Windows 7: booten dauert sehr lange, Firefox öffnet Werbung/Fenster Guten Abend,
seit einigen Monaten habe ich schon das Gefühl, dass es sehr lange dauert, bis der Systemstart mit Windows7 auf meinem Laptop abgeschlossen ist. Seit Mitte August kam das Problem hinzu, dass Firefox ständig neue Fenster und Werbung öffnet, so dass ich einen Virus vermutete.
Leider kenne ich mich nicht gut mit Computern aus. Zuerst habe ich mit RegCleanPro versucht die Bootzeit zu verkürzen, was nicht geklappt hat, weshalb ich das Programm wieder deinstalliert habe.
Dann habe ich Antivir installiert und dann auch die empfohlene Bereinigung durchgeführt. Code:
Exportierte Ereignisse:
24.08.2014 18:35 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\***\Documents\Exe_Dateien\AudioConverterSetup.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen7'
[adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '51d7b9a1.qua'
verschoben!
15.08.2014 19:05 [System-Scanner] Malware gefunden
Die Datei 'C:\AdwCleaner\Quarantine\C\Program Files
(x86)\Whilokii\WhilokiiBHO.dll.vir'
enthielt einen Virus oder unerwünschtes Programm 'APPL/BrowseFox.Gen2'
[program].
Durchgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler
aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
Die Quelldatei konnte nicht gefunden werden.
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
Die Datei existiert nicht!
15.08.2014 18:36 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\***\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\2RXAX51P\GenesisInstaller[1].exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/NaviPromo.67395' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
15.08.2014 17:42 [System-Scanner] Malware gefunden
Die Datei 'C:\AdwCleaner\Quarantine\C\Program Files
(x86)\Whilokii\WhilokiiBHO.dll.vir'
enthielt einen Virus oder unerwünschtes Programm 'APPL/BrowseFox.Gen2'
[program].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5134b8bc.qua'
verschoben!
15.08.2014 16:59 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\AdwCleaner\Quarantine\C\Program Files
(x86)\Whilokii\WhilokiiBHO.dll.vir'
wurde ein Virus oder unerwünschtes Programm 'APPL/BrowseFox.Gen2' [program]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
15.08.2014 16:31 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\***\Downloads\flplayer_setup.exe'
enthielt einen Virus oder unerwünschtes Programm 'Adware/InstallCore.AU.23'
[adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '49e7a66d.qua'
verschoben!
15.08.2014 16:31 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\***\Downloads\downloadmanagersetup.exe'
enthielt einen Virus oder unerwünschtes Programm 'APPL/Downloader.Gen6'
[program].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '514b89c8.qua'
verschoben!
15.08.2014 16:26 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\***\AppData\Local\Temp\4B0Ctmp\genesisinstaller.exe'
enthielt einen Virus oder unerwünschtes Programm 'Adware/NaviPromo.67395'
[adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '513f8b8e.qua'
verschoben!
15.08.2014 16:26 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\***\Downloads\flplayer_setup.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.AU.23' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
15.08.2014 16:24 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\***\Downloads\downloadmanagersetup.exe'
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen6' [program]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
15.08.2014 16:22 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\Users\***\AppData\Local\Temp\4B0Ctmp\genesisinstaller.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/NaviPromo.67395' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
15.08.2014 16:11 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\***\Documents\Downloads\setup.exe'
enthielt einen Virus oder unerwünschtes Programm 'APPL/Downloader.Gen'
[program].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '516a8598.qua'
verschoben!
15.08.2014 16:07 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\***\Documents\Downloads\setup.exe'
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
15.08.2014 15:58 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\***\Documents\Dorothee-----------------------------------------\
Bewerbungen\Setup.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Dropper.Gen' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '511b8636.qua'
verschoben!
15.08.2014 15:55 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\Users\***\Documents\Dorothee-----------------------------------------\
Bewerbungen\Setup.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Dropper.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
15.08.2014 15:32 [System-Scanner] Malware gefunden
Die Datei 'C:\Program Files\005\hzunyanhtn64.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware].
Durchgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler
aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
Die Quelldatei konnte nicht gefunden werden.
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
Die Datei existiert nicht! Danach habe ich Maleware installiert und auch hier einen Scan durchgeführt und die Bereinigung durchgeführt. Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 15.08.2014
Suchlauf-Zeit: 16:01:30
Logdatei: maleware.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.15.06
Rootkit Datenbank: v2014.08.04.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ***
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 321353
Verstrichene Zeit: 43 Min, 0 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 9
PUP.Optional.WinGuard.A, HKU\S-1-5-21-1769507490-4185185962-1217567553-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E4BF64E4-237E-48E7-B43B-DA6E1B60D81A}, In Quarantäne, [f2f006c02e4d7bbb1c6c9dcd3dc53cc4],
PUP.Optional.WinGuard.A, HKU\S-1-5-21-1769507490-4185185962-1217567553-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E4BF64E4-237E-48E7-B43B-DA6E1B60D81A}, In Quarantäne, [f2f006c02e4d7bbb1c6c9dcd3dc53cc4],
PUP.Optional.Adpeak.A, HKLM\SOFTWARE\AllDay Savings, In Quarantäne, [6e74ab1b90eb80b6385d2db5be44857b],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, In Quarantäne, [5a8813b34b305dd9ba28d10c1ee4eb15],
PUP.Optional.Adpeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AllDaySavingsService64, In Quarantäne, [21c1953196e581b518ea0cd714eeb24e],
PUP.Optional.BrowsersApp.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Browsers Apps, Löschen bei Neustart, [e7fba125dba053e3209a2fb1c33fff01],
PUP.Optional.1ClickMovieDownload.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\ClickMovie1-Downloaderv10, Löschen bei Neustart, [885abd09ee8d191df15e5f84ad55639d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
Registrierungswerte: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-1769507490-4185185962-1217567553-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, In Quarantäne, [cf1326a0087359dde0c346a107fb28d8]
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 4
PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam, In Quarantäne, [da083e8819620e28c7897756c63c26da],
PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings, In Quarantäne, [c91924a2e5963afc55e333a0b250867a],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings\SSL, In Quarantäne, [c91924a2e5963afc55e333a0b250867a],
Dateien: 32
PUP.Optional.Bundlore, C:\Users\***\Documents\Downloads\setup.exe, In Quarantäne, [5f83eed84635c076b3fe1e7ae71db848],
PUP.Optional.SearchProtect.A, C:\Users\***\AppData\Local\Temp\nsn550.tmp, In Quarantäne, [c71b7551d5a64aecebbb6136e51cc739],
PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nst2863.exe, In Quarantäne, [7b671fa7de9da88ea4db9cf1818042be],
PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nstED01.exe, In Quarantäne, [4a988d395922e55186f9f79640c14db3],
PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nsy1F68.exe, In Quarantäne, [d40ec5014e2d2016b3cca4e9f30e669a],
PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nsz8D2.exe, In Quarantäne, [8d556462bbc00432681764299e63c838],
PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\SearchProtectINT.exe, In Quarantäne, [f3ef9333e3986bcb8f3d2ef956ab50b0],
PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nsb3C0B.exe, In Quarantäne, [f1f18d39d1aa49edd5aab7d6dd242ed2],
PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nsj524.exe, In Quarantäne, [d1112b9b700b54e2a7d8fc91976aa858],
PUP.Optional.Conduit.A, C:\Users\***\AppData\Local\Temp\nsjD40B.exe, In Quarantäne, [b62c23a34b30d363e59aace17e83bb45],
PUP.Optional.Installcore, C:\Users\***\AppData\Local\Temp\is-VU2BP.tmp\IMNS.exe, In Quarantäne, [4f93fdc989f2de58ea3507a7976aad53],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Temp\6032tmp\setup.exe, In Quarantäne, [ecf65c6a225967cf31f6c7899a6652ae],
PUP.Optional.VIT, C:\Users\***\Downloads\installer_anubis_typhoon_6-in-1_card_reader_1_0_Deutsch.exe, In Quarantäne, [27bbd4f29fdc122424d5809f05fce818],
PUP.Optional.Softonic.A, C:\Users\***\Downloads\SoftonicDownloader_fuer_gpl-ghostscript.exe, In Quarantäne, [b230ba0c5a2187af450d72b9b74af30d],
PUP.Optional.AllDaySavings.A, C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\me67nmf2.default\extensions\j005-bwqhdvbmcimdkh@jetpack.xpi, In Quarantäne, [1fc3d3f3710a81b5a2d15b82d82a34cc],
PUP.Optional.IStartSurf.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml, In Quarantäne, [558d5d690a7194a2d047815e1de5c13f],
PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbjikboenpfhbbejgkoklgkhjpfogcam_0.localstorage, In Quarantäne, [c919fbcb36455adc60b6142d659fba46],
PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\000003.log, In Quarantäne, [da083e8819620e28c7897756c63c26da],
PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\CURRENT, In Quarantäne, [da083e8819620e28c7897756c63c26da],
PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\LOCK, In Quarantäne, [da083e8819620e28c7897756c63c26da],
PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\LOG, In Quarantäne, [da083e8819620e28c7897756c63c26da],
PUP.Optional.AmazonBrowserBar.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\MANIFEST-000002, In Quarantäne, [da083e8819620e28c7897756c63c26da],
PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\GoogleCrashHandler.exe, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\GoogleUpdate.exe, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\GoogleUpdateBroker.exe, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\GoogleUpdateHelper.msi, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\GoogleUpdateOnDemand.exe, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\goopdate.dll, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\goopdateres_en.dll, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\npGoogleUpdate4.dll, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\psmachine.dll, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
PUP.Optional.GlobalUpdate.A, C:\Users\***\AppData\Local\Temp\comh.263328\psuser.dll, In Quarantäne, [28ba497dee8d41f5ebb8c30e58aa20e0],
Physische Sektoren: 0
(No malicious items detected)
(end) Hier die noch erforderlichen Logfiles:
Defogger Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:41 on 24/08/2014 (***)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=- FRST.txt ist aus Platzgründen angehängt.
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-08-2014 03
Ran by *** at 2014-08-24 18:05:14
Running from C:\Users\***\Documents\Dorothee-----------------------------------------\Bewerbungen
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1&1 Upload-Manager (HKLM-x32\...\1&1 Upload-Manager) (Version: 2.0.676 - 1&1 Internet AG)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.0.0.19 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.83 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.33.00 - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Bibliographix 8 (HKLM-x32\...\Bibliographix 8_is1) (Version: - Bibliographix GbR)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.48.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.334 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Digital Media Converter 4.0 (HKLM-x32\...\Digital Media Converter 4.0_is1) (Version: - Deskshare Inc.)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
DisplayLink Core Software (HKLM\...\{B57D4097-F2FE-4222-BA02-46C6EC8B7944}) (Version: 6.1.35392.0 - DisplayLink Corp.)
Dolet Light for Finale (HKLM-x32\...\{457B00DC-314C-48E8-870E-BE04B2DCC1E9}) (Version: 1.0.1 - Recordare LLC)
Duden-Bibliothek (HKLM-x32\...\{5C81B189-5456-40C4-9313-7FE6FA6DD64C}) (Version: 5.1.0 - Bibliographisches Institut AG)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.16 - )
f4 3.1.0 (HKLM-x32\...\f4) (Version: 3.1.0 - MAXqda)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Finale PrintMusic 2009 (HKLM-x32\...\Finale PrintMusic 2009) (Version: 14.0.5.1 - MakeMusic)
Fingerprint Reader (HKLM\...\{7DD99174-299B-4450-A179-7F27F4C2D042}) (Version: 6.0.200.105 - AuthenTec, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.02) (Version: 9.02 - Artifex Software Inc.)
GSview 5.0 (HKLM\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
IBM SPSS Statistics 19 (HKLM-x32\...\{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}) (Version: 19.0.0 - SPSS Inc., an IBM Company)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{C862EC05-1C15-4327-B15D-C7788D6CFF73}) (Version: 2.1.1 - Brice Lambson)
Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2639 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.34813 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Graphics Software (HKLM\...\{A8CAC260-092D-41DA-A38F-73AF4226B021}) (Version: 6.1.35401.0 - Lenovo)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.4.0 - Lenovo Group Limited)
Lenovo SimpleTap (HKLM\...\{BF601122-9F0A-41A9-BA06-3158D9FB4B80}) (Version: 3.2.0004.00 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited)
Lenovo Solutions for Small Business (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 1.1.27.5565 - Intel(R) Corporation)
Lenovo Solutions for Small Business Customizations (HKLM-x32\...\{5B5DEF99-85E9-423D-A1A3-B83202697B09}) (Version: 1.0.0006.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0012.00 - Lenovo Group Limited)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MAXQDA 10 (R140612) (HKLM-x32\...\MAXQDA10) (Version: (R140612) - VERBI Software.Consult.Sozialforschung GmbH)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{7F8205DE-DDFA-4156-ADA2-766E9CB4FABC}) (Version: 3.0.0012.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders (German) 12 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.0.162.0 - Microsoft Corporation) Hidden
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.5 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.5 (x86 de)) (Version: 17.0.5 - Mozilla)
MPC-HC 1.6.6.6957 (3975d54) (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.6.6957 - MPC-HC Team)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.6 - )
OneKey Recovery Pro (HKLM-x32\...\{FF162784-CFFE-4193-AE24-7FC476812ABE}) (Version: 4.50.0009.00 - Lenovo Group Limited)
OpenVPN 2.2.1 (HKLM-x32\...\OpenVPN) (Version: 2.2.1 - )
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.20 - Lenovo)
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 1.00.0802 - Lenovo)
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Renee Undeleter 2013.4.27.0 (HKLM-x32\...\{BECFEA3A-6E81-436B-9D2B-6B01185004A5}}_is1) (Version: 2013.4.27.0 - Rene.e Laboratory)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
TeXnicCenter Version 1.0 Stable RC1 (HKLM-x32\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.7.0 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.76 - Lenovo)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.11 - VeriSign)
WD SmartWare (HKLM\...\{9798BB87-01B9-4D46-8EA0-6681E72BDE87}) (Version: 1.6.5.2 - Western Digital Technologies, Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - Intel (iaStor) hdc (11/29/2011 11.0.0.1032) (HKLM\...\64A62163FE43328D13305746CB8BCC93F2DF6545) (Version: 11/29/2011 11.0.0.1032 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (04/02/2012 16.0.5.2) (HKLM\...\76052A6680822C2132A1EB4E64568F3C9591560E) (Version: 04/02/2012 16.0.5.2 - Synaptics)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{6F731616-D7E1-4D78-9403-69B51A759ADE}) (Version: 21.00.8480 - Buhl Data Service GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
08-08-2014 10:54:28 Installed Lenovo Power Management Driver
08-08-2014 20:12:22 Windows Update
12-08-2014 19:02:50 Windows Update
12-08-2014 19:38:14 Reimage Express Restore Point
12-08-2014 20:39:54 RegClean Pro Di, Aug 12, 14 22:39
12-08-2014 21:43:14 RegClean Pro Di, Aug 12, 14 23:43
13-08-2014 05:13:48 Removed DriverUpdate
13-08-2014 21:17:00 Windows Update
15-08-2014 16:43:48 Removed Evernote v. 4.2.3
15-08-2014 16:45:09 Removed iCloud
15-08-2014 16:49:14 Entfernt WISO Steuer-Sparbuch 2013
24-08-2014 13:50:15 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0D7059C4-B200-44FA-A032-44B1C7F20418} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {176A3A7D-D0C6-4C0B-81CF-7A71EF9324A3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {18E0E76F-8724-475C-A9AF-DBA3E2C9365C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-05-06] (Lenovo)
Task: {1C19FDFC-19D0-402E-885D-51DC75794E45} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {2DCEF08B-61D0-48DB-859B-F0FE2FF16BA2} - System32\Tasks\{965A1954-A289-4E15-9215-6CD9AFF21493} => C:\Users\***2\Downloads\lide25vst6411011ade\SetupSG.exe
Task: {347AA3DC-1B1F-4CB9-A96F-6B407E1212B3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {34DD60FE-EDF9-4008-A919-4A1A89966389} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1769507490-4185185962-1217567553-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {3AE38F53-319A-411A-A220-16BB702E7F2D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {3B929BFA-7E6C-49E2-B5AE-5E31F0EF7760} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {40A60D0F-8A98-4E24-83BB-AF7760D39E47} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {475A81FB-767C-40A7-94BE-D0168D44F970} - System32\Tasks\{963B18C7-1B59-4A88-86DF-0C5AAF723435} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation)
Task: {4B8CC5B7-EA71-48CE-BB79-309B149BED8F} - System32\Tasks\{0B7D39C8-83C8-4665-B34B-0197A9037478} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation)
Task: {51A25DAB-E129-42F9-BE52-DA5EE6E1F2F6} - System32\Tasks\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {5439A35B-CF42-496C-8CE0-922E961DDDFC} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for ***-THINK.*** => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo)
Task: {5DD7DE8D-803B-481D-B66C-AC20FC320100} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
Task: {5F78C279-8EAF-4984-8F6A-94B7C1E24A1C} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {673716AF-9080-43E7-97CC-566A197B32DC} - System32\Tasks\{1DCA7436-095B-4122-8B37-CF9D15B7F46B} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation)
Task: {825D96CE-FCE1-4416-B489-68C550F5B7CF} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {926F9A79-8D55-4640-B2AA-2477A2B363B8} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {966132C5-DBDF-468F-BC4F-BE93F86A2859} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {A58265A5-5E75-45B8-85A6-D14EF2F33571} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {AB9C7099-8A17-4DD0-B47D-92C87E1D0C83} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-05-27] (Lenovo)
Task: {AE611976-EAD3-4231-8228-D6B86C1D46EB} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {AFC94A9C-41A4-4590-B648-8DDED60F46D2} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2012-02-24] (Lenovo)
Task: {B12F84ED-FDAD-4EE3-8724-527322F0EF63} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {B3872FCE-49CB-484E-A922-EF0EA867C237} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {B701B5BA-D79D-4CCC-9EAA-6429064B3A5F} - System32\Tasks\DriverUpdate Daily Scan => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: {B791AEB0-C55E-4756-9F20-F95C4A97CE4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-18] (Google Inc.)
Task: {C0E4A61A-3DF7-451F-B451-E4B59A70252D} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {C0F82AAA-F72A-4E2E-8E91-FD2C820A43CC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {C1302C62-1611-448F-BEAE-AE3C3A8DDFEA} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {C6E6E59F-10FC-464C-9D03-21341528842E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-18] (Google Inc.)
Task: {E8F25F16-95BC-450F-ADB2-B1774AC16FDF} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1769507490-4185185962-1217567553-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {EBFEE693-47C1-4B37-8FC8-43CD13EC9B03} - System32\Tasks\{FD161BF0-105E-4EDD-B4F9-D24D4CF07C08} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation)
Task: {EEA004DC-FF76-4CD5-A2CB-4D47C1CCD4AA} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {F35E6234-3A18-4413-96AC-7ED4D1EFF2A6} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2012-04-11] (Lenovo Group Limited)
Task: {FFD93581-FBE5-40F4-B8F5-C400FF00C3D2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverUpdate Daily Scan.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Loaded Modules (whitelisted) =============
2013-09-24 14:21 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\ZLhp1020.DLL
2013-09-24 14:21 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2012-06-18 14:45 - 2012-03-07 00:49 - 00128280 ____N () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2013-08-07 03:03 - 2013-08-07 03:03 - 01130792 _____ () C:\Program Files\Lenovo Fingerprint Reader\DataManager.dll
2013-08-07 03:04 - 2013-08-07 03:04 - 00087848 _____ () C:\Program Files\Lenovo Fingerprint Reader\ssutil.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 04300432 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-06-18 14:55 - 2012-04-11 23:16 - 00103936 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2012-06-18 14:46 - 2012-02-01 21:34 - 00094208 ____N () C:\Windows\System32\IccLibDll_x64.dll
2013-06-06 21:40 - 2010-10-26 12:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-08-15 13:24 - 2014-08-24 18:00 - 00050477 _____ () C:\Users\***\Documents\Dorothee-----------------------------------------\Bewerbungen\Defogger.exe
2012-08-27 21:33 - 2012-08-27 21:33 - 00087912 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 01242512 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-06-18 15:02 - 2012-01-17 08:29 - 00030512 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2012-06-18 14:56 - 2011-08-02 04:58 - 02201088 ____N () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2012-06-18 14:56 - 2011-08-02 04:58 - 02085888 ____N () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2013-04-16 17:52 - 2012-04-09 00:40 - 03470848 ____N () C:\Program Files (x86)\ffdshow\ffdshow.ax
2014-03-14 17:47 - 2014-03-14 17:47 - 00092504 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2014-07-14 16:49 - 2014-07-14 16:49 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-14 16:49 - 2014-07-14 16:49 - 00065104 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 ____N () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-08 13:21 - 2014-08-08 13:21 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 ____N () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2011-06-30 10:41 - 2011-06-30 10:41 - 72522112 ____N () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\MSORES.DLL
2014-08-15 15:26 - 2014-07-14 16:49 - 00049744 _____ () C:\Users\***\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2012-06-18 14:44 - 2012-03-07 00:27 - 01198872 ____N () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-07-08 23:41 - 2014-07-08 23:41 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
2012-06-18 14:55 - 2012-04-11 23:16 - 00112640 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMROV.DLL
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: PDF Architect Helper Service => 2
MSCONFIG\Services: PDF Architect Service => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: VIPAppService => 2
MSCONFIG\Services: WDBackup => 2
MSCONFIG\Services: WDDriveService => 2
MSCONFIG\Services: WDRulesService => 2
MSCONFIG\startupfolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk => C:\Windows\pss\Persbackup.lnk.Startup
MSCONFIG\startupreg: 1&1_1&1 Upload-Manager => "C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE" /hide
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/24/2014 03:55:20 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (08/24/2014 03:44:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2014 06:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7098
Error: (08/16/2014 06:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7098
Error: (08/16/2014 06:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/16/2014 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20482
Error: (08/16/2014 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20482
Error: (08/16/2014 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/16/2014 06:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10077
Error: (08/16/2014 06:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10077
System errors:
=============
Error: (08/24/2014 03:38:33 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5}
Error: (08/24/2014 03:38:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (08/16/2014 06:26:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.
Error: (08/16/2014 06:26:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TPHKSVC erreicht.
Error: (08/16/2014 04:47:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.
Error: (08/15/2014 10:29:43 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {7D1ADD0A-5D7B-481E-8351-4C048AD401BE}
Error: (08/15/2014 04:52:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/15/2014 04:51:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.
Error: (08/15/2014 04:51:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (08/15/2014 04:51:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AcSvc" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (08/24/2014 03:55:20 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: F:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (08/24/2014 03:44:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2014 06:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7098
Error: (08/16/2014 06:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7098
Error: (08/16/2014 06:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/16/2014 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20482
Error: (08/16/2014 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20482
Error: (08/16/2014 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/16/2014 06:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10077
Error: (08/16/2014 06:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10077
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 77%
Total physical RAM: 3685.47 MB
Available physical RAM: 818.67 MB
Total Pagefile: 7369.12 MB
Available Pagefile: 3569.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:446.72 GB) (Free:321.26 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:17.58 GB) (Free:4.29 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8A4FD910)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.6 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Gmer: Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-24 19:15:38
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.MC10 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\***~1\AppData\Local\Temp\awxcruow.sys
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8116:8004] 000007fefc882bf8
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8116:6420] 000007fee16e4830
---- EOF - GMER 2.1 ---- Ich hoffe, ich habe alle erforderlichen Informationen beisammen und mir kann jemand helfen.
Herzlichen Dank schon einmal im Voraus!!
Theed |