![]() |
|
Log-Analyse und Auswertung: Windows 7: booten dauert sehr lange, Firefox öffnet Werbung/FensterWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
| ![]() Windows 7: booten dauert sehr lange, Firefox öffnet Werbung/Fenster Guten Abend, seit einigen Monaten habe ich schon das Gefühl, dass es sehr lange dauert, bis der Systemstart mit Windows7 auf meinem Laptop abgeschlossen ist. Seit Mitte August kam das Problem hinzu, dass Firefox ständig neue Fenster und Werbung öffnet, so dass ich einen Virus vermutete. Leider kenne ich mich nicht gut mit Computern aus. Zuerst habe ich mit RegCleanPro versucht die Bootzeit zu verkürzen, was nicht geklappt hat, weshalb ich das Programm wieder deinstalliert habe. Dann habe ich Antivir installiert und dann auch die empfohlene Bereinigung durchgeführt. Code:
ATTFilter Exportierte Ereignisse: 24.08.2014 18:35 [System-Scanner] Malware gefunden Die Datei 'C:\Users\***\Documents\Exe_Dateien\AudioConverterSetup.exe' enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen7' [adware]. Durchgeführte Aktion(en): Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '51d7b9a1.qua' verschoben! 15.08.2014 19:05 [System-Scanner] Malware gefunden Die Datei 'C:\AdwCleaner\Quarantine\C\Program Files (x86)\Whilokii\WhilokiiBHO.dll.vir' enthielt einen Virus oder unerwünschtes Programm 'APPL/BrowseFox.Gen2' [program]. Durchgeführte Aktion(en): Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004. Die Quelldatei konnte nicht gefunden werden. Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen. Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden! Die Datei existiert nicht! 15.08.2014 18:36 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2RXAX51P\GenesisInstaller[1].exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/NaviPromo.67395' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern 15.08.2014 17:42 [System-Scanner] Malware gefunden Die Datei 'C:\AdwCleaner\Quarantine\C\Program Files (x86)\Whilokii\WhilokiiBHO.dll.vir' enthielt einen Virus oder unerwünschtes Programm 'APPL/BrowseFox.Gen2' [program]. Durchgeführte Aktion(en): Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5134b8bc.qua' verschoben! 15.08.2014 16:59 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\AdwCleaner\Quarantine\C\Program Files (x86)\Whilokii\WhilokiiBHO.dll.vir' wurde ein Virus oder unerwünschtes Programm 'APPL/BrowseFox.Gen2' [program] gefunden. Ausgeführte Aktion: Zugriff verweigern 15.08.2014 16:31 [System-Scanner] Malware gefunden Die Datei 'C:\Users\***\Downloads\flplayer_setup.exe' enthielt einen Virus oder unerwünschtes Programm 'Adware/InstallCore.AU.23' [adware]. Durchgeführte Aktion(en): Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '49e7a66d.qua' verschoben! 15.08.2014 16:31 [System-Scanner] Malware gefunden Die Datei 'C:\Users\***\Downloads\downloadmanagersetup.exe' enthielt einen Virus oder unerwünschtes Programm 'APPL/Downloader.Gen6' [program]. Durchgeführte Aktion(en): Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '514b89c8.qua' verschoben! 15.08.2014 16:26 [System-Scanner] Malware gefunden Die Datei 'C:\Users\***\AppData\Local\Temp\4B0Ctmp\genesisinstaller.exe' enthielt einen Virus oder unerwünschtes Programm 'Adware/NaviPromo.67395' [adware]. Durchgeführte Aktion(en): Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '513f8b8e.qua' verschoben! 15.08.2014 16:26 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\***\Downloads\flplayer_setup.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.AU.23' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern 15.08.2014 16:24 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\***\Downloads\downloadmanagersetup.exe' wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen6' [program] gefunden. Ausgeführte Aktion: Zugriff verweigern 15.08.2014 16:22 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\***\AppData\Local\Temp\4B0Ctmp\genesisinstaller.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/NaviPromo.67395' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern 15.08.2014 16:11 [System-Scanner] Malware gefunden Die Datei 'C:\Users\***\Documents\Downloads\setup.exe' enthielt einen Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]. Durchgeführte Aktion(en): Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '516a8598.qua' verschoben! 15.08.2014 16:07 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\***\Documents\Downloads\setup.exe' wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program] gefunden. Ausgeführte Aktion: Zugriff verweigern 15.08.2014 15:58 [System-Scanner] Malware gefunden Die Datei 'C:\Users\***\Documents\Dorothee-----------------------------------------\ Bewerbungen\Setup.exe' enthielt einen Virus oder unerwünschtes Programm 'TR/Dropper.Gen' [trojan]. Durchgeführte Aktion(en): Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '511b8636.qua' verschoben! 15.08.2014 15:55 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\***\Documents\Dorothee-----------------------------------------\ Bewerbungen\Setup.exe' wurde ein Virus oder unerwünschtes Programm 'TR/Dropper.Gen' [trojan] gefunden. Ausgeführte Aktion: Zugriff verweigern 15.08.2014 15:32 [System-Scanner] Malware gefunden Die Datei 'C:\Program Files\005\hzunyanhtn64.exe' enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware]. Durchgeführte Aktion(en): Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004. Die Quelldatei konnte nicht gefunden werden. Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen. Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden! Die Datei existiert nicht! Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 15.08.2014 Suchlauf-Zeit: 16:01:30 Logdatei: maleware.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.15.06 Rootkit Datenbank: v2014.08.04.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: *** Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 321353 Verstrichene Zeit: 43 Min, 0 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 9 PUP.Optional.WinGuard.A, HKU\S-1-5-21-1769507490-4185185962-1217567553-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E4BF64E4-237E-48E7-B43B-DA6E1B60D81A}, In Quarantäne, [f2f006c02e4d7bbb1c6c9dcd3dc53cc4], PUP.Optional.WinGuard.A, HKU\S-1-5-21-1769507490-4185185962-1217567553-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E4BF64E4-237E-48E7-B43B-DA6E1B60D81A}, In Quarantäne, [f2f006c02e4d7bbb1c6c9dcd3dc53cc4], PUP.Optional.Adpeak.A, HKLM\SOFTWARE\AllDay Savings, In Quarantäne, [6e74ab1b90eb80b6385d2db5be44857b], PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, In Quarantäne, [5a8813b34b305dd9ba28d10c1ee4eb15], PUP.Optional.Adpeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AllDaySavingsService64, In Quarantäne, [21c1953196e581b518ea0cd714eeb24e], PUP.Optional.BrowsersApp.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Browsers Apps, Löschen bei Neustart, [e7fba125dba053e3209a2fb1c33fff01], PUP.Optional.1ClickMovieDownload.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\ClickMovie1-Downloaderv10, Löschen bei Neustart, [885abd09ee8d191df15e5f84ad55639d], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], Registrierungswerte: 1 PUP.Optional.FastStart.A, HKU\S-1-5-21-1769507490-4185185962-1217567553-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, In Quarantäne, [cf1326a0087359dde0c346a107fb28d8] Registrierungsdaten: 0 (No malicious items detected) Ordner: 4 PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam, In Quarantäne, [da083e8819620e28c7897756c63c26da], PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings, In Quarantäne, [c91924a2e5963afc55e333a0b250867a], PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings\SSL, In Quarantäne, [c91924a2e5963afc55e333a0b250867a], Dateien: 32 PUP.Optional.Bundlore, C:\Users\***\Documents\Downloads\setup.exe, In Quarantäne, [5f83eed84635c076b3fe1e7ae71db848], PUP.Optional.SearchProtect.A, C:\Users\***\AppData\Local\Temp\nsn550.tmp, In Quarantäne, [c71b7551d5a64aecebbb6136e51cc739], PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nst2863.exe, In Quarantäne, [7b671fa7de9da88ea4db9cf1818042be], PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nstED01.exe, In Quarantäne, [4a988d395922e55186f9f79640c14db3], PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nsy1F68.exe, In Quarantäne, [d40ec5014e2d2016b3cca4e9f30e669a], PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nsz8D2.exe, In Quarantäne, [8d556462bbc00432681764299e63c838], PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\SearchProtectINT.exe, In Quarantäne, [f3ef9333e3986bcb8f3d2ef956ab50b0], PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nsb3C0B.exe, In Quarantäne, [f1f18d39d1aa49edd5aab7d6dd242ed2], PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nsj524.exe, In Quarantäne, [d1112b9b700b54e2a7d8fc91976aa858], PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nsjD40B.exe, In Quarantäne, [b62c23a34b30d363e59aace17e83bb45], PUP.Optional.Installcore, C:\Users\***\AppData\Local\Temp\is-VU2BP.tmp\IMNS.exe, In Quarantäne, [4f93fdc989f2de58ea3507a7976aad53], PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Temp\6032tmp\setup.exe, In Quarantäne, [ecf65c6a225967cf31f6c7899a6652ae], PUP.Optional.VIT, C:\Users\***\Downloads\installer_anubis_typhoon_6-in-1_card_reader_1_0_Deutsch.exe, In Quarantäne, [27bbd4f29fdc122424d5809f05fce818], PUP.Optional.Softonic.A, C:\Users\***\Downloads\SoftonicDownloader_fuer_gpl-ghostscript.exe, In Quarantäne, [b230ba0c5a2187af450d72b9b74af30d], PUP.Optional.AllDaySavings.A, C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\me67nmf2.default\extensions\j005-bwqhdvbmcimdkh@jetpack.xpi, In Quarantäne, [1fc3d3f3710a81b5a2d15b82d82a34cc], PUP.Optional.IStartSurf.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml, In Quarantäne, [558d5d690a7194a2d047815e1de5c13f], PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbjikboenpfhbbejgkoklgkhjpfogcam_0.localstorage, In Quarantäne, [c919fbcb36455adc60b6142d659fba46], PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\000003.log, In Quarantäne, [da083e8819620e28c7897756c63c26da], PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\CURRENT, In Quarantäne, [da083e8819620e28c7897756c63c26da], PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\LOCK, In Quarantäne, [da083e8819620e28c7897756c63c26da], PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\LOG, In Quarantäne, [da083e8819620e28c7897756c63c26da], PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\MANIFEST-000002, In Quarantäne, [da083e8819620e28c7897756c63c26da], PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\GoogleCrashHandler.exe, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\GoogleUpdate.exe, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\GoogleUpdateBroker.exe, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\GoogleUpdateHelper.msi, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\GoogleUpdateOnDemand.exe, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\goopdate.dll, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\goopdateres_en.dll, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\npGoogleUpdate4.dll, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\psmachine.dll, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\psuser.dll, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0], Physische Sektoren: 0 (No malicious items detected) (end) Defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1) Log created at 20:41 on 24/08/2014 (***) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-08-2014 03 Ran by *** at 2014-08-24 18:05:14 Running from C:\Users\***\Documents\Dorothee-----------------------------------------\Bewerbungen Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 1&1 Upload-Manager (HKLM-x32\...\1&1 Upload-Manager) (Version: 2.0.676 - 1&1 Internet AG) Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.0.0.19 - Absolute Software) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 13.0.0.83 - Adobe Systems Incorporated) Hidden Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated) Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.33.00 - ) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland) Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG) Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira) Bibliographix 8 (HKLM-x32\...\Bibliographix 8_is1) (Version: - Bibliographix GbR) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.48.0 - Conexant) Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation) Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation) Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.334 - Corel Inc.) Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Digital Media Converter 4.0 (HKLM-x32\...\Digital Media Converter 4.0_is1) (Version: - Deskshare Inc.) Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden DisplayLink Core Software (HKLM\...\{B57D4097-F2FE-4222-BA02-46C6EC8B7944}) (Version: 6.1.35392.0 - DisplayLink Corp.) Dolet Light for Finale (HKLM-x32\...\{457B00DC-314C-48E8-870E-BE04B2DCC1E9}) (Version: 1.0.1 - Recordare LLC) Duden-Bibliothek (HKLM-x32\...\{5C81B189-5456-40C4-9313-7FE6FA6DD64C}) (Version: 5.1.0 - Bibliographisches Institut AG) Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.16 - ) f4 3.1.0 (HKLM-x32\...\f4) (Version: 3.1.0 - MAXqda) ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - ) Finale PrintMusic 2009 (HKLM-x32\...\Finale PrintMusic 2009) (Version: 14.0.5.1 - MakeMusic) Fingerprint Reader (HKLM\...\{7DD99174-299B-4450-A179-7F27F4C2D042}) (Version: 6.0.200.105 - AuthenTec, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.) GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.02) (Version: 9.02 - Artifex Software Inc.) GSview 5.0 (HKLM\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd) IBM SPSS Statistics 19 (HKLM-x32\...\{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}) (Version: 19.0.0 - SPSS Inc., an IBM Company) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{C862EC05-1C15-4327-B15D-C7788D6CFF73}) (Version: 2.1.1 - Brice Lambson) Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2639 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation) Intel(R) Update Manager (x32 Version: 1.0.0.34813 - Intel Corporation) Hidden Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation) Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation) Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.) Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle) Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle) Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden Java(TM) 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - ) Lenovo Graphics Software (HKLM\...\{A8CAC260-092D-41DA-A38F-73AF4226B021}) (Version: 6.1.35401.0 - Lenovo) Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited) Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - ) Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.) Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.4.0 - Lenovo Group Limited) Lenovo SimpleTap (HKLM\...\{BF601122-9F0A-41A9-BA06-3158D9FB4B80}) (Version: 3.2.0004.00 - Lenovo Group Limited) Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited) Lenovo Solutions for Small Business (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 1.1.27.5565 - Intel(R) Corporation) Lenovo Solutions for Small Business Customizations (HKLM-x32\...\{5B5DEF99-85E9-423D-A1A3-B83202697B09}) (Version: 1.0.0006.00 - Lenovo Group Limited) Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo) Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited) Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo) Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0012.00 - Lenovo Group Limited) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) MAXQDA 10 (R140612) (HKLM-x32\...\MAXQDA10) (Version: (R140612) - VERBI Software.Consult.Sozialforschung GmbH) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Message Center Plus (HKLM-x32\...\{7F8205DE-DDFA-4156-ADA2-766E9CB4FABC}) (Version: 3.0.0012.00 - Lenovo Group Limited) Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Software Update for Web Folders (German) 12 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (Version: 2.0.162.0 - Microsoft Corporation) Hidden MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org) Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 17.0.5 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.5 (x86 de)) (Version: 17.0.5 - Mozilla) MPC-HC 1.6.6.6957 (3975d54) (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.6.6957 - MPC-HC Team) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23) No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.6 - ) OneKey Recovery Pro (HKLM-x32\...\{FF162784-CFFE-4193-AE24-7FC476812ABE}) (Version: 4.50.0009.00 - Lenovo Group Limited) OpenVPN 2.2.1 (HKLM-x32\...\OpenVPN) (Version: 2.2.1 - ) PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge) RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.20 - Lenovo) RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 1.00.0802 - Lenovo) RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Renee Undeleter 2013.4.27.0 (HKLM-x32\...\{BECFEA3A-6E81-436B-9D2B-6B01185004A5}}_is1) (Version: 2013.4.27.0 - Rene.e Laboratory) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer) TeXnicCenter Version 1.0 Stable RC1 (HKLM-x32\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - ) ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo) ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.7.0 - Lenovo) ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.76 - Lenovo) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft) VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.11 - VeriSign) WD SmartWare (HKLM\...\{9798BB87-01B9-4D46-8EA0-6681E72BDE87}) (Version: 1.6.5.2 - Western Digital Technologies, Inc.) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation) Windows-Treiberpaket - Intel (iaStor) hdc (11/29/2011 11.0.0.1032) (HKLM\...\64A62163FE43328D13305746CB8BCC93F2DF6545) (Version: 11/29/2011 11.0.0.1032 - Intel) Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo) Windows-Treiberpaket - Synaptics (SynTP) Mouse (04/02/2012 16.0.5.2) (HKLM\...\76052A6680822C2132A1EB4E64568F3C9591560E) (Version: 04/02/2012 16.0.5.2 - Synaptics) WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{6F731616-D7E1-4D78-9403-69B51A759ADE}) (Version: 21.00.8480 - Buhl Data Service GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 08-08-2014 10:54:28 Installed Lenovo Power Management Driver 08-08-2014 20:12:22 Windows Update 12-08-2014 19:02:50 Windows Update 12-08-2014 19:38:14 Reimage Express Restore Point 12-08-2014 20:39:54 RegClean Pro Di, Aug 12, 14 22:39 12-08-2014 21:43:14 RegClean Pro Di, Aug 12, 14 23:43 13-08-2014 05:13:48 Removed DriverUpdate 13-08-2014 21:17:00 Windows Update 15-08-2014 16:43:48 Removed Evernote v. 4.2.3 15-08-2014 16:45:09 Removed iCloud 15-08-2014 16:49:14 Entfernt WISO Steuer-Sparbuch 2013 24-08-2014 13:50:15 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0D7059C4-B200-44FA-A032-44B1C7F20418} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {176A3A7D-D0C6-4C0B-81CF-7A71EF9324A3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {18E0E76F-8724-475C-A9AF-DBA3E2C9365C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-05-06] (Lenovo) Task: {1C19FDFC-19D0-402E-885D-51DC75794E45} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] () Task: {2DCEF08B-61D0-48DB-859B-F0FE2FF16BA2} - System32\Tasks\{965A1954-A289-4E15-9215-6CD9AFF21493} => C:\Users\***2\Downloads\lide25vst6411011ade\SetupSG.exe Task: {347AA3DC-1B1F-4CB9-A96F-6B407E1212B3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo) Task: {34DD60FE-EDF9-4008-A919-4A1A89966389} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1769507490-4185185962-1217567553-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.) Task: {3AE38F53-319A-411A-A220-16BB702E7F2D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-05-06] (Lenovo) Task: {3B929BFA-7E6C-49E2-B5AE-5E31F0EF7760} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control Task: {40A60D0F-8A98-4E24-83BB-AF7760D39E47} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft) Task: {475A81FB-767C-40A7-94BE-D0168D44F970} - System32\Tasks\{963B18C7-1B59-4A88-86DF-0C5AAF723435} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation) Task: {4B8CC5B7-EA71-48CE-BB79-309B149BED8F} - System32\Tasks\{0B7D39C8-83C8-4665-B34B-0197A9037478} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation) Task: {51A25DAB-E129-42F9-BE52-DA5EE6E1F2F6} - System32\Tasks\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] () Task: {5439A35B-CF42-496C-8CE0-922E961DDDFC} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for ***-THINK.*** => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo) Task: {5DD7DE8D-803B-481D-B66C-AC20FC320100} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe Task: {5F78C279-8EAF-4984-8F6A-94B7C1E24A1C} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] () Task: {673716AF-9080-43E7-97CC-566A197B32DC} - System32\Tasks\{1DCA7436-095B-4122-8B37-CF9D15B7F46B} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation) Task: {825D96CE-FCE1-4416-B489-68C550F5B7CF} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe Task: {926F9A79-8D55-4640-B2AA-2477A2B363B8} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {966132C5-DBDF-468F-BC4F-BE93F86A2859} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated) Task: {A58265A5-5E75-45B8-85A6-D14EF2F33571} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd) Task: {AB9C7099-8A17-4DD0-B47D-92C87E1D0C83} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-05-27] (Lenovo) Task: {AE611976-EAD3-4231-8228-D6B86C1D46EB} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] () Task: {AFC94A9C-41A4-4590-B648-8DDED60F46D2} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2012-02-24] (Lenovo) Task: {B12F84ED-FDAD-4EE3-8724-527322F0EF63} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo) Task: {B3872FCE-49CB-484E-A922-EF0EA867C237} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {B701B5BA-D79D-4CCC-9EAA-6429064B3A5F} - System32\Tasks\DriverUpdate Daily Scan => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe Task: {B791AEB0-C55E-4756-9F20-F95C4A97CE4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-18] (Google Inc.) Task: {C0E4A61A-3DF7-451F-B451-E4B59A70252D} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {C0F82AAA-F72A-4E2E-8E91-FD2C820A43CC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation) Task: {C1302C62-1611-448F-BEAE-AE3C3A8DDFEA} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe Task: {C6E6E59F-10FC-464C-9D03-21341528842E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-18] (Google Inc.) Task: {E8F25F16-95BC-450F-ADB2-B1774AC16FDF} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1769507490-4185185962-1217567553-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.) Task: {EBFEE693-47C1-4B37-8FC8-43CD13EC9B03} - System32\Tasks\{FD161BF0-105E-4EDD-B4F9-D24D4CF07C08} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation) Task: {EEA004DC-FF76-4CD5-A2CB-4D47C1CCD4AA} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe Task: {F35E6234-3A18-4413-96AC-7ED4D1EFF2A6} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2012-04-11] (Lenovo Group Limited) Task: {FFD93581-FBE5-40F4-B8F5-C400FF00C3D2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DriverUpdate Daily Scan.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-24 14:21 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\ZLhp1020.DLL 2013-09-24 14:21 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll 2012-06-18 14:45 - 2012-03-07 00:49 - 00128280 ____N () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 2013-08-07 03:03 - 2013-08-07 03:03 - 01130792 _____ () C:\Program Files\Lenovo Fingerprint Reader\DataManager.dll 2013-08-07 03:04 - 2013-08-07 03:04 - 00087848 _____ () C:\Program Files\Lenovo Fingerprint Reader\ssutil.dll 2013-04-04 01:09 - 2013-04-04 01:09 - 04300432 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2012-06-18 14:55 - 2012-04-11 23:16 - 00103936 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL 2012-06-18 14:46 - 2012-02-01 21:34 - 00094208 ____N () C:\Windows\System32\IccLibDll_x64.dll 2013-06-06 21:40 - 2010-10-26 12:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2014-08-15 13:24 - 2014-08-24 18:00 - 00050477 _____ () C:\Users\***\Documents\Dorothee-----------------------------------------\Bewerbungen\Defogger.exe 2012-08-27 21:33 - 2012-08-27 21:33 - 00087912 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-08-27 21:33 - 2012-08-27 21:33 - 01242512 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-06-18 15:02 - 2012-01-17 08:29 - 00030512 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll 2012-06-18 14:56 - 2011-08-02 04:58 - 02201088 ____N () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll 2012-06-18 14:56 - 2011-08-02 04:58 - 02085888 ____N () C:\Program Files\Lenovo\Communications Utility\cv210.dll 2013-04-16 17:52 - 2012-04-09 00:40 - 03470848 ____N () C:\Program Files (x86)\ffdshow\ffdshow.ax 2014-03-14 17:47 - 2014-03-14 17:47 - 00092504 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll 2014-07-14 16:49 - 2014-07-14 16:49 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll 2014-07-14 16:49 - 2014-07-14 16:49 - 00065104 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 ____N () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-08-08 13:21 - 2014-08-08 13:21 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 ____N () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2011-06-30 10:41 - 2011-06-30 10:41 - 72522112 ____N () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\MSORES.DLL 2014-08-15 15:26 - 2014-07-14 16:49 - 00049744 _____ () C:\Users\***\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll 2012-06-18 14:44 - 2012-03-07 00:27 - 01198872 ____N () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2014-07-08 23:41 - 2014-07-08 23:41 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll 2012-06-18 14:55 - 2012-04-11 23:16 - 00112640 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMROV.DLL ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: PDF Architect Helper Service => 2 MSCONFIG\Services: PDF Architect Service => 2 MSCONFIG\Services: RealNetworks Downloader Resolver Service => 3 MSCONFIG\Services: TeamViewer8 => 2 MSCONFIG\Services: VIPAppService => 2 MSCONFIG\Services: WDBackup => 2 MSCONFIG\Services: WDDriveService => 2 MSCONFIG\Services: WDRulesService => 2 MSCONFIG\startupfolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk => C:\Windows\pss\Persbackup.lnk.Startup MSCONFIG\startupreg: 1&1_1&1 Upload-Manager => "C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE" /hide MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/24/2014 03:55:20 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)" Error: (08/24/2014 03:44:44 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2014 06:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7098 Error: (08/16/2014 06:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7098 Error: (08/16/2014 06:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/16/2014 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 20482 Error: (08/16/2014 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 20482 Error: (08/16/2014 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/16/2014 06:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 10077 Error: (08/16/2014 06:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 10077 System errors: ============= Error: (08/24/2014 03:38:33 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Error: (08/24/2014 03:38:06 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (08/16/2014 06:26:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht. Error: (08/16/2014 06:26:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TPHKSVC erreicht. Error: (08/16/2014 04:47:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet. Error: (08/15/2014 10:29:43 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {7D1ADD0A-5D7B-481E-8351-4C048AD401BE} Error: (08/15/2014 04:52:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/15/2014 04:51:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht. Error: (08/15/2014 04:51:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht. Error: (08/15/2014 04:51:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AcSvc" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Microsoft Office Sessions: ========================= Error: (08/24/2014 03:55:20 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: F:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006) Error: (08/24/2014 03:44:44 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2014 06:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7098 Error: (08/16/2014 06:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7098 Error: (08/16/2014 06:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/16/2014 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 20482 Error: (08/16/2014 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 20482 Error: (08/16/2014 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/16/2014 06:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 10077 Error: (08/16/2014 06:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 10077 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz Percentage of memory in use: 77% Total physical RAM: 3685.47 MB Available physical RAM: 818.67 MB Total Pagefile: 7369.12 MB Available Pagefile: 3569.15 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (Windows7_OS) (Fixed) (Total:446.72 GB) (Free:321.26 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive q: (Lenovo_Recovery) (Fixed) (Total:17.58 GB) (Free:4.29 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 8A4FD910) Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=446.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=17.6 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2014-08-24 19:15:38 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.MC10 465,76GB Running: Gmer-19357.exe; Driver: C:\Users\***~1\AppData\Local\Temp\awxcruow.sys ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- Threads - GMER 2.1 ---- Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8116:8004] 000007fefc882bf8 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8116:6420] 000007fee16e4830 ---- EOF - GMER 2.1 ---- Herzlichen Dank schon einmal im Voraus!! Theed Geändert von Theed (24.08.2014 um 19:52 Uhr) Grund: Entfernung Nachname |