnssndisfltr)
      DRV:64bit: - [2011.10.05 11:38:30 | 000,026,664 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wwuss64.sys -- (ecnssndis)
      DRV:64bit: - [2011.09.17 22:08:52 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
      DRV:64bit: - [2011.08.22 15:47:50 | 000,483,400 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3Mdm.sys -- (Mbm3Mdm)
      DRV:64bit: - [2011.08.22 15:47:50 | 000,430,664 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3DevMt.sys -- (Mbm3DevMt)
      DRV:64bit: - [2011.08.22 15:47:50 | 000,019,528 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3mdfl.sys -- (Mbm3mdfl)
      DRV:64bit: - [2011.08.22 15:47:44 | 000,419,400 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3CBus.sys -- (Mbm3CBus)
      DRV:64bit: - [2011.05.29 12:48:04 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvti2c.sys -- (TVTI2C)
      DRV:64bit: - [2011.05.25 17:23:00 | 000,101,888 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc)
      DRV:64bit: - [2011.05.12 15:03:12 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\17D5.tmp -- (MEMSWEEP2)
      DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
      DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
      DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
      DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
      DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
      DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
      DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
      DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
      DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
      DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
      DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
      DRV:64bit: - [2007.09.20 07:14:48 | 000,022,016 | R--- | M] (Primax Electronics Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PELMOUBT.SYS -- (pelmoubt)
      DRV:64bit: - [2007.09.20 07:11:18 | 000,016,384 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PELBTM.SYS -- (pelbtm)
      DRV:64bit: - [2007.08.13 08:24:26 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
      DRV:64bit: - [2007.04.16 20:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
      DRV - [2012.03.26 16:07:06 | 000,033,344 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Programme\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE)
      DRV - [2011.05.30 17:21:40 | 000,013,128 | ---- | M] (Authentec Inc.) [Kernel | Auto | Running] -- C:\Programme\***Vantage Fingerprint Software\smihlp.sys -- (smihlp)
      DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
      DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
       
       
      ========== Standard Registry (SafeList) ==========
       
       
      ========== Internet Explorer ==========
       
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\..\SearchScopes,DefaultScope = 
       
       
      IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
       
      IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
       
      IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
       
      IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
       
      IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
      IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = 
      IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&q={searchTerms}&installDate=01/06/2013
      IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&q={searchTerms}&installDate=01/06/2013
      IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=hp&installDate=01/06/2013
      IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
      IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
      IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B1 6C BF 68 FE 06 CE 01  [binary data]
      IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&q={searchTerms}&installDate=01/06/2013
      IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&q={searchTerms}&installDate=01/06/2013
      IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\..\SearchScopes,DefaultScope = 
      IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
       
      ========== FireFox ==========
       
      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..browser.startup.homepage: "about:home"
      FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.9.5
      FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.2
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
      FF - prefs.js..keyword.URL: "http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&installDate=01/06/2013&q="
      FF - user.js - File not found
       
      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
       
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP1X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2013.03.04 19:56:04 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.08.20 00:39:13 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP2X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2013.03.04 19:56:04 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.25 16:42:11 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.25 16:42:08 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.20 19:22:29 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.05.20 19:22:30 | 000,000,000 | ---D | M]
       
      [2012.08.18 17:32:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
      [2013.06.01 15:21:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\jnrp5q9p.default\extensions
      [2013.05.18 10:48:09 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\jnrp5q9p.default\extensions\firefox@ghostery.com
      [2012.08.18 17:38:49 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\jnrp5q9p.default\extensions\elemhidehelper@adblockplus.org.xpi
      [2013.05.25 16:14:57 | 000,534,261 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\jnrp5q9p.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
      [2012.12.12 23:24:02 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\jnrp5q9p.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
      [2013.05.25 16:42:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
      [2013.05.25 16:42:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
       
      O1 HOSTS File: ([2013.05.06 18:30:31 | 000,000,863 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: ***
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
      O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
      O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O3 - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
      O4:64bit: - HKLM..\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Programme\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
      O4:64bit: - HKLM..\Run: [Mouse Suite 98 Daemon] C:\Windows\SysNative\ico.exe (Primax Electronics Ltd.)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [ResetACGauge] C:\Program Files (x86)\Lenovo\Access Connections\smbhlpr.exe (Lenovo)
      O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
      O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
      O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
      O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
      O4 - HKLM..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe (Lenovo)
      O4 - HKLM..\Run: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe ()
      O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
      O4 - HKLM..\Run: [MemMonG12] C:\ProgramData\Lenovo\G12\MemMonG12.exe (Lenovo)
      O4 - HKLM..\Run: [MobileAccess] C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe (Lenovo)
      O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\***Pad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found
      O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
      O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000..\Run: []  File not found
      O4 - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
      O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
      O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
      O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
      O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8:64bit: - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
      O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
      O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8 - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
      O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
      O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
      O16 - DPF: {A6616B31-4860-41E2-98E3-CA7649AF172F} file:///D:/launch.ocx (Launch Control)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD58A476-2D14-416F-ADB0-434DC232BE90}: NameServer = 139.7.30.126 139.7.30.125
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF3E438A-458F-4851-B448-8FDA3E82FDD6}: DhcpNameServer = 192.168.1.1
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\saphtmlp - No CLSID value found
      O18:64bit: - Protocol\Handler\sapr3 - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
      O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\***Vantage Fingerprint Software\psqlpwd.dll) - C:\Programme\***Vantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2008.09.10 09:01:34 | 000,000,000 | -H-D | M] - E:\autorun -- [ NTFS ]
      O32 - Unable to obtain root file information for disk E:\
      O32 - Unable to obtain root file information for disk Q:\
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
       
      ========== Files/Folders - Created Within 30 Days ==========
       
      [2013.06.01 17:14:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
      [2013.06.01 17:02:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
      [2013.06.01 16:05:01 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Evernote
      [2013.06.01 15:24:59 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
      [2013.06.01 15:24:56 | 000,000,000 | ---D | C] -- C:\JRT
      [2013.06.01 15:16:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
      [2013.06.01 15:15:31 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
      [2013.06.01 12:11:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
      [2013.06.01 12:11:34 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
      [2013.06.01 12:11:34 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
      [2013.06.01 12:11:34 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
      [2013.06.01 12:11:34 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
      [2013.06.01 12:11:34 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
      [2013.06.01 12:11:34 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
      [2013.06.01 12:11:34 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
      [2013.06.01 12:11:34 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
      [2013.06.01 12:11:31 | 000,220,776 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
      [2013.06.01 12:11:30 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
      [2013.06.01 12:11:30 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
      [2013.06.01 12:11:30 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
      [2013.06.01 12:11:30 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
      [2013.06.01 12:11:29 | 002,670,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
      [2013.06.01 12:11:29 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
      [2013.06.01 12:11:29 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
      [2013.06.01 12:11:27 | 003,608,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
      [2013.06.01 12:11:27 | 000,824,424 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
      [2013.06.01 12:11:27 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
      [2013.06.01 12:11:27 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
      [2013.06.01 12:11:27 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
      [2013.06.01 12:11:27 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
      [2013.06.01 12:11:27 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
      [2013.06.01 12:11:26 | 001,251,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
      [2013.06.01 12:11:26 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
      [2013.06.01 12:11:25 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
      [2013.06.01 12:11:25 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
      [2013.06.01 12:11:24 | 002,886,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
      [2013.06.01 12:11:24 | 000,102,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
      [2013.06.01 12:11:23 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
      [2013.06.01 12:11:23 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
      [2013.06.01 12:11:23 | 000,137,056 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
      [2013.06.01 12:11:23 | 000,120,160 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
      [2013.06.01 12:11:23 | 000,075,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
      [2013.06.01 12:11:17 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
      [2013.06.01 12:11:05 | 002,528,832 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
      [2013.06.01 12:11:05 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
      [2013.06.01 12:11:05 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
      [2013.06.01 12:11:05 | 000,537,456 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
      [2013.06.01 12:11:05 | 000,524,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
      [2013.06.01 12:11:05 | 000,449,392 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
      [2013.06.01 12:11:04 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
      [2013.06.01 12:11:04 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
      [2013.06.01 12:11:04 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
      [2013.06.01 12:11:04 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
      [2013.06.01 12:11:03 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
      [2013.06.01 12:11:03 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
      [2013.06.01 12:11:03 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
      [2013.06.01 12:11:03 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
      [2013.06.01 12:11:03 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
      [2013.06.01 12:11:03 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
      [2013.06.01 12:11:01 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
      [2013.06.01 12:11:01 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
      [2013.06.01 11:59:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Synaptics
      [2013.06.01 11:36:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Mobile Access
      [2013.06.01 11:36:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CompanyDir
      [2013.06.01 11:33:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\MobileAccess
      [2013.06.01 01:01:51 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
      [2013.06.01 01:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
      [2013.06.01 01:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel.sav
      [2013.06.01 01:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
      [2013.06.01 00:59:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MacheenService
      [2013.06.01 00:52:59 | 000,210,984 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys
      [2013.06.01 00:52:59 | 000,184,144 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys
      [2013.06.01 00:52:59 | 000,039,976 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys
      [2013.06.01 00:52:59 | 000,021,544 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys
      [2013.05.25 16:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2013.05.20 19:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
      [2013.05.18 11:03:37 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
      [2013.05.18 11:03:37 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
      [2013.05.18 11:03:37 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
      [2013.05.18 11:03:37 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
      [2013.05.18 11:03:36 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
      [2013.05.18 11:03:36 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
      [2013.05.18 11:03:32 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
      [2013.05.18 11:03:32 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
      [2013.05.18 11:03:32 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
      [2013.05.18 11:03:32 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
      [2013.05.18 11:03:32 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
      [2013.05.18 11:03:32 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
      [2013.05.18 11:03:32 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
      [2013.05.18 11:03:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
      [2013.05.18 11:03:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
      [2013.05.18 11:03:32 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
      [2013.05.18 11:03:32 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
      [2013.05.18 11:03:31 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
      [2013.05.18 11:03:31 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
      [2013.05.18 11:03:31 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
      [2013.05.18 11:03:31 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
      [2013.05.18 11:03:31 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
      [2013.05.18 11:03:31 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
      [2013.05.18 11:03:31 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
      [2013.05.18 11:03:31 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
      [2013.05.18 11:03:31 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
      [2013.05.18 11:03:31 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
      [2013.05.18 11:03:31 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
      [2013.05.18 11:03:31 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
      [2013.05.18 11:03:31 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
      [2013.05.18 11:03:31 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
      [2013.05.18 11:03:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
      [2013.05.18 11:03:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
      [2013.05.18 11:03:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
      [2013.05.18 11:03:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
      [2013.05.18 11:03:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
      [2013.05.18 11:03:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
      [2013.05.18 11:03:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
      [2013.05.18 11:03:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
      [2013.05.18 11:03:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
      [2013.05.18 11:03:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
      [2013.05.18 11:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SPBA
      [2013.05.17 07:56:47 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
      [2013.05.17 07:56:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
      [2013.05.17 07:56:46 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
      [2013.05.17 07:56:46 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
      [2013.05.17 07:56:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
      [2013.05.17 07:56:46 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
      [2013.05.17 07:56:46 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
      [2013.05.17 07:56:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
      [2013.05.17 07:56:45 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
      [2013.05.17 07:56:45 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
      [2013.05.17 07:56:45 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
      [2013.05.17 07:56:45 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
      [2013.05.17 07:56:44 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
      [2013.05.17 07:56:44 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
      [2013.05.17 07:56:44 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
      [2013.05.17 07:51:11 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
      [2013.05.17 07:51:11 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
      [2013.05.17 07:50:44 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
      [2013.05.17 07:50:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
      [2013.05.17 07:50:43 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
      [2013.05.17 07:50:43 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
      [2013.05.17 07:50:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
      [2013.05.07 22:32:46 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
      [2013.05.05 19:25:20 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\LSC
      [3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
       
      ========== Files - Modified Within 30 Days ==========
       
      [2013.06.01 17:17:54 | 000,034,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013.06.01 17:17:54 | 000,034,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013.06.01 17:14:37 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2013.06.01 17:14:37 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
      [2013.06.01 17:14:37 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2013.06.01 17:14:37 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
      [2013.06.01 17:14:37 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2013.06.01 17:14:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
      [2013.06.01 17:09:51 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
      [2013.06.01 17:09:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013.06.01 17:09:00 | 4055,732,222 | -HS- | M] () -- C:\hiberfil.sys
      [2013.06.01 16:31:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013.06.01 11:35:53 | 000,000,227 | ---- | M] () -- C:\ProgramData\LastUpdate.xml
      [2013.06.01 11:35:52 | 000,000,031 | ---- | M] () -- C:\Windows\WebUpdateSvc4.INI
      [2013.06.01 01:20:37 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
      [2013.06.01 00:54:40 | 000,000,890 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
      [2013.05.17 23:36:44 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
      [2013.05.17 23:36:44 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      [2013.05.17 11:05:22 | 002,974,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2013.05.07 22:32:36 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
      [2013.05.06 19:22:13 | 000,002,048 | ---- | M] () -- C:\Users\***\Desktop\Adobe Acrobat 7.0 Standard.lnk
      [2013.05.06 19:22:10 | 000,002,030 | ---- | M] () -- C:\Users\***\Desktop\Adobe Reader XI.lnk
      [2013.05.06 19:21:57 | 000,001,087 | ---- | M] () -- C:\Users\***\Desktop\Oracle VM VirtualBox.lnk
      [2013.05.06 18:56:51 | 000,001,254 | ---- | M] () -- C:\Users\***\Desktop\Välkomna! Vokabeltrainer.lnk
      [2013.05.05 13:39:20 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLbx.DAT
      [3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
      [1 C:\Windows\SysNative\drivers\UMDF\*.tmp files -> C:\Windows\SysNative\drivers\UMDF\*.tmp -> ]
       
      ========== Files Created - No Company Name ==========
       
      [2013.06.01 12:11:25 | 000,272,629 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
      [2013.06.01 11:35:53 | 000,000,227 | ---- | C] () -- C:\ProgramData\LastUpdate.xml
      [2013.06.01 11:35:52 | 000,000,031 | ---- | C] () -- C:\Windows\WebUpdateSvc4.INI
      [2013.06.01 01:20:37 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
      [2013.06.01 00:59:47 | 000,002,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Mobile Access.lnk
      [2013.05.12 14:56:08 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
      [2013.05.06 19:22:13 | 000,002,048 | ---- | C] () -- C:\Users\***\Desktop\Adobe Acrobat 7.0 Standard.lnk
      [2013.05.06 19:22:10 | 000,002,030 | ---- | C] () -- C:\Users\***\Desktop\Adobe Reader XI.lnk
      [2013.05.06 19:21:57 | 000,001,087 | ---- | C] () -- C:\Users\***\Desktop\Oracle VM VirtualBox.lnk
      [2013.05.06 18:56:51 | 000,001,254 | ---- | C] () -- C:\Users\***\Desktop\Välkomna! Vokabeltrainer.lnk
      [2013.02.19 20:35:12 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
      [2013.02.19 20:35:12 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
      [2013.02.19 20:34:56 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
      [2012.09.10 21:23:21 | 001,064,960 | ---- | C] () -- C:\Windows\SysWow64\h5krnl32.dll
      [2012.09.10 21:23:21 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\h5menu32.dll
      [2012.09.10 21:23:21 | 000,095,744 | ---- | C] () -- C:\Windows\SysWow64\h5rtf32.dll
      [2012.09.10 21:23:21 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\h5tool32.dll
      [2012.09.10 21:23:20 | 000,188,928 | ---- | C] () -- C:\Windows\SysWow64\h5icon32.dll
      [2012.08.19 02:47:29 | 000,035,404 | R--- | C] () -- C:\Windows\ConnectionProfiles.dat
      [2012.08.19 01:22:03 | 000,039,095 | ---- | C] () -- C:\Windows\iccsigs.dat
      [2012.08.19 01:22:02 | 000,112,688 | ---- | C] () -- C:\Windows\SysWow64\shw32.dll
      [2012.08.18 23:14:19 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Hybrid Basic
      [2012.08.18 23:14:19 | 000,000,268 | RH-- | C] () -- C:\Users\***\AppData\Roaming\Home
      [2012.08.18 23:04:36 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Commands
      [2012.08.18 23:04:36 | 000,000,268 | RH-- | C] () -- C:\Users\***\AppData\Roaming\ColorTable
      [2012.08.18 23:04:36 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
      [2012.08.18 22:54:56 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
      [2012.08.18 16:53:44 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat
      [2012.07.19 19:15:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
      [2012.07.19 19:15:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll
      [2012.07.19 19:15:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
      [2012.07.19 19:13:39 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
      [2012.07.19 19:13:38 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
      [2012.07.19 19:06:42 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
       
      ========== ZeroAccess Check ==========
       
      [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
       
      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
       
      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
       
      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
       
      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
       
      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment
       
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment
       
      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free
       
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free
       
      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both
       
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
       
      ========== LOP Check ==========
       
      [2012.11.18 23:17:01 | 000,000,000 | ---D | M] -- C:\Users\Beamer\AppData\Roaming\Leadertech
      [2013.05.05 19:19:07 | 000,000,000 | ---D | M] -- C:\Users\Beamer\AppData\Roaming\Lenovo
      [2012.11.18 23:17:11 | 000,000,000 | ---D | M] -- C:\Users\Beamer\AppData\Roaming\LSC
      [2013.05.25 18:43:28 | 000,000,000 | ---D | M] -- C:\Users\Beamer\AppData\Roaming\Notepad++
      [2013.05.05 19:14:49 | 000,000,000 | ---D | M] -- C:\Users\Beamer\AppData\Roaming\PC Suite
      [2012.11.18 23:19:18 | 000,000,000 | ---D | M] -- C:\Users\Beamer\AppData\Roaming\PwrMgr
      [2013.05.25 17:47:29 | 000,000,000 | ---D | M] -- C:\Users\Beamer\AppData\Roaming\SAP
      [2012.08.19 03:10:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Acronis
      [2012.10.07 14:38:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
      [2013.06.01 15:17:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
      [2012.08.26 23:11:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
      [2013.02.09 13:43:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
      [2012.09.01 21:24:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InterVideo
      [2012.08.18 17:09:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
      [2013.02.09 00:00:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Lenovo
      [2013.05.05 19:25:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LSC
      [2012.08.18 23:14:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nikon
      [2013.05.13 11:55:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nokia
      [2013.03.09 19:32:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nokia Suite
      [2013.04.27 12:10:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++
      [2013.03.08 18:04:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC Suite
      [2012.08.18 17:17:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PwrMgr
      [2013.05.25 16:33:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SAP
      [2012.09.01 20:36:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Shark007
      [2013.06.01 11:59:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Synaptics
      [2012.08.18 18:03:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
       
      ========== Purity Check ==========
       
       
      
      < End of report >
      Code:
      OTL Extras logfile created on: 01.06.2013 17:14:54 - Run 1
      OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\***\Desktop
      64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
       
      15,70 Gb Total Physical Memory | 12,91 Gb Available Physical Memory | 82,19% Memory free
      31,40 Gb Paging File | 28,43 Gb Available in Paging File | 90,54% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]
       
      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 450,62 Gb Total Space | 353,38 Gb Free Space | 78,42% Space Free | Partition Type: NTFS
      Drive D: | 465,76 Gb Total Space | 452,76 Gb Free Space | 97,21% Space Free | Partition Type: NTFS
      Drive E: | 465,76 Gb Total Space | 6,96 Gb Free Space | 1,49% Space Free | Partition Type: NTFS
      Drive Q: | 13,67 Gb Total Space | 2,89 Gb Free Space | 21,17% Space Free | Partition Type: NTFS
       
      Computer Name: *** | User Name: *** | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
       
      ========== Extra Registry (SafeList) ==========
       
       
      ========== File Associations ==========
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .html[@ = ChromeHTML] -- Reg Error: Key error. File not found
      .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
       
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
      .html [@ = ChromeHTML] -- Reg Error: Key error. File not found
       
      [HKEY_USERS\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Classes\<extension>]
      .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
       
      ========== Shell Spawning ==========
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      exefile [open] -- "%1" %*
      helpfile [open] -- Reg Error: Key error.
      htmlfile [edit] -- Reg Error: Key error.
      htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
      http [open] -- Reg Error: Key error.
      https [open] -- Reg Error: Key error.
      inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
      InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
      InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
      Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
      Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
      Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [explore] -- Reg Error: Value error.
      Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
       
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
      exefile [open] -- "%1" %*
      helpfile [open] -- Reg Error: Key error.
      htmlfile [edit] -- Reg Error: Key error.
      htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
      http [open] -- Reg Error: Key error.
      https [open] -- Reg Error: Key error.
      inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
      Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
      Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
      Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [explore] -- Reg Error: Value error.
      Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
       
      ========== Security Center Settings ==========
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
      "cval" = 1
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
      "VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
      "AntiVirusOverride" = 0
      "AntiSpywareOverride" = 0
      "FirewallOverride" = 0
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
       
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
       
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
       
      ========== Firewall Settings ==========
       
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
      "EnableFirewall" = 1
      "DisableNotifications" = 0
       
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
      "EnableFirewall" = 1
      "DisableNotifications" = 0
       
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
      "EnableFirewall" = 1
      "DisableNotifications" = 0
       
      ========== Authorized Applications List ==========
       
       
      ========== Vista Active Open Ports Exception List ==========
       
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
      "{70D9EDA0-D3AB-429D-992D-02771B5007A9}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
      "{F8770F31-D6A8-4BF4-B612-338066D80871}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
      "{FC653B5C-6913-4068-92CD-A0F51F830154}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
       
      ========== Vista Active Application Exception List ==========
       
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
      "{15E922B4-E91A-44BA-975D-3835722D5CA2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
      "{17FB4784-615C-41DB-B696-C51544B7D14F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
      "{2BE9130D-85E6-4CAB-8CCE-1B55E5B644C8}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe | 
      "{339CA5DA-8EBF-4938-A7B4-14F762F52468}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
      "{43A0C780-729C-458F-90B1-5B5C70990725}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
      "{5806D96A-D8E5-48ED-BA12-F2AA143B1639}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
      "{60AFEBC9-B57F-4F0F-88A3-58FC69D7485E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
      "{67C33633-FCB9-45CD-857F-9E749B704FFE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
      "{6C27B3B8-41A6-49B7-8095-0798C4924E96}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
      "{6E03812C-38A3-4091-AAD7-91A5E5DB9190}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe | 
      "{719AFDEC-7119-4081-9C75-4CB802FC57AD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
      "{8370E760-07D2-4E9A-9519-EB0A2BC464F3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
      "{89140443-14C0-4544-B172-A559D6900745}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
      "{89C43CDC-9FD0-4FF6-A4D1-87118DF795C2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
      "{9ECCA97E-9A43-40C1-92F6-0A9ED2A7F925}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
      "{A4F9D9D7-64C5-44FF-8551-4CACDEB0AF79}" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe | 
      "{AB88094F-E178-4FF2-BE48-02DEAE683DD5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
      "{AFE9FC75-C5FE-4816-BCC4-315FC14C87C4}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
      "{C75AF9C6-D712-45B4-B55A-ECB81E01A444}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
      "{F63AC2A4-AFC6-4980-B2E0-6C173BB0EDA9}" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe | 
      "{F667E5F7-34C0-4F84-8D8E-01C3AF9B6F00}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe | 
      "TCP Query User{9B4E31A8-9F98-4421-B126-8DFC3C23497C}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe | 
      "UDP Query User{7B45B754-C975-4847-9408-B8F9CCD3A4A9}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe | 
       
      ========== HKEY_LOCAL_MACHINE Uninstall List ==========
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
      "{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
      "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
      "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
      "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
      "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
      "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
      "{3849486C-FF09-4F5D-B491-3E179D58EE15}" = Message Center Plus
      "{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ***Vantage System für aktiven Festplattenschutz
      "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
      "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
      "{5DEFFC02-063C-4781-A371-077729F869B4}" = Lenovo Solution Center
      "{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot Shield
      "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
      "{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}" = Regi
      "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
      "{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
      "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
      "{728985C5-A04B-457C-9D62-15360F3EAF85}" = Intel(R) WiDi
      "{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
      "{7C6CD9B4-B230-4E76-80AA-FB465FF4DE29}" = Intel(R) PROSet/Wireless WiFi Software Driver
      "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
      "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
      "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
      "{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ***Vantage Communications Utility
      "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
      "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
      "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
      "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
      "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
      "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
      "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
      "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
      "{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = ***Pad Bluetooth with Enhanced Data Rate Software
      "{A1D577BD-692D-4AC9-98DF-8E3C33B792E4}" = Oracle VM VirtualBox 4.1.20
      "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
      "{A8CAC260-092D-41DA-A38F-73AF4226B021}" = Lenovo Graphics Software
      "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
      "{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}" = Lenovo Patch Utility 64 bit
      "{B57D4097-F2FE-4222-BA02-46C6EC8B7944}" = DisplayLink Core Software
      "{BF601122-9F0A-41A9-BA06-3158D9FB4B80}" = Lenovo SimpleTap
      "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
      "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
      "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
      "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
      "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
      "{DEF50764-F1A7-4DD4-B8BA-C81A4807631A}" = Intel® PROSet/Wireless WiFi Software
      "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
      "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
      "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
      "{F58DA859-016E-492D-A588-317D9BB28002}" = ***Vantage Fingerprint Software
      "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
      "09839A9B5EDA69DA2DCC34637B5140AAF8A53B44" = Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020)
      "62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
      "72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9)
      "97EE1802A0385A37DE6323FA39EC76BEB2D73E41" = Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011)
      "9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8" = Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011)
      "A4EEF8BC45A8EED2C8090601368F19B9357FC46E" = Windows-Treiberpaket - Synaptics (SynTP) Mouse  (03/01/2012 16.0.2.0)
      "CCleaner" = CCleaner
      "D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35" = Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011)
      "DisableAMTPopup" = Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7
      "E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7)
      "E3535F123E7F666D573665142F90D3E5004DC326" = Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20)
      "EC2A0F2B229770EC589265FCF2B4839A0C221993" = Windows-Treiberpaket - Intel (e1cexpress) Net  (01/11/2012 11.15.16.0)
      "EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
      "LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
      "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
      "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
      "MouseSuite98" = Lenovo Mouse Suite
      "OnScreenDisplay" = Anzeige am Bildschirm
      "Power Management Driver" = Lenovo Power Management Driver
      "SynTPDeinstKey" = Synaptics Pointing Device Driver
      "VLC media player" = VLC media player 2.1.0-git
      "x64 Components_is1" = x64 Components v3.7.6
       
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis*True*Image*Home 2011
      "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
      "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
      "{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
      "{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
      "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
      "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
      "{0AD3DEBC-5321-457E-8B43-8F546940169B}" = Joe
      "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
      "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
      "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
      "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
      "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
      "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1
      "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
      "{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
      "{11939E00-2BEC-4AE1-B373-E8C1F3FBC7FA}" = Accent EXCEL Password Recovery
      "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
      "{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
      "{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
      "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
      "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
      "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
      "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
      "{1D2FF661-4402-4D75-AA40-B23FCAF81D32}" = Lenovo Patch Utility
      "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
      "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
      "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
      "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
      "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
      "{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
      "{2385C070-EC26-4AB9-8718-E605C977C0ED}" = Microsoft redistributable runtime DLLs VS2010 SP1 (x86)
      "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
      "{25C64847-B900-48AD-A164-1B4F9B774650}" = Lenovo System Update
      "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
      "{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}" = Lenovo Welcome
      "{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
      "{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
      "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
      "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
      "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
      "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
      "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
      "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
      "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
      "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
      "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
      "{4AC4DAE6-46E6-4211-B785-F20961E0A9D0}" = FormsForWeb® Filler 3.2.2
      "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
      "{4DD171A1-70FB-48EE-8844-98A7AA4C8DCC}" = Lenovo Mobile Access
      "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
      "{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
      "{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
      "{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
      "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
      "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
      "{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
      "{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
      "{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
      "{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
      "{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
      "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
      "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
      "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
      "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
      "{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
      "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
      "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
      "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
      "{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
      "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
      "{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}" = ***Vantage GPS
      "{6dc311e6-5f94-4934-9e77-d3991d628f84}" = Nero 9
      "{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
      "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
      "{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
      "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
      "{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
      "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
      "{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
      "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
      "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
      "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
      "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
      "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
      "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
      "{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
      "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
      "{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
      "{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
      "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
      "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
      "{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ***Vantage Access Connections
      "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
      "{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
      "{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
      "{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
      "{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
      "{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
      "{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
      "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
      "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
      "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
      "{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
      "{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
      "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
      "{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
      "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
      "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
      "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
      "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
      "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
      "{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
      "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
      "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
      "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
      "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
      "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
      "{9C551D9B-5D36-46A2-9414-F658D934B129}" = ***Vantage Access Connections
      "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
      "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
      "{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
      "{A2FEAED3-17DB-4D60-867B-8FA5B7105F2C}" = Snap.Do
      "{A47A9101-6EB5-4314-BDA1-297880FBB908}" = Microsoft redistributable runtime DLLs VS2008 SP1(x86)
      "{A4FEF04E-604F-2834-374C-D36AFA9FA113}" = Välkomna! Vokabeltrainer
      "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
      "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
      "{A78800AF-1779-4AE8-8EBE-16E1BE727C71}" = Integrated Camera Driver Installer Package Ver.1.2.1.18
      "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
      "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
      "{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}" = Lenovo Mobile Broadband Activation
      "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
      "{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
      "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
      "{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
      "{AC76BA86-1033-F400-BA7E-100000000002}" = Adobe Acrobat 7.0 Standard - English, Français, Deutsch
      "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
      "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
      "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
      "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
      "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
      "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
      "{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
      "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
      "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
      "{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
      "{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
      "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
      "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
      "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
      "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
      "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
      "{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
      "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
      "{C9FB6FFC-B3D2-4AA0-AC05-73DB7796B638}" = DE
      "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
      "{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
      "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
      "{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}" = Microsoft redistributable runtime DLLs VS2005 SP1(x86)
      "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
      "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
      "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
      "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
      "{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Energie-Manager
      "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
      "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
      "{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}" = Nokia Suite
      "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
      "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
      "{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
      "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
      "{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
      "{E8D46836-CD55-453C-A107-A59EC51CB8DC}" = VIP Access
      "{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
      "{EA9640BE-414E-4195-B53B-7905BF1A5A09}" = Mobile Broadband Drivers
      "{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
      "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
      "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
      "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
      "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
      "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
      "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
      "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
      "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
      "{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
      "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
      "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
      "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
      "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
      "{fad118b4-798f-4755-9e67-a622eec95b62}" = Intel® PROSet/Wireless Software
      "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
      "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
      "{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
      "{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.14.18.01
      "Adobe Acrobat 7.0 Standard - EFG - V" = Adobe Acrobat 7.1.0 Standard - English, Français, Deutsch
      "Adobe AIR" = Adobe AIR
      "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
      "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
      "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
      "Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
      "AudibleDownloadManager" = Audible Download Manager
      "AudibleManager" = AudibleManager
      "Avira AntiVir Desktop" = Avira Free Antivirus
      "Capture NX 2" = Capture NX 2
      "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
      "Corel Applications" = Corel Applications
      "DivX Setup" = DivX-Setup
      "Fastboot" = RapidBoot HDD Accelerator
      "Free YouTube Download_is1" = Free YouTube Download version 3.1.34.823
      "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
      "Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
      "Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
      "MozillaMaintenanceService" = Mozilla Maintenance Service
      "MVApplication1" = SureThing CD Labeler 4 SE
      "Nokia PC Suite" = Nokia PC Suite
      "Nokia Suite" = Nokia Suite
      "Notepad++" = Notepad++
      "Office14.SingleImage" = Microsoft Office Home and Student 2010
      "SAP_Engineering Client Viewer 7.0" = Engineering Client Viewer 7.0
      "SAP_WUS" = SAPSetup Automatic Workstation Update Service
      "SAPGUI710" = SAP GUI for Windows 7.30
      "Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.20
      "SugarSync" = SugarSync Manager
      "WinLiveSuite" = Windows Live Essentials
      "WinZip" = WinZip
       
      ========== HKEY_USERS Uninstall List ==========
       
      [HKEY_USERS\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "FileZilla Client" = FileZilla Client 3.6.0.2
       
      ========== HKEY_USERS Uninstall List ==========
       
      [HKEY_USERS\S-1-5-21-2472223549-3450205605-2806634343-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "FileZilla Client" = FileZilla Client 3.6.0.2
       
      ========== Last 20 Event Log Errors ==========
       
      [ Application Events ]
      Error - 01.06.2013 11:10:23 | Computer Name = *** | Source = WinMgmt | ID = 10
      Description = 
       
      [ Lenovo-Message Center Plus/Admin Events ]
      Error - 17.05.2013 10:01:34 | Computer Name = *** | Source = Lenovo-Message Center Plus/Admin | ID = 2
      Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
      Der angegebene Host ist unbekannt
       
      Error - 20.05.2013 06:48:47 | Computer Name = *** | Source = Lenovo-Message Center Plus/Admin | ID = 2
      Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
      Der angegebene Host ist unbekannt
       
      Error - 20.05.2013 06:48:49 | Computer Name = *** | Source = Lenovo-Message Center Plus/Admin | ID = 2
      Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
      Der angegebene Host ist unbekannt
       
      Error - 20.05.2013 06:48:52 | Computer Name = *** | Source = Lenovo-Message Center Plus/Admin | ID = 2
      Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
      Der angegebene Host ist unbekannt
       
      Error - 22.05.2013 08:52:13 | Computer Name = *** | Source = Lenovo-Message Center Plus/Admin | ID = 2
      Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
      Der angegebene Host ist unbekannt
       
      Error - 22.05.2013 08:52:15 | Computer Name = *** | Source = Lenovo-Message Center Plus/Admin | ID = 2
      Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
      Der angegebene Host ist unbekannt
       
      Error - 22.05.2013 08:52:18 | Computer Name = *** | Source = Lenovo-Message Center Plus/Admin | ID = 2
      Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
      Der angegebene Host ist unbekannt
       
      Error - 23.05.2013 02:40:39 | Computer Name = *** | Source = Lenovo-Message Center Plus/Admin | ID = 2
      Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
      Der angegebene Host ist unbekannt
       
      Error - 23.05.2013 02:40:41 | Computer Name = *** | Source = Lenovo-Message Center Plus/Admin | ID = 2
      Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
      Der angegebene Host ist unbekannt
       
      Error - 23.05.2013 02:40:44 | Computer Name = *** | Source = Lenovo-Message Center Plus/Admin | ID = 2
      Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
      Der angegebene Host ist unbekannt
       
      [ System Events ]
      Error - 01.06.2013 11:09:51 | Computer Name = *** | Source = Service Control Manager | ID = 7009
      Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
       HOSTS Anti-PUPs erreicht.
       
      Error - 01.06.2013 11:09:51 | Computer Name = *** | Source = Service Control Manager | ID = 7000
      Description = Der Dienst "HOSTS Anti-PUPs" wurde aufgrund folgenden Fehlers nicht
       gestartet:   %%1053
       
      Error - 01.06.2013 11:10:21 | Computer Name = *** | Source = Service Control Manager | ID = 7009
      Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
       Lenovo Camera Mute erreicht.
       
      Error - 01.06.2013 11:10:39 | Computer Name = *** | Source = Service Control Manager | ID = 7026
      Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
         cdrom
       
       
      < End of report >
    • SARSCAN
      Code:
      Sophos Anti-Rootkit Version 1.5.20  (c) 2009 Sophos Plc
      Started logging on 01.06.2013 at 16:14:12
      User "***" on computer "***"
      Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64
      Info:	Starting registry scan.
      Info:	Starting disk scan of C: (NTFS).
      Hidden:	file C:\Windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.6029\MSORES.DLL
      Hidden:	file C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}\Installer.exe
      Info:	Starting disk scan of D: (NTFS).
      Info:	Starting disk scan of E: (NTFS).
      Info:	Starting disk scan of Q: (NTFS).
      Stopped logging on 01.06.2013 at 16:57:36
      
      
      Sophos Anti-Rootkit Version 1.5.20  (c) 2009 Sophos Plc
      Started logging on 01.06.2013 at 17:27:08
      User "***" on computer "***"
      Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64
      Info:	Starting registry scan.
      Info:	Starting disk scan of C: (NTFS).
      Info:	Starting disk scan of D: (NTFS).
      Info:	Starting disk scan of E: (NTFS).
      Info:	Starting disk scan of Q: (NTFS).
      Stopped logging on 01.06.2013 at 17:55:41
    Geändert von tigerbine (03.06.2013 um 01:27 Uhr)

  2. #2
    Moderator (global) Team-Mitglied Avatar von kira
    Registriert seit
    28.03.2006
    Ort
    Wien/Sprachen: Deutsch-Ungarisch
    Beiträge
    29.733

    AW: Toolbar deinstallieren

    Herzlich Willkommen hier bei uns am HijackThis Supportboard!

    **Bevor du mit Teil 1. der Aufgabe beginnst: HIER KLICKEN UND SORGFÄLTIG DURCHLESEN!** , und ich bitte um kurze Bestätigung, dass du dies gelesen und akzeptiert hast!
    Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
    ► Unrechtmäßig erworbene Software (durch Keygen, Crack, Keymaker) wird hier nicht geduldet, in diesem Fall wird der Support eingestellt.!
    ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
    Bitte lese Dir zuerst in Ruhe die Anweisungen durch und Du sollst dabei die Reihenfolge einhalten, anderenfalls können unerwünschte Effekte auftreten.
    ► Falls unvorhersehbare Probleme auftreten sollten, bitte stoppen und um sofortige Rückmeldung! Bis auf weiteres (ohne Abspräche) keine eigenen Aktivitäten vornehmen!

    Kein PN, alle Mitteilungen in deinem Thread!

    ► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
    **Vista und Win7 Verwender: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen

    1.
    Ohne oder mit deine Zustimmung auf dein Rechner gelandet?
    Code:
    feed.snapdo.com
    2.
    Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
    • Download den CCleaner
    • Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
    • starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
    • ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)


    Bitte alle Ergebnisse im Code-Tags posten!

    vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
    hier kommt dein Logfile rein
    dahinter - also am Ende der Logdatei:[/code]

    Wie es geht:-> Logfiles in Code-Tags setzen
    gruß
    kira
    Warnung!:
    Vorsicht bei Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einem Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!

    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
    Bitte diese Warnung weitergeben, wo Du nur kannst!

  3. #3
    Vielschreiber
    Registriert seit
    14.06.2006
    Beiträge
    326

    AW: Toolbar deinstallieren

    1. Akzeptiert.

    2. Ohne meine wissentliche" Zustimmung (Es gab kein Feld zum Flaggen, wie es "sonst" bei Toolbars ist)

    3.
    Code:
    Accent EXCEL Password Recovery	Passcovery Co. Ltd.	10.02.2013	5,93MB	7.0.48.2579
    Acronis*True*Image*Home 2011	Acronis	19.08.2012	249MB	14.0.6942
    Adobe Acrobat 7.1.0 Standard - English, Français, Deutsch	Adobe Systems	01.06.2013		7.1.0
    Adobe AIR	Adobe Systems Incorporated	01.06.2013		3.7.0.1860
    Adobe Anchor Service x64 CS4		09.12.2011		
    Adobe CMaps x64 CS4		09.12.2011		
    Adobe CSI CS4 x64		09.12.2011		
    Adobe Drive CS4 x64		09.12.2011		
    Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	01.06.2013	6,00MB	11.7.700.202
    Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	01.06.2013	6,00MB	11.7.700.202
    Adobe Fonts All x64		09.12.2011		
    Adobe Linguistics CS4 x64		09.12.2011		
    Adobe Media Player	Adobe Systems Incorporated	01.06.2013		1.1
    Adobe PDF Library Files x64 CS4		09.12.2011		
    Adobe Photoshop CS4	Adobe Systems Incorporated	01.06.2013	2,04GB	11.0
    Adobe Photoshop CS4 (64 Bit)		09.12.2011		
    Adobe Reader XI (11.0.03) - Deutsch	Adobe Systems Incorporated	16.05.2013	133MB	11.0.03
    Adobe Type Support x64 CS4		09.12.2011		
    Adobe WinSoft Linguistics Plugin x64		09.12.2011		
    Amazon MP3-Downloader 1.0.17	Amazon Services LLC	01.06.2013		1.0.17
    Anzeige am Bildschirm		01.06.2013		7.12.00
    Apple Application Support	Apple Inc.	07.10.2012	64,5MB	2.2.2
    Apple Mobile Device Support	Apple Inc.	07.10.2012	23,7MB	6.0.0.59
    Apple Software Update	Apple Inc.	19.08.2012	2,38MB	2.1.3.127
    Audible Download Manager	Audible, Inc.	01.06.2013		6.6.0.15
    AudibleManager	Audible, Inc.	01.06.2013		2006334702.48.56.35859754
    Avira Free Antivirus	Avira	01.06.2013	124MB	13.0.0.3640
    Bonjour	Apple Inc.	19.08.2012	2,00MB	3.0.0.10
    Capture NX 2	NIKON CORPORATION	01.06.2013		2.0.0
    CCleaner	Piriform	23.04.2013		4.01
    Corel Applications		01.06.2013		
    CorelDRAW Graphics Suite X3	Corel Corporation	19.08.2012	403MB	13.0
    Create Recovery Media	Lenovo Group Limited	19.07.2012	8,08MB	1.20.0.00
    DHTML Editing Component	Microsoft Corporation	10.09.2012	554KB	6.02.0001
    Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7		19.07.2012		1.00
    DisplayLink Core Software	DisplayLink Corp.	19.07.2012	20,3MB	6.1.35392.0
    DivX-Setup	DivX, LLC	01.06.2013		2.6.1.9
    Dolby Advanced Audio v2	Dolby Laboratories Inc	19.07.2012	12,9MB	7.2.7000.7
    Energie-Manager		01.06.2013		6.54
    Engineering Client Viewer 7.0	SAP AG	01.06.2013		
    File Uploader	Nikon	18.08.2012	1,65MB	1.2.5
    FileZilla Client 3.6.0.2	FileZilla Project	14.01.2013	17,1MB	3.6.0.2
    FormsForWeb® Filler 3.2.2	Lucom GmbH	01.04.2013	11,4MB	3.2.2
    Free YouTube Download version 3.1.34.823	DVDVideoSoft Ltd.	26.08.2012	84,7MB	3.1.34.823
    Integrated Camera Driver Installer Package Ver.1.2.1.18	RICOH	19.07.2012		1.2.1.18
    Intel(R) Control Center	Intel Corporation	19.07.2012		1.2.1.1007
    Intel(R) Management Engine Components	Intel Corporation	19.07.2012		8.0.3.1427
    Intel(R) OpenCL CPU Runtime	Intel Corporation	03.09.2012		
    Intel(R) Processor Graphics	Intel Corporation	18.05.2013		9.17.10.2843
    Intel(R) USB 3.0 eXtensible Host Controller Driver	Intel Corporation	19.07.2012		1.0.4.220
    Intel(R) WiDi	Intel Corporation	02.09.2012	106MB	3.1.29.0
    Intel® PROSet/Wireless Software	Intel Corporation	01.06.2013	324MB	15.6.1
    Intel® Trusted Connect Service Client	Intel Corporation	19.07.2012	10,6MB	1.23.605.1
    InterVideo WinDVD 8	InterVideo Inc.	01.09.2012	116MB	8.0-B20.121
    iTunes	Apple Inc.	07.10.2012	182MB	10.7.0.21
    Joe	Wirth IT Design	19.02.2013	496KB	4.00.0050
    Lenovo Auto Scroll Utility		01.06.2013		2.00
    Lenovo Graphics Software	Lenovo	19.07.2012	4,00KB	6.1.35401.0
    Lenovo Mobile Access	Lenovo	01.06.2013	7,65MB	3.2.30417.1301
    Lenovo Mobile Broadband Activation	Lenovo Group Limited	01.06.2013	17,2MB	4.2.1003.00
    Lenovo Mouse Suite		19.08.2012		
    Lenovo Patch Utility 64 bit	Lenovo Group Limited	01.06.2013	298KB	1.3.1.1
    Lenovo Power Management Driver		23.01.2013		1.66.00.22
    Lenovo Registration	Lenovo Inc.	19.07.2012	4,13MB	1.0.4
    Lenovo SimpleTap	Lenovo Group Limited	19.07.2012	33,6MB	3.2.0004.00
    Lenovo Solution Center	Lenovo Group Limited	05.05.2013	25,6MB	2.0.020.00
    Lenovo System Update	Lenovo	01.06.2013	12,5MB	5.02.0011
    Lenovo User Guide	Lenovo Group Limited	19.07.2012	606KB	1.0.0009.00
    Lenovo Warranty Information	Lenovo	19.07.2012	861KB	1.0.0005.00
    Lenovo Welcome	Lenovo Group Limited	19.07.2012	9,23MB	3.1.0017.00
    LightScribe System Software  1.14.17.1	LightScribe	18.08.2012	21,0MB	1.14.17.1
    Message Center Plus	Lenovo Group Limited	19.07.2012	3,59MB	3.1.0004.00
    Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	09.12.2011	38,8MB	4.0.30319
    Microsoft .NET Framework 4 Extended	Microsoft Corporation	19.07.2012	51,9MB	4.0.30319
    Microsoft Office Home and Student 2010	Microsoft Corporation	01.06.2013		14.0.6029.1000
    Microsoft redistributable runtime DLLs VS2005 SP1(x86)	SAP	10.09.2012	5,79MB	8.0.50727.4053
    Microsoft redistributable runtime DLLs VS2008 SP1(x86)	SAP AG	10.09.2012	4,62MB	9.0
    Microsoft redistributable runtime DLLs VS2010 SP1 (x86)	SAP	10.09.2012	4,05MB	10.0.40219.1
    Microsoft Silverlight	Microsoft Corporation	14.03.2013	50,6MB	5.1.20125.0
    Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	19.07.2012	1,69MB	3.1.0000
    Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	22.08.2012	298KB	8.0.59193
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	19.07.2012	252KB	9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148	Microsoft Corporation	19.07.2012	784KB	9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	22.08.2012	788KB	9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	19.07.2012	596KB	9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	19.07.2012	592KB	9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	22.08.2012	600KB	9.0.30729.6161
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219	Microsoft Corporation	19.07.2012	13,8MB	10.0.40219
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	19.07.2012	11,1MB	10.0.40219
    Mobile Broadband Drivers	Ericsson AB	02.09.2012		7.1.1.0
    Mozilla Firefox 21.0 (x86 de)	Mozilla	01.06.2013	45,8MB	21.0
    Mozilla Maintenance Service	Mozilla	01.06.2013	333KB	21.0
    Mozilla Thunderbird 17.0.6 (x86 de)	Mozilla	01.06.2013	43,2MB	17.0.6
    MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	20.08.2012	1,27MB	4.20.9870.0
    MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	20.08.2012	1,33MB	4.20.9876.0
    Nero 9	Nero AG	18.08.2012		
    Nikon Message Center	Nikon	18.08.2012	204KB	0.92.000
    Nikon Transfer	Nikon	18.08.2012	48,6MB	1.5.3
    Nokia Connectivity Cable Driver	Nokia	09.03.2013	3,96MB	7.1.101.0
    Nokia PC Suite	Nokia	01.06.2013		7.1.180.94
    Nokia Suite	Nokia	01.06.2013		3.7.22.0
    Notepad++	Notepad++ Team	01.06.2013		6.3.2
    Oracle VM VirtualBox 4.1.20	Oracle Corporation	26.08.2012	139MB	4.1.20
    PC Connectivity Solution	Nokia	09.03.2013	21,2MB	12.0.76.0
    Photoshop Camera Raw_x64		09.12.2011		
    Picture Control Utility	Nikon	18.08.2012	19,5MB	1.1.0
    PMB	Sony Corporation	18.08.2012	260MB	5.2.00.03250
    QuickTime	Apple Inc.	03.09.2012	73,2MB	7.72.80.56
    RapidBoot HDD Accelerator	Lenovo	01.06.2013		1.00.0802
    RapidBoot Shield	Lenovo	19.07.2012	23,3MB	1.21
    Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	01.06.2013		6.0.1.6602
    Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7		19.07.2012		1.00
    RICOH_Media_Driver_v2.14.18.01	RICOH	19.07.2012		2.14.18.01
    SAP GUI for Windows 7.30	SAP	01.06.2013		7.30 Compilation 1
    SAPSetup Automatic Workstation Update Service	SAP AG	01.06.2013		
    Skype™ 5.10	Skype Technologies S.A.	15.09.2012	19,4MB	5.10.116
    Snap.Do	ReSoft Ltd.	01.06.2013	20,4MB	1.6.1.963
    Sophos Anti-Rootkit 1.5.20	Sophos Plc	01.06.2013		1.5.20
    SugarSync Manager	SugarSync, Inc.	01.06.2013		1.9.51.86909
    SureThing CD Labeler 4 SE		01.06.2013		
    Synaptics Pointing Device Driver	Synaptics Incorporated	01.06.2013	46,4MB	16.3.15.1
    ThinkPad Bluetooth with Enhanced Data Rate Software	Broadcom Corporation	01.06.2013	822MB	6.5.1.3800
    ThinkVantage Access Connections	Lenovo	01.06.2013	102MB	6.01
    ThinkVantage Communications Utility	Lenovo	01.06.2013	20,4MB	3.0.42.0
    ThinkVantage Fingerprint Software	Authentec Inc.	18.05.2013	49,0MB	5.9.9.7282
    ThinkVantage GPS	Lenovo	02.09.2012	36,1MB	2.80
    ThinkVantage System für aktiven Festplattenschutz	Lenovo	01.06.2013	20,8MB	1.77.0.11
    VIP Access	VeriSign	19.07.2012	35,8MB	2.0.5.13
    VLC media player 2.1.0-git	VideoLAN	01.09.2012		2.1.0-git
    Välkomna! Vokabeltrainer	Ernst Klett Sprachen GmbH	18.02.2013	56,4MB	1.0
    Windows Live Essentials	Microsoft Corporation	19.07.2012		15.4.3508.1109
    Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	19.07.2012	5,57MB	15.4.5722.2
    Windows-Treiberpaket - Intel (e1cexpress) Net  (01/11/2012 11.15.16.0)	Intel	19.07.2012		01/11/2012 11.15.16.0
    Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020)	Intel	19.07.2012		01/11/2012 9.3.0.1020
    Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011)	Intel	19.07.2012		08/26/2011 9.3.0.1011
    Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011)	Intel	20.07.2012		08/26/2011 9.3.0.1011
    Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011)	Intel	19.07.2012		08/26/2011 9.3.0.1011
    Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20)	Lenovo	19.07.2012		02/29/2012 1.65.05.20
    Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7)	Nokia	08.03.2013		02/25/2011 4.7
    Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9)	Nokia	08.03.2013		02/25/2011 7.01.0.9
    Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)	Nokia	09.03.2013		05/31/2012 7.1.2.0
    Windows-Treiberpaket - Synaptics (SynTP) Mouse  (03/01/2012 16.0.2.0)	Synaptics	19.07.2012		03/01/2012 16.0.2.0
    WinZip	WinZip Computing, Inc.	01.06.2013		 8.1  (4331g)
    x64 Components v3.7.6	Shark007	01.09.2012	69,9MB	3.7.6
    Danke.

  4. #4
    Moderator (global) Team-Mitglied Avatar von kira
    Registriert seit
    28.03.2006
    Ort
    Wien/Sprachen: Deutsch-Ungarisch
    Beiträge
    29.733

    AW: Toolbar deinstallieren

    Systemreinigung und Prüfung:

    ► Wenn Du nun alle Schritte erledigt hast, melde dich mit die gewünschten Ergebnisse zurück!
    Nur bei Probleme stoppen und nachfragen


    1.
    Hast Du in Hosts - C:\Windows\System32\drivers\etc\hosts - eingetragen (also von dir absichtlich)? Wenn ja, warum?:
    O1 - Hosts: ****
    -> So können Sie die Hostdatei auf die Standardeinstellung zurücksetzen.

    2.
    Achtung wichtig!:
    Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
    (Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)



    Fixen mit OTL
    • Starte die OTL.exe.
    • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
    • Kopiere folgendes Skript (unverändert - also beginnend :OTL bis zur letzten Zeile [emptytemp] (ohne "code"!):
    Code:
    :OTL
    PRC - [2013.06.01 17:02:17 | 000,302,961 | ---- | M] () -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
    MOD - [2013.06.01 17:02:17 | 000,302,961 | ---- | M] () -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
    IE - HKLM\..\SearchScopes,DefaultScope = 
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
    IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&q={searchTerms}&installDate=01/06/2013
    IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&q={searchTerms}&installDate=01/06/2013
    IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=hp&installDate=01/06/2013
    IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&q={searchTerms}&installDate=01/06/2013
    IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&q={searchTerms}&installDate=01/06/2013
    IE - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\..\SearchScopes,DefaultScope = 
    FF - prefs.js..keyword.URL: "http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&installDate=01/06/2013&q="
    O4 - HKLM..\Run: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe ()
    O4 - HKU\S-1-5-21-2472223549-3450205605-2806634343-1000..\Run: []  File not found
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [purity]
    [emptytemp]
    • und füge es hier ein:
    • Schließe alle Programme.
    • Klicke auf den Fix Button.
    • Klick auf .
    • OTL verlangt einen Neustart. Bitte zulassen.
    • Nach dem Neustart findest Du ein Textdokument.
      Kopiere den Inhalt hier in Code-Tags in Deinen Thread.


    3.
    Aktualisieren:
    Code:
     Mozilla Thunderbird
    gehe auf "Hilfe"-> "Über Thunderbird"
    Anleitung:-> Einstellungen
    -> Regelmäßig innerhalb von Thunderbird Ordner komprimieren

    4.
    Alle Programme/Fenster schließen
    Öffne CCleaner - Anleitung CCleaner
    • "Cleaner"->"Analysieren"->Klick auf den Button "Start CCleaner"
    • "Registry""Fehler suchen"-> "Fehler beheben"->"Alle beheben"
    • Starte dein System neu auf


    5.
    Tipps - Der Internet Explorer von Microsoft gehört zur Grundausstattung unter Windows, somit wie alle andere installierte Software muss gepflegt werden! Auch bei Nicht-Verwendung!:
    ->Tipps zu Internet Explorer
    -> Standard Suchmaschine des Explorers ändern
    -> Ändern oder Auswählen eines Suchanbieters in Internet Explorer 7/8
    -> Wie kann ich den Cache im Internet Explorer leeren?

    6.
    Vorbereitung

    • Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
    • Bitte während der Online-Scans deaktivieren:
      Anti-Virus-Programm und Firewall.
    • Internet Explorer starten => im Menü unter Extras => Internetoption => Datenschutz => den Haken bei "Popupblocker einschalten" entfernen und
    • unter dem Reiter "Sicherheit" => die Sicherheitsstufe ggfs. auf "Mittelhoch" herabsetzen.
      Nicht vergessen, sie hinterher wieder einzuschalten bzw. die Internetoptionen wie zuvor einzustellen..
    • Während der Online-Scans auf andere Online-Aktivitäten verzichten.
    • Du musst das Herunterladen und Installieren von ActiveX-Steuerelementen (Controls) zulassen.


    • .


    Den PC NUR online scannen und NICHT ein zweites Antivirenprogramm installieren!!!

    • Eset Online Scanner (NOD32)
      • Unterstützte Betriebssysteme: Microsoft Windows 7 - Vista - XP - 2000 - NT.
      • Anmerkung für Vista und Windows 7-User: Bitte den Browser unbedingt als Administrator starten.
      • Dein Anti-Virus-Programm während des Scans deaktivieren.
      • Button "ESET Online Scanner" drücken.
      • IE-User müssen das Installieren eines ActiveX Elements erlauben.
      • Einen Haken bei "YES, I accept the Terms of Use." machen und auf den Button "Start" drücken.
      • Einen Haken bei "Remove found threads" und "Scan archives" machen.
      • Start drücken.
      • Signaturen werden heruntergeladen.
      • Der Scan beginnt automatisch.
      • Wenn fertig, das Protokoll speichern und mir posten.
        -> List of found threats
        -> Export to text file
        -> Back
        -> Delete quarantäne files
      • Finish drücken.
      • Browser schließen.
      • Deinstallation nachdem das Protokoll mir gepostet hast: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
      • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

    ► Eset Online Scanner (NOD32) Anleitung

    7.
    Adware suchen mit adwCleaner

    • Lade Dir bitte AdwCleaner auf deinen Desktop herunter.
      .

      .
    • Starte die adwcleaner.exe mit einem Doppelklick.
    • Klicke auf Suche.
    • Nach Ende des Suchlaufs oeffnet sich eine Textdatei.
    • Poste mir den Inhalt mit deiner naechsten Antwort.
    • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
    Geändert von kira (02.06.2013 um 16:29 Uhr)
    Warnung!:
    Vorsicht bei Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einem Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!

    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
    Bitte diese Warnung weitergeben, wo Du nur kannst!

  5. #5
    Vielschreiber
    Registriert seit
    14.06.2006
    Beiträge
    326

    AW: Toolbar deinstallieren

    Punkt 1

    bitte pn lesen

    Punkt 2

    Code:
    All processes killed
    ========== OTL ==========
    No active process named HOSTS_Anti-Adware_main.exe was found!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
    HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
    HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
    HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
    HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
    HKU\S-1-5-21-2472223549-3450205605-2806634343-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
    HKEY_USERS\S-1-5-21-2472223549-3450205605-2806634343-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Prefs.js: "http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f08996ac-c7b4-4004-9630-ba08fb70df3c&searchtype=ds&installDate=01/06/2013&q=" removed from keyword.URL
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HOSTS Anti-Adware_PUPs deleted successfully.
    C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe moved successfully.
    Registry value HKEY_USERS\S-1-5-21-2472223549-3450205605-2806634343-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows-IP-Konfiguration
    Der DNS-Aufl”sungscache wurde geleert.
    C:\Users\***\Desktop\cmd.bat deleted successfully.
    C:\Users\***\Desktop\cmd.txt deleted successfully.
    ========== COMMANDS ==========
     
    [EMPTYTEMP]
     
    User: All Users
     
    User: Beamer
    ->Temp folder emptied: 40155536 bytes
    ->Temporary Internet Files folder emptied: 76946602 bytes
    ->FireFox cache emptied: 3591057 bytes
    ->Flash cache emptied: 58709 bytes
     
    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 57472 bytes
     
    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes
     
    User: Public
     
    User: ***
    ->Temp folder emptied: 187747220 bytes
    ->Temporary Internet Files folder emptied: 1629267 bytes
    ->FireFox cache emptied: 128603625 bytes
    ->Flash cache emptied: 58027 bytes
     
    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 44576 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 134204 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 66885 bytes
    RecycleBin emptied: 0 bytes
     
    Total Files Cleaned = 419,00 mb
     
     
    OTL by OldTimer - Version 3.2.69.0 log created on 06022013_102927
    
    Files\Folders moved on Reboot...
    C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    
    PendingFileRenameOperations files...
    
    Registry entries deleted on Reboot...
    Mache mich dann an die anderen Punkte, danke.
    Geändert von tigerbine (02.06.2013 um 18:17 Uhr)

  6. #6
    Vielschreiber
    Registriert seit
    14.06.2006
    Beiträge
    326

    AW: Toolbar deinstallieren

    CCleaner: Bis auf diesen liesen sich alle Fehler beheben.

    Code:
    Ungenutzte Datei-Endungen	{80b8c23c-16e0-4cd8-bbc3-cecec9a78b79}	HKCR\{80b8c23c-16e0-4cd8-bbc3-cecec9a78b79}
    Eset:

    Code:
    ohne Befund
    AdwCleaner.
    Code:
    # AdwCleaner v2.301 - Datei am 02/06/2013 um 17:49:25 erstellt
    # Aktualisiert am 16/05/2013 von Xplode
    # Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
    # Benutzer : *** - ***-***
    # Bootmodus : Normal
    # Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
    # Option [Suche]
    
    
    **** [Dienste] ****
    
    
    ***** [Dateien / Ordner] *****
    
    
    ***** [Registrierungsdatenbank] *****
    
    
    ***** [Internet Browser] *****
    
    -\\ Internet Explorer v9.0.8112.16483
    
    [OK] Die Registrierungsdatenbank ist sauber.
    
    -\\ Mozilla Firefox v21.0 (de)
    
    Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jnrp5q9p.default\prefs.js
    
    [OK] Die Datei ist sauber.
    
    Datei : C:\Users\Beamer\AppData\Roaming\Mozilla\Firefox\Profiles\s24rkj85.default\prefs.js
    
    [OK] Die Datei ist sauber.
    
    *************************
    
    AdwCleaner[R2].txt - [2898 octets] - [10/02/2013 19:59:35]
    AdwCleaner[R3].txt - [2956 octets] - [10/02/2013 20:01:08]
    AdwCleaner[R4].txt - [984 octets] - [02/06/2013 17:49:25]
    AdwCleaner[S2].txt - [2995 octets] - [10/02/2013 20:01:33]
    AdwCleaner[S3].txt - [4300 octets] - [01/06/2013 15:33:05]
    AdwCleaner[S4].txt - [1244 octets] - [01/06/2013 17:07:57]
    
    ########## EOF - C:\AdwCleaner[R4].txt - [1223 octets] ##########

  7. #7
    Moderator (global) Team-Mitglied Avatar von kira
    Registriert seit
    28.03.2006
    Ort
    Wien/Sprachen: Deutsch-Ungarisch
    Beiträge
    29.733

    AW: Toolbar deinstallieren

    Zitat Zitat von tigerbine Beitrag anzeigen
    nach einem Download bei chip.de hatte ich eine Toolbar (nicht über haken, ggf. in den Nutzungsbedingungen? ...)
    Leider oft tragen sich "ungebetene Gäste (Erweiterungen wie Toolbars, Pluggins, Start- und Suchseite) direkt in die Suchleiste, Startseite und unter Erweiterungen ein" und sie können schon wirklich lästig sein... meistens aus Unwissenheit oder Ignoranz wird mitinstalliert, manche davon gehört sogar zur gefährlichsten Art der Adware , oder auch zum eine "Foistware-Gruppe".
    Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
    Während der Installation die Lizenzbestimmungen IMMER lesen, und nicht sofort überall den Haken setzen bzw gesetzten Haken belassen, weil damit stimmt man nämlich zu, dass andere "Fremdprogramm", oder sogar Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert.

    In diese Kategorie gehören noch einige, wie z.B: -> Unerwünschte Toolbars
    Was zu tun nach/während jedem Download aus dem Internet?:
    • In der Systemsteuerung unter Software/Programme kontrollieren - ob sich ungewollte Toolbar, Programm, etc) eingeschlichen hat?
    • Im Browser - unter Erweiterungen (Extras -> Erweiterungen) nachschauen, ob ganz bewusst und gewollt installiert?
    • Browser-Start/Suchseite - die aktuelle Webseite als Startseite, Suchanbieter von dir festgelegt wurden?
    hast Du das richtige Logdatei von adwCleaner gepostet? hat nichts gefunden?
    Warnung!:
    Vorsicht bei Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einem Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!

    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
    Bitte diese Warnung weitergeben, wo Du nur kannst!

  8. #8
    Vielschreiber
    Registriert seit
    14.06.2006
    Beiträge
    326

    AW: Toolbar deinstallieren

    direkt nach dem Vorfall habe ich selbst versucht die Toolbar zu entfernen. Aus dem Firefox. Auch Adware hatte ich schon mal laufen lassen. Hier die logs.

    Code:
    # AdwCleaner v2.301 - Datei am 01/06/2013 um 15:33:05 erstellt
    # Aktualisiert am 16/05/2013 von Xplode
    # Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
    # Benutzer : ****** - ******-***
    # Bootmodus : Normal
    # Ausgeführt unter : C:\Users\******\Downloads\adwcleaner.exe
    # Option [Löschen]
    
    
    **** [Dienste] ****
    
    
    ***** [Dateien / Ordner] *****
    
    Datei Gelöscht : C:\Users\Beamer\AppData\Roaming\Mozilla\Firefox\Profiles\s24rkj85.default\searchplugins\Web Search.xml
    Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
    Ordner Gelöscht : C:\Users\***AD~1\AppData\Local\Temp\Smartbar
    
    ***** [Registrierungsdatenbank] *****
    
    Schlüssel Gelöscht : HKCU\Software\SmartbarLog
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.BHO
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
    Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
    Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
    Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
    Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
    Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    
    ***** [Internet Browser] *****
    
    -\\ Internet Explorer v9.0.8112.16483
    
    [OK] Die Registrierungsdatenbank ist sauber.
    
    -\\ Mozilla Firefox v21.0 (de)
    
    Datei : C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\jnrp5q9p.default\prefs.js
    
    [OK] Die Datei ist sauber.
    
    Datei : C:\Users\Beamer\AppData\Roaming\Mozilla\Firefox\Profiles\s24rkj85.default\prefs.js
    
    Gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
    
    *************************
    
    AdwCleaner[R2].txt - [2898 octets] - [10/02/2013 19:59:35]
    AdwCleaner[R3].txt - [2956 octets] - [10/02/2013 20:01:08]
    AdwCleaner[S2].txt - [2995 octets] - [10/02/2013 20:01:33]
    AdwCleaner[S3].txt - [4193 octets] - [01/06/2013 15:33:05]
    
    ########## EOF - C:\AdwCleaner[S3].txt - [4253 octets] ##########
    Code:
    # AdwCleaner v2.301 - Datei am 01/06/2013 um 17:07:57 erstellt
    # Aktualisiert am 16/05/2013 von Xplode
    # Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
    # Benutzer : ****** - ******-***
    # Bootmodus : Normal
    # Ausgeführt unter : C:\Users\******\Desktop\Security\adwcleaner.exe
    # Option [Löschen]
    
    
    **** [Dienste] ****
    
    
    ***** [Dateien / Ordner] *****
    
    
    ***** [Registrierungsdatenbank] *****
    
    
    ***** [Internet Browser] *****
    
    -\\ Internet Explorer v9.0.8112.16483
    
    [OK] Die Registrierungsdatenbank ist sauber.
    
    -\\ Mozilla Firefox v21.0 (de)
    
    Datei : C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\jnrp5q9p.default\prefs.js
    
    [OK] Die Datei ist sauber.
    
    Datei : C:\Users\Beamer\AppData\Roaming\Mozilla\Firefox\Profiles\s24rkj85.default\prefs.js
    
    [OK] Die Datei ist sauber.
    
    *************************
    
    AdwCleaner[R2].txt - [2898 octets] - [10/02/2013 19:59:35]
    AdwCleaner[R3].txt - [2956 octets] - [10/02/2013 20:01:08]
    AdwCleaner[S2].txt - [2995 octets] - [10/02/2013 20:01:33]
    AdwCleaner[S3].txt - [4300 octets] - [01/06/2013 15:33:05]
    AdwCleaner[S4].txt - [1115 octets] - [01/06/2013 17:07:57]
    
    ########## EOF - C:\AdwCleaner[S4].txt - [1175 octets] ##########

  9. #9
    Moderator (global) Team-Mitglied Avatar von kira
    Registriert seit
    28.03.2006
    Ort
    Wien/Sprachen: Deutsch-Ungarisch
    Beiträge
    29.733

    AW: Toolbar deinstallieren

    erneut einen Scan mit OTL: - ältere Logdateien löschen!
    • Doppelklick auf die OTL.exe
    • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
    • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
    • Unter Extra Registry, wähle bitte Use SafeList
    • Mache Häckchen bei LOP- und Purity-Prüfung.
    • Klicke nun auf Run Scan links oben
    • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und extra.txt
    • Poste die Logfiles in Code-Tags hier in den Thread.


    ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
    Warnung!:
    Vorsicht bei Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einem Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!

    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
    Bitte diese Warnung weitergeben, wo Du nur kannst!

  10. #10
    Vielschreiber
    Registriert seit
    14.06.2006
    Beiträge
    326

    AW: Toolbar deinstallieren

    Code:
    OTL logfile created on: 03.06.2013 13:27:49 - Run 2
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\******\Desktop
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    15,70 Gb Total Physical Memory | 13,40 Gb Available Physical Memory | 85,36% Memory free
    31,40 Gb Paging File | 28,86 Gb Available in Paging File | 91,90% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 450,62 Gb Total Space | 347,59 Gb Free Space | 77,13% Space Free | Partition Type: NTFS
    Drive Q: | 13,67 Gb Total Space | 2,89 Gb Free Space | 21,17% Space Free | Partition Type: NTFS
     
    Computer Name: ******-*** | User Name: ****** | Logged in as ***istrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - C:\Users\******\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
    PRC - C:\Program Files (x86)\***Pad\Utilities\PWMDBSVC.EXE (Lenovo)
    PRC - C:\PROGRA~2\***Pad\UTILIT~1\SCHTASK.exe (Lenovo Group Limited)
    PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)
    PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
    PRC - C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
    PRC - C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe (Lenovo)
    PRC - C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe (Macheen)
    PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
    PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
    PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Lenovo)
    PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo)
    PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe (Lenovo)
    PRC - C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Lenovo)
    PRC - C:\ProgramData\Lenovo\G12\MemMonG12.exe (Lenovo)
    PRC - C:\Programme\Lenovo\Communications Utility\vcamsvc.exe (Lenovo Group Limited)
    PRC - C:\Programme\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
    PRC - C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited)
    PRC - C:\Programme\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited)
    PRC - C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe (Data Perceptions / PowerProgrammer)
    PRC - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
    PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
    PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
    PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
    PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
    PRC - C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe (SAP AG)
    PRC - C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe (Lenovo)
    PRC - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Symantec Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe (Ericsson AB)
    PRC - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe (Lenovo)
    PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
    PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
    PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll ()
    MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
     
     
    ========== Services (SafeList) ==========
     
    SRV:64bit: - (IBMPMSVC) -- C:\Windows\SysNative\ibmpmsvc.exe (Lenovo.)
    SRV:64bit: - (TPHDEXLGSVC) -- C:\Windows\SysNative\TPHDEXLG64.exe (Lenovo.)
    SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
    SRV - (HOSTS Anti-PUPs) -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe ()
    SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (Power Manager DBC Service) -- C:\Program Files (x86)\***Pad\Utilities\PWMDBSVC.EXE (Lenovo)
    SRV - (PwmEWSvc) -- C:\Program Files (x86)\***Pad\Utilities\PWMEWSVC.EXE (Lenovo Group Limited)
    SRV - (DozeSvc) -- C:\Program Files (x86)\***Pad\Utilities\DZSVC64.EXE (Lenovo.)
    SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
    SRV - (LENOVO.MICMUTE) -- C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
    SRV - (TPHKLOAD) -- C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited)
    SRV - (MacheenService) -- C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe (Macheen)
    SRV - (SUService) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe ()
    SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
    SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
    SRV - (AcSvc) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Lenovo)
    SRV - (AcPrfMgrSvc) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo)
    SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
    SRV - (ZeroConfigService) -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
    SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe ()
    SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
    SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
    SRV - (LENOVO.TVTVCAM) -- C:\Programme\Lenovo\Communications Utility\vcamsvc.exe (Lenovo Group Limited)
    SRV - (LENOVO.TPKNRSVC) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited)
    SRV - (LENOVO.CAMMUTE) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited)
    SRV - (btwdins) -- C:\Programme\***Pad\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
    SRV - (WebUpdate4) -- C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe (Data Perceptions / PowerProgrammer)
    SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
    SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
    SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
    SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
    SRV - (Lenovo.VIRTSCRLSVC) -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe (Lenovo Group Limited)
    SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
    SRV - (NWSAPAutoWorkstationUpdateSvc) -- C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe (SAP AG)
    SRV - (HyperW7Svc) -- C:\Programme\Lenovo\RapidBoot\HyperW7Svc64.exe (Lenovo Group Limited)
    SRV - (VIPAppService) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Symantec Corporation)
    SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
    SRV - (WMCoreService) -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe (Ericsson AB)
    SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
    SRV - (FastbootService) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe (Lenovo)
    SRV - (DisplayLinkService) -- C:\Programme\DisplayLink Core Software\DisplayLinkManager.exe (DisplayLink Corp.)
    SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
    SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
    SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
    SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
    SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - (DzHDD64) -- C:\Windows\SysNative\drivers\DZHDD64.SYS (Lenovo.)
    DRV:64bit: - (TPPWRIF) -- C:\Windows\SysNative\drivers\TPPWR64V.SYS (Lenovo Group Limited)
    DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
    DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
    DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
    DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
    DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
    DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\Netwsw00.sys (Intel Corporation)
    DRV:64bit: - (IBMPMDRV) -- C:\Windows\SysNative\drivers\ibmpmdrv.sys (Lenovo.)
    DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
    DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
    DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\drivers\bcbtums.sys (Broadcom Corporation.)
    DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
    DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
    DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
    DRV:64bit: - (cmnsusbser) -- C:\Windows\SysNative\drivers\cmnsusbser.sys (Mobile Connector)
    DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
    DRV:64bit: - (tdrpman273) -- C:\Windows\SysNative\drivers\tdrpm273.sys (Acronis)
    DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
    DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
    DRV:64bit: - (Shockprf) -- C:\Windows\SysNative\drivers\ApsX64.sys (Lenovo.)
    DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
    DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
    DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
    DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
    DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
    DRV:64bit: - (5U877) -- C:\Windows\SysNative\drivers\5U877.sys (Ricoh co.,Ltd.)
    DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
    DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
    DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
    DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
    DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
    DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
    DRV:64bit: - (l36wgps) -- C:\Windows\SysNative\drivers\l36wgps64.sys (Ericsson AB)
    DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
    DRV:64bit: - (TPDIGIMN) -- C:\Windows\SysNative\drivers\ApsHM64.sys (Lenovo.)
    DRV:64bit: - (psadd) -- C:\Windows\SysNative\drivers\psadd.sys (Lenovo Information Product(ShenZhen China) Inc.)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (tvtvcamd) -- C:\Windows\SysNative\drivers\tvtvcamd.sys (***Vantage Communications Utility)
    DRV:64bit: - (WwanUsbServ) -- C:\Windows\SysNative\drivers\WwanUsbMp64.sys (Ericsson AB)
    DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
    DRV:64bit: - (ecnssndisfltr) -- C:\Windows\SysNative\drivers\wwussf64.sys (Ericsson AB)
    DRV:64bit: - (ecnssndis) -- C:\Windows\SysNative\drivers\wwuss64.sys (Ericsson AB)
    DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
    DRV:64bit: - (Mbm3Mdm) -- C:\Windows\SysNative\drivers\Mbm3Mdm.sys (MCCI Corporation)
    DRV:64bit: - (Mbm3DevMt) -- C:\Windows\SysNative\drivers\Mbm3DevMt.sys (MCCI Corporation)
    DRV:64bit: - (Mbm3mdfl) -- C:\Windows\SysNative\drivers\Mbm3mdfl.sys (MCCI Corporation)
    DRV:64bit: - (Mbm3CBus) -- C:\Windows\SysNative\drivers\Mbm3CBus.sys (MCCI Corporation)
    DRV:64bit: - (TVTI2C) -- C:\Windows\SysNative\drivers\tvti2c.sys (Lenovo Information Product(ShenZhen China) Inc.)
    DRV:64bit: - (risdxc) -- C:\Windows\SysNative\drivers\risdxc64.sys (REDC)
    DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
    DRV:64bit: - (pelmoubt) -- C:\Windows\SysNative\drivers\PELMOUBT.SYS (Primax Electronics Ltd.)
    DRV:64bit: - (pelbtm) -- C:\Windows\SysNative\drivers\PELBTM.SYS (Primax Electronics Ltd.)
    DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\drivers\SSPORT.sys (Samsung Electronics)
    DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo)
    DRV - (PHCORE) -- C:\Programme\Lenovo\RapidBoot\PHCORE64.sys (Lenovo Group Limited)
    DRV - (smihlp) -- C:\Programme\***Vantage Fingerprint Software\smihlp.sys (Authentec Inc.)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
    DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = 
     
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = 
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA 28 1C 2A 95 5F CE 01  [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "about:home"
    FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.9.5
    FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.2
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
    FF - user.js - File not found
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
     
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP1X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2013.03.04 19:56:04 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.08.20 00:39:13 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP2X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2013.03.04 19:56:04 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.25 16:42:11 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.25 16:42:08 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.20 19:22:29 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.05.20 19:22:30 | 000,000,000 | ---D | M]
     
    [2012.08.18 17:32:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Extensions
    [2013.06.01 15:21:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\jnrp5q9p.default\extensions
    [2013.05.18 10:48:09 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\jnrp5q9p.default\extensions\firefox@ghostery.com
    [2012.08.18 17:38:49 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\******\AppData\Roaming\mozilla\firefox\profiles\jnrp5q9p.default\extensions\elemhidehelper@adblockplus.org.xpi
    [2013.05.25 16:14:57 | 000,534,261 | ---- | M] () (No name found) -- C:\Users\******\AppData\Roaming\mozilla\firefox\profiles\jnrp5q9p.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
    [2012.12.12 23:24:02 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\******\AppData\Roaming\mozilla\firefox\profiles\jnrp5q9p.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
    [2013.05.25 16:42:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
    [2013.05.25 16:42:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
     
    O1 HOSTS File: ([2013.05.06 18:30:31 | 000,000,863 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: ***
    O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
    O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
    O4:64bit: - HKLM..\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Programme\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
    O4:64bit: - HKLM..\Run: [Mouse Suite 98 Daemon] C:\Windows\SysNative\ico.exe (Primax Electronics Ltd.)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [ResetACGauge] C:\Program Files (x86)\Lenovo\Access Connections\smbhlpr.exe (Lenovo)
    O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
    O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
    O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
    O4 - HKLM..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe (Lenovo)
    O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
    O4 - HKLM..\Run: [MemMonG12] C:\ProgramData\Lenovo\G12\MemMonG12.exe (Lenovo)
    O4 - HKLM..\Run: [MobileAccess] C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe (Lenovo)
    O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\***Pad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found
    O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
    O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehavior*** = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
    O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
    O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
    O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
    O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
    O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
    O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Free YouTube Download - C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
    O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
    O16 - DPF: {A6616B31-4860-41E2-98E3-CA7649AF172F} file:///D:/launch.ocx (Launch Control)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD58A476-2D14-416F-ADB0-434DC232BE90}: NameServer = 139.7.30.126 139.7.30.125
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF3E438A-458F-4851-B448-8FDA3E82FDD6}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\saphtmlp - No CLSID value found
    O18:64bit: - Protocol\Handler\sapr3 - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
    O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\***Vantage Fingerprint Software\psqlpwd.dll) - C:\Programme\***Vantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - Unable to obtain root file information for disk Q:\
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2013.06.02 10:29:27 | 000,000,000 | ---D | C] -- C:\_OTL
    [2013.06.01 18:13:36 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\Scan1-010613
    [2013.06.01 17:14:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe
    [2013.06.01 17:02:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
    [2013.06.01 16:05:01 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Local\Evernote
    [2013.06.01 15:24:59 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2013.06.01 15:24:56 | 000,000,000 | ---D | C] -- C:\JRT
    [2013.06.01 15:16:30 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\DAEMON Tools Lite
    [2013.06.01 15:15:31 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
    [2013.06.01 12:11:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
    [2013.06.01 12:11:34 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
    [2013.06.01 12:11:34 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
    [2013.06.01 12:11:34 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
    [2013.06.01 12:11:34 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
    [2013.06.01 12:11:34 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
    [2013.06.01 12:11:34 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
    [2013.06.01 12:11:34 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
    [2013.06.01 12:11:34 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
    [2013.06.01 12:11:31 | 000,220,776 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
    [2013.06.01 12:11:30 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
    [2013.06.01 12:11:30 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
    [2013.06.01 12:11:30 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
    [2013.06.01 12:11:30 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
    [2013.06.01 12:11:29 | 002,670,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
    [2013.06.01 12:11:29 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
    [2013.06.01 12:11:29 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
    [2013.06.01 12:11:27 | 003,608,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
    [2013.06.01 12:11:27 | 000,824,424 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
    [2013.06.01 12:11:27 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
    [2013.06.01 12:11:27 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
    [2013.06.01 12:11:27 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
    [2013.06.01 12:11:27 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
    [2013.06.01 12:11:27 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
    [2013.06.01 12:11:26 | 001,251,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
    [2013.06.01 12:11:26 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
    [2013.06.01 12:11:25 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
    [2013.06.01 12:11:25 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
    [2013.06.01 12:11:24 | 002,886,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
    [2013.06.01 12:11:24 | 000,102,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
    [2013.06.01 12:11:23 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
    [2013.06.01 12:11:23 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
    [2013.06.01 12:11:23 | 000,137,056 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
    [2013.06.01 12:11:23 | 000,120,160 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
    [2013.06.01 12:11:23 | 000,075,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
    [2013.06.01 12:11:17 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
    [2013.06.01 12:11:05 | 002,528,832 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
    [2013.06.01 12:11:05 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
    [2013.06.01 12:11:05 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
    [2013.06.01 12:11:05 | 000,537,456 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
    [2013.06.01 12:11:05 | 000,524,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
    [2013.06.01 12:11:05 | 000,449,392 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
    [2013.06.01 12:11:04 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
    [2013.06.01 12:11:04 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
    [2013.06.01 12:11:04 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
    [2013.06.01 12:11:04 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
    [2013.06.01 12:11:03 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
    [2013.06.01 12:11:03 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
    [2013.06.01 12:11:03 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
    [2013.06.01 12:11:03 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
    [2013.06.01 12:11:03 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
    [2013.06.01 12:11:03 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
    [2013.06.01 12:11:01 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
    [2013.06.01 12:11:01 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
    [2013.06.01 11:59:38 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\Synaptics
    [2013.06.01 11:36:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Mobile Access
    [2013.06.01 11:36:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CompanyDir
    [2013.06.01 11:33:25 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Local\MobileAccess
    [2013.06.01 01:01:51 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
    [2013.06.01 01:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
    [2013.06.01 01:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel.sav
    [2013.06.01 01:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
    [2013.06.01 00:59:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MacheenService
    [2013.06.01 00:52:59 | 000,210,984 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys
    [2013.06.01 00:52:59 | 000,184,144 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys
    [2013.06.01 00:52:59 | 000,039,976 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys
    [2013.06.01 00:52:59 | 000,021,544 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys
    [2013.05.25 16:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2013.05.20 19:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
    [2013.05.18 11:03:37 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
    [2013.05.18 11:03:37 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
    [2013.05.18 11:03:37 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
    [2013.05.18 11:03:37 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
    [2013.05.18 11:03:36 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
    [2013.05.18 11:03:36 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
    [2013.05.18 11:03:32 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
    [2013.05.18 11:03:32 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
    [2013.05.18 11:03:32 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
    [2013.05.18 11:03:32 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    [2013.05.18 11:03:32 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
    [2013.05.18 11:03:32 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    [2013.05.18 11:03:32 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    [2013.05.18 11:03:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    [2013.05.18 11:03:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
    [2013.05.18 11:03:32 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    [2013.05.18 11:03:32 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
    [2013.05.18 11:03:31 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
    [2013.05.18 11:03:31 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
    [2013.05.18 11:03:31 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
    [2013.05.18 11:03:31 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
    [2013.05.18 11:03:31 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
    [2013.05.18 11:03:31 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
    [2013.05.18 11:03:31 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
    [2013.05.18 11:03:31 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
    [2013.05.18 11:03:31 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
    [2013.05.18 11:03:31 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
    [2013.05.18 11:03:31 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
    [2013.05.18 11:03:31 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
    [2013.05.18 11:03:31 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
    [2013.05.18 11:03:31 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
    [2013.05.18 11:03:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    [2013.05.18 11:03:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    [2013.05.18 11:03:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
    [2013.05.18 11:03:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
    [2013.05.18 11:03:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
    [2013.05.18 11:03:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
    [2013.05.18 11:03:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
    [2013.05.18 11:03:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
    [2013.05.18 11:03:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
    [2013.05.18 11:03:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
    [2013.05.18 11:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SPBA
    [2013.05.17 07:56:47 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2013.05.17 07:56:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2013.05.17 07:56:46 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2013.05.17 07:56:46 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2013.05.17 07:56:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2013.05.17 07:56:46 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2013.05.17 07:56:46 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2013.05.17 07:56:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2013.05.17 07:56:45 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2013.05.17 07:56:45 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2013.05.17 07:56:45 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2013.05.17 07:56:45 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2013.05.17 07:56:44 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2013.05.17 07:56:44 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2013.05.17 07:56:44 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2013.05.17 07:51:11 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
    [2013.05.17 07:51:11 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
    [2013.05.17 07:50:44 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
    [2013.05.17 07:50:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
    [2013.05.17 07:50:43 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
    [2013.05.17 07:50:43 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
    [2013.05.17 07:50:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
    [2013.05.07 22:32:46 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
    [2013.05.05 19:25:20 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\LSC
     
    ========== Files - Modified Within 30 Days ==========
     
    [2013.06.03 13:32:02 | 000,034,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013.06.03 13:32:02 | 000,034,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013.06.03 13:31:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013.06.03 13:29:31 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013.06.03 13:29:31 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
    [2013.06.03 13:29:31 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013.06.03 13:29:31 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
    [2013.06.03 13:29:31 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013.06.03 13:24:31 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
    [2013.06.03 13:23:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013.06.03 13:23:45 | 4055,732,222 | -HS- | M] () -- C:\hiberfil.sys
    [2013.06.02 15:27:32 | 000,000,227 | ---- | M] () -- C:\ProgramData\LastUpdate.xml
    [2013.06.02 15:27:31 | 000,000,031 | ---- | M] () -- C:\Windows\WebUpdateSvc4.INI
    [2013.06.01 17:14:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe
    [2013.06.01 01:20:37 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
    [2013.06.01 00:54:40 | 000,000,890 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
    [2013.05.17 23:36:44 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2013.05.17 23:36:44 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2013.05.17 11:05:22 | 002,974,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013.05.07 22:32:36 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
    [2013.05.06 19:22:13 | 000,002,048 | ---- | M] () -- C:\Users\******\Desktop\Adobe Acrobat 7.0 Standard.lnk
    [2013.05.06 19:22:10 | 000,002,030 | ---- | M] () -- C:\Users\******\Desktop\Adobe Reader XI.lnk
    [2013.05.06 19:21:57 | 000,001,087 | ---- | M] () -- C:\Users\******\Desktop\Oracle VM VirtualBox.lnk
    [2013.05.06 18:56:51 | 000,001,254 | ---- | M] () -- C:\Users\******\Desktop\Välkomna! Vokabeltrainer.lnk
    [2013.05.05 13:39:20 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLbx.DAT
    [1 C:\Windows\SysNative\drivers\UMDF\*.tmp files -> C:\Windows\SysNative\drivers\UMDF\*.tmp -> ]
     
    ========== Files Created - No Company Name ==========
     
    [2013.06.01 12:11:25 | 000,272,629 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
    [2013.06.01 11:35:53 | 000,000,227 | ---- | C] () -- C:\ProgramData\LastUpdate.xml
    [2013.06.01 11:35:52 | 000,000,031 | ---- | C] () -- C:\Windows\WebUpdateSvc4.INI
    [2013.06.01 01:20:37 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
    [2013.06.01 00:59:47 | 000,002,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Mobile Access.lnk
    [2013.05.12 14:56:08 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
    [2013.05.06 19:22:13 | 000,002,048 | ---- | C] () -- C:\Users\******\Desktop\Adobe Acrobat 7.0 Standard.lnk
    [2013.05.06 19:22:10 | 000,002,030 | ---- | C] () -- C:\Users\******\Desktop\Adobe Reader XI.lnk
    [2013.05.06 19:21:57 | 000,001,087 | ---- | C] () -- C:\Users\******\Desktop\Oracle VM VirtualBox.lnk
    [2013.05.06 18:56:51 | 000,001,254 | ---- | C] () -- C:\Users\******\Desktop\Välkomna! Vokabeltrainer.lnk
    [2013.02.19 20:35:12 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
    [2013.02.19 20:35:12 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
    [2013.02.19 20:34:56 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
    [2012.09.10 21:23:21 | 001,064,960 | ---- | C] () -- C:\Windows\SysWow64\h5krnl32.dll
    [2012.09.10 21:23:21 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\h5menu32.dll
    [2012.09.10 21:23:21 | 000,095,744 | ---- | C] () -- C:\Windows\SysWow64\h5rtf32.dll
    [2012.09.10 21:23:21 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\h5tool32.dll
    [2012.09.10 21:23:20 | 000,188,928 | ---- | C] () -- C:\Windows\SysWow64\h5icon32.dll
    [2012.08.19 02:47:29 | 000,035,404 | R--- | C] () -- C:\Windows\ConnectionProfiles.dat
    [2012.08.19 01:22:03 | 000,039,095 | ---- | C] () -- C:\Windows\iccsigs.dat
    [2012.08.19 01:22:02 | 000,112,688 | ---- | C] () -- C:\Windows\SysWow64\shw32.dll
    [2012.08.18 23:14:19 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Hybrid Basic
    [2012.08.18 23:14:19 | 000,000,268 | RH-- | C] () -- C:\Users\******\AppData\Roaming\Home
    [2012.08.18 23:04:36 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Commands
    [2012.08.18 23:04:36 | 000,000,268 | RH-- | C] () -- C:\Users\******\AppData\Roaming\ColorTable
    [2012.08.18 23:04:36 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
    [2012.08.18 22:54:56 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
    [2012.08.18 16:53:44 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat
    [2012.07.19 19:15:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
    [2012.07.19 19:15:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll
    [2012.07.19 19:15:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
    [2012.07.19 19:13:39 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
    [2012.07.19 19:13:38 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
    [2012.07.19 19:06:42 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
     
    ========== ZeroAccess Check ==========
     
    [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
     
    ========== LOP Check ==========
     
    [2012.08.19 03:10:41 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Acronis
    [2012.10.07 14:38:00 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Amazon
    [2013.06.01 15:17:53 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DAEMON Tools Lite
    [2012.08.26 23:11:17 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DVDVideoSoft
    [2013.02.09 13:43:16 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\FileZilla
    [2012.09.01 21:24:03 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\InterVideo
    [2012.08.18 17:09:36 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Leadertech
    [2013.02.09 00:00:52 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Lenovo
    [2013.05.05 19:25:20 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\LSC
    [2012.08.18 23:14:23 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Nikon
    [2013.05.13 11:55:08 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Nokia
    [2013.03.09 19:32:59 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Nokia Suite
    [2013.04.27 12:10:45 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Notepad++
    [2013.03.08 18:04:46 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\PC Suite
    [2012.08.18 17:17:27 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\PwrMgr
    [2013.05.25 16:33:09 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\SAP
    [2012.09.01 20:36:43 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Shark007
    [2013.06.01 11:59:38 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Synaptics
    [2012.08.18 18:03:53 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Thunderbird
     
    ========== Purity Check ==========
     
     
    
    < End of report >
    Code:
    OTL Extras logfile created on: 03.06.2013 13:27:49 - Run 2
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\******\Desktop
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    15,70 Gb Total Physical Memory | 13,40 Gb Available Physical Memory | 85,36% Memory free
    31,40 Gb Paging File | 28,86 Gb Available in Paging File | 91,90% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 450,62 Gb Total Space | 347,59 Gb Free Space | 77,13% Space Free | Partition Type: NTFS
    Drive Q: | 13,67 Gb Total Space | 2,89 Gb Free Space | 21,17% Space Free | Partition Type: NTFS
     
    Computer Name: ******-*** | User Name: ****** | Logged in as ***istrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Extra Registry (SafeList) ==========
     
     
    ========== File Associations ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = ChromeHTML] -- Reg Error: Key error. File not found
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found
     
    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
     
    ========== Shell Spawning ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    http [open] -- Reg Error: Key error.
    https [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    http [open] -- Reg Error: Key error.
    https [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    ========== Security Center Settings ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
     
    ========== Firewall Settings ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
     
    ========== Authorized Applications List ==========
     
     
    ========== Vista Active Open Ports Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{70D9EDA0-D3AB-429D-992D-02771B5007A9}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
    "{F8770F31-D6A8-4BF4-B612-338066D80871}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
    "{FC653B5C-6913-4068-92CD-A0F51F830154}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
     
    ========== Vista Active Application Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{15E922B4-E91A-44BA-975D-3835722D5CA2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
    "{17FB4784-615C-41DB-B696-C51544B7D14F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
    "{2BE9130D-85E6-4CAB-8CCE-1B55E5B644C8}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe | 
    "{339CA5DA-8EBF-4938-A7B4-14F762F52468}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
    "{43A0C780-729C-458F-90B1-5B5C70990725}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
    "{5806D96A-D8E5-48ED-BA12-F2AA143B1639}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
    "{60AFEBC9-B57F-4F0F-88A3-58FC69D7485E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
    "{67C33633-FCB9-45CD-857F-9E749B704FFE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
    "{6C27B3B8-41A6-49B7-8095-0798C4924E96}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
    "{6E03812C-38A3-4091-AAD7-91A5E5DB9190}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe | 
    "{719AFDEC-7119-4081-9C75-4CB802FC57AD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
    "{8370E760-07D2-4E9A-9519-EB0A2BC464F3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
    "{89140443-14C0-4544-B172-A559D6900745}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
    "{89C43CDC-9FD0-4FF6-A4D1-87118DF795C2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
    "{9ECCA97E-9A43-40C1-92F6-0A9ED2A7F925}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
    "{A4F9D9D7-64C5-44FF-8551-4CACDEB0AF79}" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe | 
    "{AB88094F-E178-4FF2-BE48-02DEAE683DD5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
    "{AFE9FC75-C5FE-4816-BCC4-315FC14C87C4}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
    "{C75AF9C6-D712-45B4-B55A-ECB81E01A444}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
    "{F63AC2A4-AFC6-4980-B2E0-6C173BB0EDA9}" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe | 
    "{F667E5F7-34C0-4F84-8D8E-01C3AF9B6F00}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe | 
    "TCP Query User{9B4E31A8-9F98-4421-B126-8DFC3C23497C}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe | 
    "UDP Query User{7B45B754-C975-4847-9408-B8F9CCD3A4A9}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe | 
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
    "{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
    "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
    "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
    "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
    "{3849486C-FF09-4F5D-B491-3E179D58EE15}" = Message Center Plus
    "{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ***Vantage System für aktiven Festplattenschutz
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
    "{5DEFFC02-063C-4781-A371-077729F869B4}" = Lenovo Solution Center
    "{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot Shield
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}" = Regi
    "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
    "{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{728985C5-A04B-457C-9D62-15360F3EAF85}" = Intel(R) WiDi
    "{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
    "{7C6CD9B4-B230-4E76-80AA-FB465FF4DE29}" = Intel(R) PROSet/Wireless WiFi Software Driver
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
    "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
    "{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ***Vantage Communications Utility
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
    "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
    "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
    "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = ***Pad Bluetooth with Enhanced Data Rate Software
    "{A1D577BD-692D-4AC9-98DF-8E3C33B792E4}" = Oracle VM VirtualBox 4.1.20
    "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
    "{A8CAC260-092D-41DA-A38F-73AF4226B021}" = Lenovo Graphics Software
    "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
    "{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}" = Lenovo Patch Utility 64 bit
    "{B57D4097-F2FE-4222-BA02-46C6EC8B7944}" = DisplayLink Core Software
    "{BF601122-9F0A-41A9-BA06-3158D9FB4B80}" = Lenovo SimpleTap
    "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
    "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
    "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
    "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DEF50764-F1A7-4DD4-B8BA-C81A4807631A}" = Intel® PROSet/Wireless WiFi Software
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{F58DA859-016E-492D-A588-317D9BB28002}" = ***Vantage Fingerprint Software
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "09839A9B5EDA69DA2DCC34637B5140AAF8A53B44" = Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020)
    "62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
    "72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9)
    "97EE1802A0385A37DE6323FA39EC76BEB2D73E41" = Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011)
    "9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8" = Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011)
    "A4EEF8BC45A8EED2C8090601368F19B9357FC46E" = Windows-Treiberpaket - Synaptics (SynTP) Mouse  (03/01/2012 16.0.2.0)
    "CCleaner" = CCleaner
    "D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35" = Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011)
    "DisableAMTPopup" = Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7
    "E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7)
    "E3535F123E7F666D573665142F90D3E5004DC326" = Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20)
    "EC2A0F2B229770EC589265FCF2B4839A0C221993" = Windows-Treiberpaket - Intel (e1cexpress) Net  (01/11/2012 11.15.16.0)
    "EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
    "LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "MouseSuite98" = Lenovo Mouse Suite
    "OnScreenDisplay" = Anzeige am Bildschirm
    "Power Management Driver" = Lenovo Power Management Driver
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "VLC media player" = VLC media player 2.1.0-git
    "x64 Components_is1" = x64 Components v3.7.6
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis*True*Image*Home 2011
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
    "{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
    "{0AD3DEBC-5321-457E-8B43-8F546940169B}" = Joe
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
    "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
    "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
    "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
    "{11939E00-2BEC-4AE1-B373-E8C1F3FBC7FA}" = Accent EXCEL Password Recovery
    "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
    "{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
    "{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
    "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
    "{1D2FF661-4402-4D75-AA40-B23FCAF81D32}" = Lenovo Patch Utility
    "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
    "{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
    "{2385C070-EC26-4AB9-8718-E605C977C0ED}" = Microsoft redistributable runtime DLLs VS2010 SP1 (x86)
    "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
    "{25C64847-B900-48AD-A164-1B4F9B774650}" = Lenovo System Update
    "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
    "{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}" = Lenovo Welcome
    "{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
    "{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4AC4DAE6-46E6-4211-B785-F20961E0A9D0}" = FormsForWeb® Filler 3.2.2
    "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
    "{4DD171A1-70FB-48EE-8844-98A7AA4C8DCC}" = Lenovo Mobile Access
    "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
    "{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
    "{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
    "{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
    "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
    "{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
    "{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
    "{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
    "{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
    "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
    "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
    "{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}" = ***Vantage GPS
    "{6dc311e6-5f94-4934-9e77-d3991d628f84}" = Nero 9
    "{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
    "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
    "{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
    "{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
    "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
    "{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
    "{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ***Vantage Access Connections
    "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
    "{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
    "{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
    "{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
    "{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
    "{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
    "{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
    "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
    "{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
    "{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
    "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
    "{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
    "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
    "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
    "{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9C551D9B-5D36-46A2-9414-F658D934B129}" = ***Vantage Access Connections
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
    "{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
    "{A2FEAED3-17DB-4D60-867B-8FA5B7105F2C}" = Snap.Do
    "{A47A9101-6EB5-4314-BDA1-297880FBB908}" = Microsoft redistributable runtime DLLs VS2008 SP1(x86)
    "{A4FEF04E-604F-2834-374C-D36AFA9FA113}" = Välkomna! Vokabeltrainer
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
    "{A78800AF-1779-4AE8-8EBE-16E1BE727C71}" = Integrated Camera Driver Installer Package Ver.1.2.1.18
    "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
    "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
    "{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}" = Lenovo Mobile Broadband Activation
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
    "{AC76BA86-1033-F400-BA7E-100000000002}" = Adobe Acrobat 7.0 Standard - English, Français, Deutsch
    "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
    "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
    "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
    "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
    "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
    "{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
    "{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
    "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
    "{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
    "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
    "{C9FB6FFC-B3D2-4AA0-AC05-73DB7796B638}" = DE
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}" = Microsoft redistributable runtime DLLs VS2005 SP1(x86)
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
    "{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Energie-Manager
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}" = Nokia Suite
    "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
    "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
    "{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
    "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
    "{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
    "{E8D46836-CD55-453C-A107-A59EC51CB8DC}" = VIP Access
    "{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
    "{EA9640BE-414E-4195-B53B-7905BF1A5A09}" = Mobile Broadband Drivers
    "{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
    "{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
    "{fad118b4-798f-4755-9e67-a622eec95b62}" = Intel® PROSet/Wireless Software
    "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
    "{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.14.18.01
    "Adobe Acrobat 7.0 Standard - EFG - V" = Adobe Acrobat 7.1.0 Standard - English, Français, Deutsch
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
    "Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
    "AudibleDownloadManager" = Audible Download Manager
    "AudibleManager" = AudibleManager
    "Avira AntiVir Desktop" = Avira Free Antivirus
    "Capture NX 2" = Capture NX 2
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Corel Applications" = Corel Applications
    "DivX Setup" = DivX-Setup
    "Fastboot" = RapidBoot HDD Accelerator
    "Free YouTube Download_is1" = Free YouTube Download version 3.1.34.823
    "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
    "Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
    "Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MVApplication1" = SureThing CD Labeler 4 SE
    "Nokia PC Suite" = Nokia PC Suite
    "Nokia Suite" = Nokia Suite
    "Notepad++" = Notepad++
    "Office14.SingleImage" = Microsoft Office Home and Student 2010
    "SAP_Engineering Client Viewer 7.0" = Engineering Client Viewer 7.0
    "SAP_WUS" = SAPSetup Automatic Workstation Update Service
    "SAPGUI710" = SAP GUI for Windows 7.30
    "Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.20
    "SugarSync" = SugarSync Manager
    "WinLiveSuite" = Windows Live Essentials
    "WinZip" = WinZip
     
    ========== HKEY_CURRENT_USER Uninstall List ==========
     
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "FileZilla Client" = FileZilla Client 3.6.0.2
     
    ========== Last 20 Event Log Errors ==========
     
    [ Application Events ]
    Error - 02.06.2013 04:25:21 | Computer Name = ******-*** | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second
     
    Error - 02.06.2013 04:25:21 | Computer Name = ******-*** | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 3105
     
    Error - 02.06.2013 04:25:21 | Computer Name = ******-*** | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 3105
     
    Error - 02.06.2013 04:25:22 | Computer Name = ******-*** | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second
     
    Error - 02.06.2013 04:25:22 | Computer Name = ******-*** | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 4103
     
    Error - 02.06.2013 04:25:22 | Computer Name = ******-*** | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 4103
     
    Error - 02.06.2013 04:33:31 | Computer Name = ******-*** | Source = WinMgmt | ID = 10
    Description = 
     
    Error - 02.06.2013 09:22:48 | Computer Name = ******-*** | Source = WinMgmt | ID = 10
    Description = 
     
    Error - 02.06.2013 18:37:10 | Computer Name = ******-*** | Source = WinMgmt | ID = 10
    Description = 
     
    Error - 03.06.2013 07:24:33 | Computer Name = ******-*** | Source = WinMgmt | ID = 10
    Description = 
     
    [ Lenovo-Message Center Plus/*** Events ]
    Error - 20.05.2013 06:48:52 | Computer Name = ******-*** | Source = Lenovo-Message Center Plus/*** | ID = 2
    Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
    Der angegebene Host ist unbekannt
     
    Error - 22.05.2013 08:52:13 | Computer Name = ******-*** | Source = Lenovo-Message Center Plus/*** | ID = 2
    Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
    Der angegebene Host ist unbekannt
     
    Error - 22.05.2013 08:52:15 | Computer Name = ******-*** | Source = Lenovo-Message Center Plus/*** | ID = 2
    Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
    Der angegebene Host ist unbekannt
     
    Error - 22.05.2013 08:52:18 | Computer Name = ******-*** | Source = Lenovo-Message Center Plus/*** | ID = 2
    Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
    Der angegebene Host ist unbekannt
     
    Error - 23.05.2013 02:40:39 | Computer Name = ******-*** | Source = Lenovo-Message Center Plus/*** | ID = 2
    Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
    Der angegebene Host ist unbekannt
     
    Error - 23.05.2013 02:40:41 | Computer Name = ******-*** | Source = Lenovo-Message Center Plus/*** | ID = 2
    Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
    Der angegebene Host ist unbekannt
     
    Error - 23.05.2013 02:40:44 | Computer Name = ******-*** | Source = Lenovo-Message Center Plus/*** | ID = 2
    Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
    Der angegebene Host ist unbekannt
     
    Error - 01.06.2013 11:27:01 | Computer Name = ******-*** | Source = Lenovo-Message Center Plus/*** | ID = 2
    Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
    Der angegebene Host ist unbekannt
     
    Error - 01.06.2013 11:27:03 | Computer Name = ******-*** | Source = Lenovo-Message Center Plus/*** | ID = 2
    Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
    Der angegebene Host ist unbekannt
     
    Error - 01.06.2013 11:27:05 | Computer Name = ******-*** | Source = Lenovo-Message Center Plus/*** | ID = 2
    Description = Message = Der angegebene Host ist unbekannt -> Exception message: 
    Der angegebene Host ist unbekannt
     
    [ System Events ]
    Error - 02.06.2013 09:22:46 | Computer Name = ******-*** | Source = Service Control Manager | ID = 7009
    Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
     HOSTS Anti-PUPs erreicht.
     
    Error - 02.06.2013 09:22:46 | Computer Name = ******-*** | Source = Service Control Manager | ID = 7000
    Description = Der Dienst "HOSTS Anti-PUPs" wurde aufgrund folgenden Fehlers nicht
     gestartet:   %%1053
     
    Error - 02.06.2013 09:23:04 | Computer Name = ******-*** | Source = Service Control Manager | ID = 7026
    Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
       cdrom
     
    Error - 02.06.2013 10:45:00 | Computer Name = ******-*** | Source = Service Control Manager | ID = 7011
    Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
     von Dienst LENOVO.CAMMUTE erreicht.
     
    Error - 02.06.2013 18:37:08 | Computer Name = ******-*** | Source = Service Control Manager | ID = 7009
    Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
     HOSTS Anti-PUPs erreicht.
     
    Error - 02.06.2013 18:37:08 | Computer Name = ******-*** | Source = Service Control Manager | ID = 7000
    Description = Der Dienst "HOSTS Anti-PUPs" wurde aufgrund folgenden Fehlers nicht
     gestartet:   %%1053
     
    Error - 02.06.2013 18:37:26 | Computer Name = ******-*** | Source = Service Control Manager | ID = 7026
    Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
       cdrom
     
    Error - 03.06.2013 07:24:31 | Computer Name = ******-*** | Source = Service Control Manager | ID = 7009
    Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
     HOSTS Anti-PUPs erreicht.
     
    Error - 03.06.2013 07:24:31 | Computer Name = ******-*** | Source = Service Control Manager | ID = 7000
    Description = Der Dienst "HOSTS Anti-PUPs" wurde aufgrund folgenden Fehlers nicht
     gestartet:   %%1053
     
    Error - 03.06.2013 07:24:49 | Computer Name = ******-*** | Source = Service Control Manager | ID = 7026
    Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
       cdrom
     
     
    < End of report >
    PC läuft gut.

Seite 1 von 3 123 LetzteLetzte

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. search.babylon.com deinstallieren
    Von muki im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 06.12.2011, 21:56
  2. Panda Titanium deinstallieren?
    Von 19chrisi90 im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 21.01.2007, 11:24
  3. Panda Deinstallieren
    Von ICE666 im Forum Archiv
    Antworten: 5
    Letzter Beitrag: 03.10.2005, 15:19

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •