| walter_h | 06.04.2013 15:51 |
Lenovo 520 Notebook
So nach und nach checken wir alle Computer im Hause. Hier die Scans von OTL Code:
OTL logfile created on: 06.04.2013 16:35:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ValiN\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 65,61% Memory free
7,82 Gb Paging File | 5,74 Gb Available in Paging File | 73,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685,45 Gb Total Space | 571,17 Gb Free Space | 83,33% Space Free | Partition Type: NTFS
Drive D: | 7,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive Q: | 11,72 Gb Total Space | 1,57 Gb Free Space | 13,37% Space Free | Partition Type: NTFS
Computer Name: VADMIN-THINK | User Name: Vadmin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.06 16:33:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ValiN\Desktop\OTL.exe
PRC - [2013.03.29 21:53:56 | 001,631,144 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013.03.28 03:41:42 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.28 03:41:32 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2013.03.28 03:41:29 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.28 03:41:29 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.01.16 18:27:06 | 002,550,224 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
PRC - [2013.01.09 22:11:54 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
PRC - [2012.10.25 20:59:52 | 002,693,008 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.129\deploy\LoLLauncher.exe
PRC - [2012.10.25 20:58:54 | 001,300,376 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2012.06.20 13:18:08 | 001,568,976 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012.05.29 15:50:04 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.08.31 20:03:00 | 000,062,824 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
PRC - [2011.08.11 12:04:16 | 000,328,552 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011.07.26 00:18:46 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe
PRC - [2011.07.12 09:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\micmute.exe
PRC - [2011.07.12 09:53:20 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2011.06.24 08:25:50 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011.05.31 11:48:36 | 000,059,240 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2011.05.31 11:48:34 | 000,040,808 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TpKnrres.exe
PRC - [2011.05.31 11:48:18 | 000,041,320 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe
PRC - [2011.05.25 15:21:32 | 000,281,960 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\AutoLock\ALCKRESI.exe
PRC - [2011.02.24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011.02.22 05:19:12 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.22 05:19:08 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.07 05:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe
PRC - [2010.03.11 15:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.05.27 23:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
PRC - [2008.01.10 13:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.29 21:53:56 | 001,114,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2013.03.27 02:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013.03.26 00:23:34 | 000,651,776 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013.01.16 18:26:01 | 002,212,304 | ---- | M] () -- c:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
MOD - [2012.12.11 19:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012.12.11 19:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012.12.11 19:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012.10.25 20:59:52 | 002,693,008 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.129\deploy\LoLLauncher.exe
MOD - [2012.10.25 20:58:54 | 001,300,376 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2011.06.24 08:25:49 | 000,329,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\ppGoogleNaClPluginChrome.dll
MOD - [2011.06.24 08:25:47 | 003,649,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\pdf.dll
MOD - [2011.06.24 08:24:21 | 000,104,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\avutil-50.dll
MOD - [2011.06.24 08:24:20 | 000,203,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\avformat-52.dll
MOD - [2011.06.24 08:24:18 | 001,846,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\avcodec-52.dll
MOD - [2011.06.24 05:20:43 | 006,333,088 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\gcswf32.dll
MOD - [2011.06.24 05:20:43 | 006,333,088 | ---- | M] () -- C:\PROGRA~2\Google\Chrome\APPLIC~1\120742~1.112\gcswf32.dll
MOD - [2010.04.06 10:05:16 | 002,085,888 | ---- | M] () -- C:\Programme\Lenovo\AutoLock\cv210.dll
MOD - [2010.04.06 10:04:06 | 002,201,088 | ---- | M] () -- C:\Programme\Lenovo\AutoLock\cxcore210.dll
MOD - [2009.05.27 23:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
========== Services (SafeList) ==========
SRV:64bit: - [2011.08.11 04:20:42 | 000,045,928 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2011.05.11 15:53:46 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.03.29 20:15:36 | 000,047,728 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2010.12.17 00:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.03.28 03:41:42 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.28 03:41:32 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013.03.28 03:41:29 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.13 01:52:30 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.16 18:27:06 | 002,550,224 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2013.01.09 22:11:54 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.08.31 20:03:00 | 000,173,416 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE -- (PwmEWSvc)
SRV - [2011.08.31 20:03:00 | 000,087,400 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
SRV - [2011.07.27 22:04:48 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011.07.27 21:48:34 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2011.07.27 21:44:18 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011.07.26 00:18:46 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2011.07.12 09:54:00 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV - [2011.07.12 09:53:42 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV - [2011.07.12 09:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2011.07.12 09:53:20 | 000,142,696 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2011.07.08 18:53:20 | 000,144,232 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc)
SRV - [2011.05.31 11:48:36 | 000,059,240 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV - [2011.05.31 11:48:18 | 000,041,320 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV - [2011.04.28 00:41:18 | 000,968,480 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2011.02.24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011.02.22 05:19:12 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.22 05:19:08 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.01.07 05:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.11 15:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.01.10 13:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.03.28 03:41:47 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.28 03:41:47 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.28 03:41:47 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.09.28 05:12:10 | 000,023,552 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UHSfiltv.sys -- (UHSfiltv)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.18 20:07:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.11.18 20:07:41 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.11.18 11:47:57 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.08.31 20:03:00 | 000,014,960 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2011.08.11 04:20:42 | 000,039,024 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2011.08.09 01:32:02 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.08.03 18:28:32 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.06.21 16:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011.06.21 16:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011.05.25 18:23:00 | 000,101,888 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc)
DRV:64bit: - [2011.05.19 14:06:46 | 001,442,352 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.05.11 19:16:38 | 009,319,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.05.11 15:16:54 | 000,304,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.04.27 17:50:38 | 000,436,776 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011.04.27 17:50:32 | 000,164,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011.04.27 17:50:32 | 000,150,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011.04.27 17:50:32 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011.04.27 17:50:32 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011.03.29 20:13:40 | 000,139,888 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2011.03.29 20:11:48 | 000,023,664 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2011.03.24 08:36:20 | 001,576,064 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.03.04 19:18:42 | 000,166,016 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877)
DRV:64bit: - [2010.12.28 20:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.19 09:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.09.07 07:09:36 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2011.07.08 18:53:24 | 000,032,104 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Programme\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchya.com/?f=1&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0AyC0F0AyE0A0EyBzztBtN0D0Tzu0CyEtCyDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1263039757&ir=
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{01AAAA62-E68F-1ABA-8920-766B98002504}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.searchya.com/?q={searchTerms}&f=4&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0AyC0F0AyE0A0EyBzztBtN0D0Tzu0CyEtCyDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1263039757&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchya.com/?f=1&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0AyC0F0AyE0A0EyBzztBtN0D0Tzu0CyEtCyDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1263039757&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{30AB421B-649D-983B-5C91-4BDD52A9FE83}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.searchya.com/?q={searchTerms}&f=4&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0AyC0F0AyE0A0EyBzztBtN0D0Tzu0CyEtCyDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1263039757&ir=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=a481e782000000000000f0def1a6fa4a
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchya.com/?f=1&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0AyC0F0AyE0A0EyBzztBtN0D0Tzu0CyEtCyDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1263039757&ir=
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {01AAAA62-E68F-1ABA-8920-766B98002504}
IE - HKCU\..\SearchScopes\{01AAAA62-E68F-1ABA-8920-766B98002504}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE464
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119556&babsrc=SP_ss&mntrId=a481e782000000000000f0def1a6fa4a
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.searchya.com/?q={searchTerms}&f=4&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0AyC0F0AyE0A0EyBzztBtN0D0Tzu0CyEtCyDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1263039757&ir=
IE - HKCU\..\SearchScopes\{FD5B919B-DA89-4584-8779-FA9A9E20EAB9}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=3661c9a3-d3cf-4928-b4df-f6049a675ac0&apn_sauid=9D958D85-4BF2-4CE6-89CD-42E71EBCAECF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013.02.18 13:39:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013.02.08 18:30:02 | 000,037,909 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.6.8\FF [2013.02.18 13:42:09 | 000,000,000 | ---D | M]
[2013.02.18 13:39:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://www.searchya.com/?f=1&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0AyC0F0AyE0A0EyBzztBtN0D0Tzu0CyEtCyDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1263039757&ir=
CHR - Extension: No name found = C:\Users\Vadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\
CHR - Extension: No name found = C:\Users\Vadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.8_0\
CHR - Extension: No name found = C:\Users\Vadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\
CHR - Extension: No name found = C:\Users\Vadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
CHR - Extension: No name found = C:\Users\Vadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
CHR - Extension: No name found = C:\Users\Vadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0\
CHR - Extension: No name found = C:\Users\Vadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\
CHR - Extension: No name found = C:\Users\Vadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.8_0\
CHR - Extension: No name found = C:\Users\Vadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\
CHR - Extension: No name found = C:\Users\Vadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
CHR - Extension: No name found = C:\Users\Vadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
CHR - Extension: No name found = C:\Users\Vadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.8\PriceGongIE.dll (PriceGong)
O2 - BHO: (SearchYa Helper Object) - {25927741-5E5B-4D27-8D8B-9188FE64373F} - C:\Program Files (x86)\SearchYa!\1.8.8.0\bh\searchya.dll (Montera Technologeis LTD)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (SearchYa Toolbar) - {33AA308B-B565-4376-AC66-59EE9B6AD13E} - C:\Program Files (x86)\SearchYa!\1.8.8.0\searchyaTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [ALCKRESI.EXE] C:\Programme\Lenovo\AutoLock\ALCKRESI.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [ForteConfig] C:\Programme\CONEXANT\ForteConfig\fmapp.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Programme\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found
O4 - HKLM..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [LTT] C:\Programme\PC-Doctor\EnableToolbarW32.exe (PC-Doctor, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Vadmin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Vadmin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4D0A9268-F6E1-459A-83D1-7A6B0CCE20D7}: DhcpNameServer = 192.168.1.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63ACE54F-655C-4852-BCEC-3EDEAF429440}: DhcpNameServer = 192.168.1.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.03.16 18:49:08 | 000,000,038 | -H-- | M] () - D:\autorun.inf -- [ UDF ]
O32 - Unable to obtain root file information for disk Q:\
O33 - MountPoints2\{187e85c6-11c5-11e1-864f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{187e85c6-11c5-11e1-864f-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009.08.10 23:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.28 03:42:00 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.28 03:42:00 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.28 03:42:00 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.16 22:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.16 22:10:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.16 22:10:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.04.06 16:36:00 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2013.04.06 16:32:33 | 000,000,000 | ---- | M] () -- C:\Users\Vadmin\defogger_reenable
[2013.04.06 16:29:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.06 16:28:00 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013.04.06 15:52:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.06 14:29:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.06 13:56:20 | 000,031,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 13:56:20 | 000,031,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 13:53:29 | 001,614,100 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.06 13:53:29 | 000,697,322 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.06 13:53:29 | 000,652,600 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.06 13:53:29 | 000,148,328 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.06 13:53:29 | 000,121,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.06 13:48:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.06 13:48:39 | 3151,417,344 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.05 17:51:22 | 000,000,000 | ---- | M] () -- C:\END
[2013.03.28 03:41:47 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.28 03:41:47 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.28 03:41:47 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.06 16:32:33 | 000,000,000 | ---- | C] () -- C:\Users\Vadmin\defogger_reenable
[2013.02.18 13:40:36 | 000,338,815 | ---- | C] () -- C:\Users\Vadmin\AppData\Local\speeddial.crx
[2013.01.24 01:34:21 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012.09.28 05:12:10 | 000,002,302 | ---- | C] () -- C:\Windows\UHScfg.ini
[2012.09.28 05:12:10 | 000,000,388 | ---- | C] () -- C:\Windows\UHSMCcfg.ini
[2012.09.28 05:12:10 | 000,000,238 | ---- | C] () -- C:\Windows\UHSConfig.ini
[2012.02.24 20:27:44 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012.01.28 16:25:45 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2012.01.28 16:25:45 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2011.11.18 19:54:11 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.11.18 11:35:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.11.18 11:32:29 | 000,003,914 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011.11.18 11:31:27 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.11.18 11:31:27 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.11.18 11:31:27 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.11.18 11:31:27 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.11.18 11:31:26 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.11.18 11:31:26 | 000,003,914 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.11.18 11:22:48 | 001,591,930 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.12 00:57:52 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.02.18 13:39:10 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\Babylon
[2013.02.18 13:39:25 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\Delta
[2013.01.25 23:11:00 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\DVDVideoSoft
[2013.01.25 23:11:07 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.12.24 21:11:00 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\Leadertech
[2012.09.02 19:08:14 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\LolClient
[2012.02.10 15:49:28 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\Mount&Blade
[2012.01.01 19:52:08 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
[2011.12.30 16:35:13 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\PCDr
[2013.02.18 13:42:06 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\pdfforge
[2011.12.25 00:18:18 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\PwrMgr
[2013.02.18 13:40:36 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\Searchya
[2012.08.19 15:47:38 | 000,000,000 | ---D | M] -- C:\Users\Vadmin\AppData\Roaming\TP
========== Purity Check ==========
< End of report >
Und hier von der Extra.txt Code:
OTL Extras logfile created on: 06.04.2013 16:35:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ValiN\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 65,61% Memory free
7,82 Gb Paging File | 5,74 Gb Available in Paging File | 73,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685,45 Gb Total Space | 571,17 Gb Free Space | 83,33% Space Free | Partition Type: NTFS
Drive D: | 7,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive Q: | 11,72 Gb Total Space | 1,57 Gb Free Space | 13,37% Space Free | Partition Type: NTFS
Computer Name: VADMIN-THINK | User Name: Vadmin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1 -- ()
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1 -- ()
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1 -- ()
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1 -- ()
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{032777C5-D2EF-4E52-978A-A22E69C826DF}" = lport=56364 | protocol=6 | dir=in | name=pando media booster |
"{0BC438A5-C046-4C0B-8F1B-CA717CE1277E}" = lport=58566 | protocol=6 | dir=in | name=pando media booster |
"{155BB13C-40B8-4C43-9064-A2F02138E7B6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{194B1F23-0408-4E86-98E6-C44602A1EF0C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1BB92E98-7F6E-49E0-821C-62543B7175D4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{20E7A7F2-FB36-4D07-A98F-1600B1DE49F7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{212E5E2D-C9E0-439D-803A-C0A49187A796}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2681FE73-FBBE-45B0-98DA-2B99BFC6A194}" = lport=58566 | protocol=17 | dir=in | name=pando media booster |
"{2A81F56D-CEAB-466F-9523-4FF908A510DA}" = rport=139 | protocol=6 | dir=out | app=system |
"{2DBE5AA1-CD02-4C5A-9F43-6ECACBD79B3B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51A5B4CF-7FE9-43DA-8988-EC5E836A1C0E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{59988C81-4746-4757-87CE-96DF3D4F8BE2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{62F8B3E8-ECDA-492C-84D6-E1447EEC4E82}" = lport=137 | protocol=17 | dir=in | app=system |
"{6508AA5E-7368-4346-AFE9-BBF8AF5005D4}" = lport=139 | protocol=6 | dir=in | app=system |
"{69D35115-E5BA-4514-849A-547235BBAE1B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7BF3B0CE-FE4F-416D-BE4D-B09F35885429}" = lport=138 | protocol=17 | dir=in | app=system |
"{7D1546A1-920F-4758-B3A9-FC764B529892}" = lport=58566 | protocol=6 | dir=in | name=pando media booster |
"{8660B42D-D59C-435A-92E5-720E0839AB79}" = lport=58566 | protocol=17 | dir=in | name=pando media booster |
"{8BBB39D0-BE3E-4E97-AD87-452D2A5E646C}" = rport=445 | protocol=6 | dir=out | app=system |
"{8BC0AFCE-9835-454B-A3B9-9BD55AC2F721}" = rport=137 | protocol=17 | dir=out | app=system |
"{90A2704D-EE89-4B9B-B0F0-92C8C8DB0CDE}" = lport=56364 | protocol=17 | dir=in | name=pando media booster |
"{93A7A167-38F3-4E1B-A4E4-A282E1C8839E}" = lport=56364 | protocol=6 | dir=in | name=pando media booster |
"{BC295F7E-3F0A-42DC-A1C9-88873180C7A4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C1271C69-D84B-4EDF-AE17-E85DA1F532FC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C43D8CF6-D49E-405D-97CC-D1141A3D7A95}" = rport=138 | protocol=17 | dir=out | app=system |
"{C6B3C9DA-839B-4FC9-B79D-2C94E81E9851}" = lport=445 | protocol=6 | dir=in | app=system |
"{C7B2B3C5-4C41-4528-97CF-548A3BC717E2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C8D9A5C2-AFF4-40CE-B06D-D5A7A38FCDA7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D67F247C-EBB7-42DE-A7CC-13AEB34C3E3A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{DD4AD901-ECC3-42CE-BA65-1B013ED6C65E}" = lport=56364 | protocol=17 | dir=in | name=pando media booster |
"{E4FB852A-BF1B-44FA-88F6-2383FF2F2F55}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E984CCF4-A248-4CEC-84E4-2627AF3B8DA8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00671AA5-7A48-440B-98DE-EA9D90816323}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{02F3E226-8F01-4CB8-AE57-BCB3491DE776}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{09F0B1C1-4CF8-4B71-8D10-ADAA5A6FDA4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0AA2DB4D-4F44-46F3-8366-7F4FD968956A}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo ii\game.exe |
"{0C113CC6-0D20-4F7C-A470-E837CEB67260}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{0E42BC78-DEC8-4721-A339-9E81AF5A50D2}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{14DC17B5-AA4A-4C7D-BA92-5EA6AE5B1C5A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{168CCCF8-12C9-48EA-86A5-8A767A1D0A4F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{17F6FD00-0EEB-4A21-870B-4972403FB347}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{1F24B5E5-3CCD-44C4-B323-CBDA0B2EFDC9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{26B2BCCF-B22C-41DD-92D0-619F890A98D2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{292B2B1F-6161-4378-B976-DA401E2CA26C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{299DEA91-B710-4A88-BCF0-907997A5E6E5}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2B99BA4E-4A3A-4FA3-934E-17087CCCCA64}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2D25B208-5673-4005-B9DD-D99D351C8500}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{2D7D3FF7-3C64-47BB-A8A8-73EEEEA109AD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2D8A46BF-403E-4A78-8850-F4D9E7E470AD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{2E8DC5A5-41B8-48CF-8D1C-35BC30C0D1A4}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{3079B4F9-390B-4643-ADE4-E1CD403B25CF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{34F7F962-E870-4AFB-893E-9BEA096A6332}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{359DDC34-D017-4338-B1E5-CE719A0B1639}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{37A34571-EA5C-4D93-81A2-3CAACD82309F}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\game.dat |
"{3A23CA3E-75FB-44EC-9A43-5BEE8837EF45}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{3D180434-EE1A-4D34-95A9-6D39BEE1BFDD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4311023C-94F8-4ECE-A206-4E1E2B5CC7F6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{44884B92-F4F9-4717-85FF-A3AE1EE74332}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{500133AD-47D5-49D0-8F8F-727B10B365A6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{5280F8A8-78EA-4A2A-9CB0-114AFAC6694E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5C2DF638-6445-44CB-BCD7-4D7C0515A19F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5D308CA3-32D9-4919-814C-90FE9FA25FE4}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{5ED8E37C-84CD-4662-9905-64B05A2C1C4C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{5F506AC5-6F45-421B-935C-8EC1D05154B4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5FD91A0C-C8CF-41F9-A8D0-F585F1EA1FFA}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{625BA157-AD34-4AC7-9849-AD4347D13F65}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{671CC855-4658-4D68-9002-6E89471D355B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6BCC9FA3-96FD-4140-AB98-C439384C7BB9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6CF2ADC1-75AA-456B-8738-3581E482138F}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{7972EA5B-72EE-4344-A203-5E6329A11BC0}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\game.dat |
"{7ACEE2CF-696D-490A-A665-9FF1E23C161B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{86265F72-B1C7-40BB-9E9C-0761F32A0FCC}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"{867F4A27-D55F-48BA-8535-55F3BE6AEE5D}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{8D27AE32-B805-4AC3-A3AF-6972ADFA4692}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base22612\sc2.exe |
"{94FBCEE6-C5C1-45A9-B05A-2F5415FE20C0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{95CED0E7-EB75-417B-A52C-A009E03A2DD4}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{96A79D67-E8B0-4B8E-8A33-F4BB73E9E7F6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{97089813-E789-405C-ADD9-2DA353B80D62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{999FDA8E-D753-44CE-A4E8-1B9569316C25}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{9D34F5F6-05A1-489A-89FD-6900A265354E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9D58777F-F701-4265-8125-936A6333CAD4}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"{9DB8260D-C4DD-4C00-AD1B-340A9E1312DA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{A4B140F5-56DD-4D56-8779-44580DFDEDC9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A4E7C023-0B56-412E-AB9A-2BFA378FC1B7}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo ii\game.exe |
"{A6812357-41AF-4009-9A19-EE23FC95D1C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B09A452A-2AA5-4C7E-8B3E-2B2D2ABDC160}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B3B5E484-E332-4513-82A7-CF4378ACB1DD}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{B40483F9-A4F9-4C34-A954-F8715D205A0C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{B7ED64C7-4F0C-4AA8-93E7-FB8C75380EBB}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base22612\sc2.exe |
"{B951DF50-19BD-4A5E-8571-5D2235F87D8A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C53A7572-B432-42F8-9310-EB97C5C5723B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CEBCD80A-2539-4012-88F2-93A0B936D1B7}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\game.dat |
"{CF8B0E66-E6D8-45E3-93F2-1E01B5EAAC54}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{D750E737-3C00-4762-A70B-9661E6B7DB18}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D920C260-96BC-4AD7-863A-278AEBBEF10B}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{D942595A-65A5-445A-8B7C-8AA6E1418428}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E2079C8E-110E-4476-9001-A361DA6D5788}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E77336F5-B481-40A3-BCD6-28F2377E8176}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{E97EDEBD-4B69-48CE-94F5-C02559BF56CE}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\game.dat |
"{EB68408B-8C93-4A89-ACE0-FC771A8284B8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{F77E7D95-FA6E-49DB-BDB0-15BB695EE75F}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{F7904D1E-6E00-4661-B07B-3AFED77E5B5E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FFB665F7-3846-4926-9637-F1394F86274C}" = protocol=6 | dir=out | app=system |
"TCP Query User{4A78F75D-3331-4013-A8D6-B61FB12ABD3F}C:\program files (x86)\steam\steamapps\stop800\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\stop800\team fortress 2\hl2.exe |
"TCP Query User{5C674D26-94C8-45D0-B4D3-4E03CF9E4D71}C:\program files (x86)\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{85CF3F0D-0FCF-4DC0-99FF-9111BF1B98A2}C:\program files (x86)\starcraft ii\versions\base22612\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base22612\sc2.exe |
"TCP Query User{980D37EC-7F18-4A62-AF0A-47F99C596F43}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe |
"TCP Query User{9949A6C7-056F-4CE3-B3EC-2E0A517E20D4}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"TCP Query User{9CBF1B09-6310-4A07-97DA-9A117330DD1F}C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"TCP Query User{B64619D7-59BB-462E-B7C0-0228059F078E}C:\program files (x86)\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo ii\game.exe |
"TCP Query User{BF92329E-6280-4D1A-805B-62FA9C2DC3A8}C:\programdata\battle.net\agent\agent.1637\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"TCP Query User{C4606878-4AF4-440E-8F67-DDE3D2D210C4}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{D4E470C5-083F-406A-9F32-2D9D2CED82EC}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{E298CC7A-FC3F-4B5D-8DEB-0E343695D6E8}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{FA6B0F60-AB58-423B-B6C9-68664E937982}C:\programdata\battle.net\agent\agent.1737\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"UDP Query User{320384AD-079A-424C-9E70-419F2112F997}C:\program files (x86)\steam\steamapps\stop800\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\stop800\team fortress 2\hl2.exe |
"UDP Query User{53A4A9A7-8188-42E7-B420-AE063F30C1FB}C:\program files (x86)\starcraft ii\versions\base22612\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base22612\sc2.exe |
"UDP Query User{568E19BF-8B11-498E-A6CC-5B62D14C9641}C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"UDP Query User{5BC07BFD-87C4-4270-933C-C7CF6C52696E}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{5D9547B9-1948-4B8C-B484-B0169A540499}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{6DF8A7CF-FFC1-4A2F-9DB6-293FB42885A9}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{90B73F0E-00E4-4619-AAF3-202E877ABF81}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{AF526B00-5C87-41CD-8608-64DE43C81AFC}C:\program files (x86)\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo ii\game.exe |
"UDP Query User{ECAA0C1A-E390-4A32-B129-4C925EBBFD5C}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{F48FBC66-C8A5-4562-B5AC-068D3A7A5EA9}C:\program files (x86)\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{F82225C9-95DE-44F0-AB44-5055F16602EF}C:\programdata\battle.net\agent\agent.1637\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"UDP Query User{FF4F94ED-D9DC-4278-B9C0-2BF237A0E5AB}C:\programdata\battle.net\agent\agent.1737\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{25FBDA9A-E868-4B3B-B9FF-D923818511A1}" = Intel(R) PROSet/Wireless WiFi-Software
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{31A767DA-2BA4-F9EF-1747-4AED98BD4212}" = ccc-utility64
"{39969C3E-B297-41E5-9A7B-E252B504B21B}" = Lenovo SimpleTap
"{39A04221-294E-4D90-A0F2-CCB1EF15CB56}" = Lenovo Patch Utility 64 bit
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{57DD35E9-D9BB-4089-BB05-EF933C586CB3}" = Broadcom InConcert Maestro
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1" = ThinkVantage AutoLock
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBDB286E-D477-3C75-7F95-CAE737409050}" = ATI Catalyst Install Manager
"01E3B64834B04ABAC85D8E1D3EBDC567D83AD29B" = Windows-Treiberpaket - Lenovo 1.64.00.00 (07/28/2011 1.64.00.00)
"73C6BE3E3B6FC5418F2B47E6C75F6C8F9552DC12" = Windows-Treiberpaket - Intel (iaStor) hdc (11/06/2010 10.1.0.1008)
"828B05D2B647CDAEA22493F7BFB96847265EE596" = Windows-Treiberpaket - Realtek (RTL8167) Net (12/29/2010 7.037.1229.2010)
"ATI Uninstaller" = ATI Uninstaller
"CNXT_AUDIO_HDA" = Conexant HD Audio
"DDD8A532E361E9A878EBEF69C338B306810DF059" = Windows-Treiberpaket - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0)
"DisableAMTPopup" = Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7
"EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"OnScreenDisplay" = Anzeige am Bildschirm
"PC-Doctor for Windows" = Lenovo ThinkVantage Toolbox
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"WinRAR archiver" = WinRAR 4.10 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{068002C1-0010-57BA-209D-D9B6E0DA62A5}" = Catalyst Control Center Graphics Previews Common
"{09415C3E-4DF1-EE91-8641-DBD2E6EB9F87}" = PX Profile Update
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C7DC0B9-C6A8-9666-8A99-FEF45CD1E2CF}" = CCC Help Portuguese
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect
"{177586E7-E42E-4F38-83D1-D15B4AF5B714}" = Delta Chrome Toolbar
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B38D00E-A7FE-69AB-405E-A2FB92473C8D}" = CCC Help Spanish
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24E92E7A-6848-4747-A3EA-3AAC0576BE52}" = Lenovo Patch Utility
"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
"{2A38A248-77EE-1425-D96F-AA4DDDD042D3}" = CCC Help German
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth (tm) II
"{2DBC8055-BAA2-65E8-3942-E2843FE5B926}" = Catalyst Control Center InstallProxy
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3877A7B2-CDA8-B5E9-00A4-E94A7CD6D472}" = CCC Help Finnish
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3F752762-9BB6-34C9-005A-D265B0713971}" = Catalyst Control Center Profiles Mobile
"{46473AAA-ECD6-340B-2A41-BBEAD7CE1239}" = CCC Help Norwegian
"{4987CBF1-634F-89D9-8D29-D703EA07E4C7}" = CCC Help Greek
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4F038D88-0311-29AF-D825-D3F2D38FAF18}" = Catalyst Control Center
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory 7
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{6090C051-D5A9-7327-9494-A04316488C6C}" = CCC Help Japanese
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6E7CC067-77C3-B53A-EFFC-70A58BF90E5D}" = CCC Help Hungarian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{781A93CD-1608-427D-B7F0-D05C07795B25}" = Intel(R) WiDi
"{7CC6E579-7042-F797-C812-DD14688CB3BA}" = CCC Help Dutch
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Burn.Now 4.5
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A833C64A-8367-4683-91FB-E574143A1726}" = Catalyst Control Center - Branding
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.3 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2CA6F37-1602-4823-81B5-0384B6888AA6}" = Integrated Camera Driver Installer Package Ver.1.1.0.1147
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = The Lord of the Rings, The Rise of the Witch-king
"{B939E0E7-D4CC-01B5-A8AF-E8F16A558D3F}" = CCC Help Chinese Standard
"{BC4A2B6E-DA5E-2802-F161-C5DD27C5138A}" = CCC Help Turkish
"{BD42856F-A3A8-89E8-B307-A6AB5393EF53}" = CCC Help Polish
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C1B0A2C0-C50B-588B-392D-175E21FAA21C}" = CCC Help French
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2B9E4FE-F6BF-B8EA-947B-912557E9E959}" = CCC Help Thai
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5EB9B5A-2964-D5A3-869A-520448200FC3}" = PowerXpressHybrid
"{C9969938-E6DA-E5AE-B662-1D886596541F}" = CCC Help Russian
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F3441B-AAF2-C216-761E-1609CFEF1793}" = CCC Help Danish
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Energie-Manager
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1C82F2E-DFAF-444A-80B3-DE7364A0F01A}" = CCC Help Korean
"{E1E09216-785C-F097-B6F9-DE1F2614EA52}" = CCC Help Italian
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E9E25C9F-92C3-46FC-AB0B-55BE59AD271B}" = CCC Help Swedish
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F1495258-1B5E-7380-3242-17942AFCEAF0}" = CCC Help Czech
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F2672232-FF17-4DC9-8F24-A1E1829FE086}" = BisonCam Twain Pro
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{F7BEC30A-3918-2617-00F9-4D36B9CC42B8}" = CCC Help English
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9AB8BD0-282F-0DFB-14B7-21BC98C8518A}" = Catalyst Control Center Localization All
"{FB99AD73-DFD2-7543-3753-078BEC5EE08F}" = CCC Help Chinese Traditional
"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.14.18.01
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"Blue Byte Game Channel" = Blue Byte Game Channel
"delta" = Delta toolbar
"Diablo II" = Diablo II
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"Google Chrome" = Google Chrome
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory Lenovo Edition
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Corel Burn.Now Lenovo Edition
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"Lenovo Welcome_is1" = Lenovo Welcome
"Mount&Blade" = Mount&Blade
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"OpenAL" = OpenAL
"PriceGong" = PriceGong 2.6.8
"ProInst" = Intel PROSet Wireless
"Revo Uninstaller" = Revo Uninstaller 1.94
"searchya" = SearchYa!
"StarCraft II" = StarCraft II
"Steam App 440" = Team Fortress 2
"Steam App 570" = Dota 2
"Wajam" = Wajam
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.10 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.11.2012 20:42:21 | Computer Name = Vadmin-THINK | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 18.11.2012 02:26:24 | Computer Name = Vadmin-THINK | Source = WinMgmt | ID = 10
Description =
Error - 18.11.2012 02:28:19 | Computer Name = Vadmin-THINK | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe_LanmanServer, Version:
6.1.7600.16385, Zeitstempel: 0x4a5bc3c1 Name des fehlerhaften Moduls: unknown, Version:
0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000000000
ID
des fehlerhaften Prozesses: 0x404 Startzeit der fehlerhaften Anwendung: 0x01cdc5558e90e25b
Pfad
der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe Pfad des fehlerhaften
Moduls: unknown Berichtskennung: 24745f4c-3149-11e2-aee4-f0def1a6fa4a
Error - 18.11.2012 02:28:29 | Computer Name = Vadmin-THINK | Source = WinMgmt | ID = 10
Description =
Error - 18.11.2012 12:53:08 | Computer Name = Vadmin-THINK | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 18.11.2012 12:53:08 | Computer Name = Vadmin-THINK | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 18.11.2012 16:04:10 | Computer Name = Vadmin-THINK | Source = WinMgmt | ID = 10
Description =
Error - 18.11.2012 16:54:49 | Computer Name = Vadmin-THINK | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 19.11.2012 07:46:27 | Computer Name = Vadmin-THINK | Source = WinMgmt | ID = 10
Description =
Error - 19.11.2012 08:56:36 | Computer Name = Vadmin-THINK | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
[ Lenovo-Lenovo Patch Utility/Admin Events ]
Error - 29.07.2012 08:48:00 | Computer Name = Vadmin-THINK | Source = Lenovo Patch Utility | ID = 2
Description = Can not grant access to Everyone: Manche oder alle Identitätsverweise
konnten nicht übersetzt werden.
Error - 29.07.2012 08:48:03 | Computer Name = Vadmin-THINK | Source = Lenovo Patch Utility | ID = 1
Description = HttpFileDownloader failed to download the file "hxxp://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches/x64//PM.manifest.xml".
Error message: Der Remoteserver hat einen Fehler zurückgegeben: (404) Nicht gefunden.
[ System Events ]
Error - 02.04.2013 12:40:05 | Computer Name = Vadmin-THINK | Source = DCOM | ID = 10010
Description =
Error - 02.04.2013 19:44:10 | Computer Name = Vadmin-THINK | Source = DCOM | ID = 10010
Description =
Error - 02.04.2013 19:44:34 | Computer Name = Vadmin-THINK | Source = DCOM | ID = 10010
Description =
Error - 04.04.2013 20:35:25 | Computer Name = Vadmin-THINK | Source = DCOM | ID = 10010
Description =
Error - 04.04.2013 20:35:27 | Computer Name = Vadmin-THINK | Source = DCOM | ID = 10010
Description =
Error - 05.04.2013 05:43:33 | Computer Name = Vadmin-THINK | Source = DCOM | ID = 10010
Description =
Error - 05.04.2013 06:20:35 | Computer Name = Vadmin-THINK | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Spooler erreicht.
Error - 05.04.2013 08:56:11 | Computer Name = Vadmin-THINK | Source = DCOM | ID = 10010
Description =
Error - 05.04.2013 12:30:05 | Computer Name = Vadmin-THINK | Source = DCOM | ID = 10010
Description =
Error - 05.04.2013 20:26:05 | Computer Name = Vadmin-THINK | Source = DCOM | ID = 10010
Description =
< End of report >
Was muss/sollte ich jetzt als nächstes tun? |
