anbei die logfiles. Ältere Logfiles von Malwarebytes hab ich auch allerdings immer nur Quick Scan und immer ohne das infizierte Dateien entdeckt wurden.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5610
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005
26.01.2011 22:45:27
mbam-log-2011-01-26 (22-45-27).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|S:\|)
Durchsuchte Objekte: 350883
Laufzeit: 1 Stunde(n), 46 Minute(n), 36 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\program files\pdfforge toolbar\searchsettingsres409.dll (PUP.Dealio) -> Quarantined and deleted successfully.
c:\program files\pdfforge toolbar\widgihelper.exe (PUP.Dealio) -> Quarantined and deleted successfully.
c:\Users\al\documents\corel draw x5 with keygen\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
und OTL:OTL Logfile: Code:
OTL Extras logfile created on: 26.01.2011 22:51:46 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\al\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 29,00% Memory free
5,00 Gb Paging File | 3,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,65 Gb Total Space | 33,92 Gb Free Space | 15,30% Space Free | Partition Type: NTFS
Drive Q: | 9,77 Gb Total Space | 3,63 Gb Free Space | 37,12% Space Free | Partition Type: NTFS
Drive S: | 1,46 Gb Total Space | 0,51 Gb Free Space | 34,54% Space Free | Partition Type: NTFS
Computer Name: AL-PC | User Name: al | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\al\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{367D69D5-574D-4937-A9AC-C4E633E44781}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5D78A966-018D-4684-94B1-767861C78FDC}" = lport=49163 | protocol=6 | dir=in | name=akamai netsession interface |
"{6A4886ED-F5DC-482A-89AE-FD8AEFE52CE6}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{6C030E8B-408F-4098-B277-3DF504152A4A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{DD730A83-D7B3-4CE2-9552-FC89269B0F00}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001EBB61-7D93-4B8B-AE43-E79C3EC66B1F}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |
"{03055C9A-7A3F-4A6C-94FC-FE31FC240595}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{158075AF-E6DA-4DE7-89A8-75B6CFFDDA49}" = protocol=6 | dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{2A711030-C5C2-4E99-A918-C3C9E030BBA0}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2B91A6E7-2731-48D3-A4D8-A07BB86F9A47}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |
"{3E0A3564-E8A9-4D8F-A111-CFE2209D5172}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{415268FA-C105-473F-885E-E88BA7E3BD83}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4EB5CB08-2BA7-4087-AADF-BFD2C1C2E403}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{55F625E1-F212-42A4-90A1-394DFB1B228E}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{639D9AE0-235C-4C91-B424-224AC3ABB0D6}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{7B5B2793-4DA1-46BA-A329-347B011A7C1C}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{81328BD2-D1C8-42C3-8F10-7E697802EA96}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8FA81627-A3AD-41B1-A581-778F471C2DB6}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{9322619E-A5FE-479A-B6F8-4BA0F9277EFF}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{9747C973-0110-45A2-9226-E0712EAFFC91}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{9D0991C3-E071-4F74-B976-FB42E6BF353B}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{AB00FFFA-8D91-4EEE-9C48-CB5E134E72DF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B1226355-F468-401F-87ED-954B44B594CC}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B6863B8A-DA2D-4BEF-A9DC-A2B62C147C3A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C847F6BE-3E6C-4A7F-B903-1EF4F6FB8CB7}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{C8FC8704-3EB9-4E20-A3DC-19DFA81D41AD}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{D5577D59-4029-4F6F-91BC-BBB0EF683D4A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D85A26EA-FB5E-4E15-8158-673F6952534C}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{E30DDCF2-BA80-49ED-8135-FABB1EB59839}" = protocol=17 | dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{E3FDCF6C-D18E-4DA0-8877-9040331D5183}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{FE739B55-2246-4F97-845C-EB641F46177D}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FEEEC11B-818B-4824-BA6A-24FE39B29C02}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{1C769DB0-3BAB-4464-9264-0D9FA47516A7}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{24854D71-CE78-4298-8D97-0EC138C70D32}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{2A09B9D1-C88D-4BCF-9B1F-81EBC4EFC43F}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{37D52B92-BB19-43CB-9854-F3B636754F37}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{5F214A4B-F8DE-42F2-843A-300BAA679A39}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{68F10FAD-D3DB-4DAC-A551-5D13CDA7ECD1}C:\program files\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16755\sc2.exe |
"TCP Query User{85E5849C-B4BE-418F-BD52-47FBF756FBA9}C:\program files\starcraft ii\versions\base16561\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16561\sc2.exe |
"TCP Query User{91C5AE6F-A1B7-4315-A49B-CA6AAD44E689}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{A7EDD122-6C03-4536-B490-50D0CED21664}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{C30CFB72-E8F2-4186-BA92-F1A4F7508F84}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{C31E8221-48EB-4C1F-9EFC-EEA14AC71EDA}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{C503BBEC-FC0C-457B-A472-BA407DDA550F}C:\program files\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16605\sc2.exe |
"TCP Query User{C5DDF32F-D2EE-4479-B4CC-E87449169456}C:\users\al\downloads\starcraft_2_eu_de-de.exe" = protocol=6 | dir=in | app=c:\users\al\downloads\starcraft_2_eu_de-de.exe |
"UDP Query User{00BC75F9-28FD-431B-988E-67DB178C653B}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{0C0D1E3C-0E8D-458F-98C0-0F36CBFAC323}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{0F499181-BFA5-4CA0-BC83-1B53FA102765}C:\program files\starcraft ii\versions\base16561\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16561\sc2.exe |
"UDP Query User{394D999A-1041-4227-B125-B43F9293348D}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{4C088AF4-DAF4-4656-9855-68A2166A1D93}C:\users\al\downloads\starcraft_2_eu_de-de.exe" = protocol=17 | dir=in | app=c:\users\al\downloads\starcraft_2_eu_de-de.exe |
"UDP Query User{5D093671-6695-4DBE-A4F1-1D40FC1BBE64}C:\program files\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16605\sc2.exe |
"UDP Query User{74FDA0EE-188B-4E25-8837-C86BAE9225EA}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{7A3F3378-E017-41A9-BB1E-99ADE81BD845}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{8515B17D-EB7F-4E9B-9F6B-D5A8C14BA8B4}C:\program files\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{9A3327D0-7A9B-4EA0-826E-4BA517DCC011}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{BDA38D86-6916-47C3-A206-8B50F2DC7EFE}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{C3244345-B05C-4B47-A31E-3AD13EF17A28}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{EF4F16D8-A51A-4E16-B743-B72C36921B76}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}" = RICOH R5U230 Media Driver ver.2.02.02.01
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{052E244C-3674-8907-D9C3-092C89521B94}" = Catalyst Control Center Localization Korean
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{09A84D86-C709-4825-9548-ACF4838D478D}" = Intel(R) PROSet/Wireless WiFi Software
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{10F90FAD-6627-7113-86AE-C243C74F0DEF}" = CCC Help German
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad EasyEject Utility
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1433371A-F983-9562-3947-92420A72849D}" = Catalyst Control Center Graphics Previews Vista
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{22266E88-29AF-8D27-F85F-DD75D76E4AE2}" = Catalyst Control Center Localization German
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23146B80-2B64-023D-0696-A753E5C45FB4}" = Catalyst Control Center Graphics Full Existing
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2BD2FA21-B51D-4F01-94A7-AC16737B2163}" = Adobe Flash Player 10 ActiveX
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Drag-to-Disc
"{340A2AD6-0679-46DA-9180-DABBD5B36FD1}" = BitDefender Antivirus Pro 2011
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{3752F72E-A481-41C7-256B-C20D7BFBE3BC}" = CCC Help English
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Integrated Camera
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D717E8B-7AF0-4FDF-87FA-6C5797A1B995}" = Roxio Creator Business Edition
"{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{433894BE-54BF-CC72-2147-14EA837ADC87}" = CCC Help Portuguese
"{44E9D4C2-946C-4378-9354-558803C47A68}" = Client Security - Password Manager
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{4AB5764A-3894-49A2-BAA8-C4665F74CD4C}" = Registry patch to improve USB device detection on resume from sleep for Windows Vista
"{4BD295B9-0190-4C54-B08E-33A6ECA922DF}" = ThinkVantage Access Connections
"{4EC8B911-98AB-4819-B5EE-D32E8A0A8AAA}_is1" = DVDx 2
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{52F58309-1687-0C82-699A-27D9029B9429}" = CCC Help Spanish
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business Edition
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{5791B7D3-8B34-4218-9750-6A8E45D0AD32}" = pdfforge Toolbar v1.1.2
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F64E152-51C1-47B4-BEA8-007D73C7460F}" = Cisco AnyConnect VPN Client
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{668ACF05-E455-4932-A2D2-5822A8206FEB}" = Camera Center
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6ADC5DFC-24AA-D4E1-478A-5CD6337F8051}" = Catalyst Control Center Localization Italian
"{6B00B854-F04B-5C6A-63C5-21B9EF8CE3CF}" = CCC Help French
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Lenovo Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{771C80E2-7A02-D773-96C3-155F217CD02A}" = CCC Help Japanese
"{7A408D56-A9CF-4219-9F78-23E6B48A1C0D}" = Verizon Wireless Mobile Broadband Self Activation
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7B647582-EE62-8275-9D76-15692741C585}" = Catalyst Control Center Localization Chinese Traditional
"{7E4C16B8-8F76-4940-8505-98E93C00BF19}" = Rescue and Recovery
"{821456F8-EB18-41A8-DED5-695096B7D9D6}" = Catalyst Control Center Localization Chinese Standard
"{8220C00D-CBA1-AB41-1A66-7B99FAEF65F9}" = ATI Catalyst Install Manager
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ACB5112-A58B-7283-B771-6271A0D9471D}" = Catalyst Control Center Core Implementation
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8EBBED54-C2D0-928A-7CA9-D28FAD39C4B6}" = CCC Help Korean
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90FABD40-E741-446F-839D-CEAE905D63BE}" = ThinkPad Mobility Center Customization
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
"{94B1AD86-8764-8853-F4BB-7F92D5E94AA3}" = Catalyst Control Center Graphics Full New
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97BBF90F-A852-4AA0-872B-42D13AA22D94}" = Mobile Broadband Connect
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B14495A-E66F-3D68-3B03-D40A6862D6D7}" = ccc-utility
"{9FCE66F0-EE03-43BD-916E-66EDF0DBC18C}" = Catalyst Control Center - Branding
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7EE37A9-367B-651F-9F4A-0BDE35D7417F}" = CCC Help Chinese Standard
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{ABC6E084-55EA-5860-4654-B21FFE886B1B}" = PX Profile Update
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AE2832A3-8108-F2BF-7086-BE66D29106E7}" = Catalyst Control Center Graphics Light
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA0B7C1F-5315-50C4-1EE9-FFA688A28C74}" = Catalyst Control Center Localization Spanish
"{BAAC402D-86A7-3918-4A24-7C8E83AE1756}" = CCC Help Swedish
"{BBDD2E21-F74F-FE49-956D-13FB1999DC28}" = CCC Help Italian
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BF1ECD50-5A11-B18B-4AA0-20E41E7C20F7}" = Catalyst Control Center Localization Japanese
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{C710E77E-6AC2-608B-214C-CEF6B9CDBA6E}" = Catalyst Control Center InstallProxy
"{C945C17F-2E78-4511-ABB6-EF637D2EE8FB}" = Skins
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CCCF9048-DAFD-F1F5-B860-9B5C32FBD2D6}" = Catalyst Control Center Localization Portuguese
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D22E6706-136E-4810-AF2E-359AE30A7323}" = ThinkVantage Status Gadget
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D728E945-256D-4477-B377-6BBA693714AC}" = Productivity Center Supplement for ThinkPad
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Power Manager
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E2ACDD92-7A9F-FCE8-2452-8A660792038E}" = CCC Help Chinese Traditional
"{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" = CorelDRAW Graphics Suite X5 - EN
"{E4CB66D5-C29E-9612-5E32-6807E91A82CD}" = Catalyst Control Center Localization Swedish
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{EA5AB32C-970E-D7C4-C896-1C927FB3E384}" = Catalyst Control Center Localization Dutch
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9230D65-8EED-B6DD-F9FB-8AEFDE06579C}" = Catalyst Control Center Localization French
"{FA62B4C2-6CFD-462F-9B59-68A730001AB3}" = Product Recovery Disc Burning Utility
"{FAA034EC-DB6A-A753-5DCE-DD7D75EDEA8E}" = ccc-core-static
"{FB26A501-6BA6-459B-89AA-9736730752FB}" = VoiceOver Kit
"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FF878914-1DDC-44E2-92F6-69DE291DDCA7}" = CCC Help Dutch
"0A7603E3091C168CDE422A2B3481A2F7D17D0954" = Windows Driver Package - Intel hdc (02/20/2008 6.9.1.1001)
"1205965EF392C9B0D5A9BDB139035F058E76359E" = Windows Driver Package - Ricoh Company MMC Host Controller (02/15/2008 6.00.03.05)
"1A96FF9D9E5F19776E6749D8F6557FCC437EB294" = Windows Driver Package - Ricoh Company MS Host Controller (07/30/2007 6.00.01.11)
"25A4FC9EFE7A8860FCF6F86FFABDD9334A2619E3" = Windows Driver Package - Intel (e1yexpress) Net (08/22/2008 9.52.10.1001)
"3EB6CB625B5778835F0A66A7529E69050E0EE033" = Windows Driver Package - Lenovo 1.53 (03/19/2009 1.53)
"432D918ED17EA51B73E8491A0369730C0076A292" = Windows Driver Package - Intel System (02/20/2008 8.6.1.1002)
"464CE3922A214073AAEE00DEB23EA5C750AF8CE8" = Windows Driver Package - Intel USB (02/05/2007 8.3.0.1011)
"513C7D1BF4530B30EC84716327E4D7E76810DCC5" = Windows Driver Package - Intel System (02/20/2008 8.7.0.1007)
"5A4D4FF375E24E41AE5D2D907E67E0884BE2CAF4" = Windows Driver Package - Intel System (01/30/2008 8.6.1.1001)
"778DAA8FB0D52FC214BC306BBDC33E26ACAB6F44" = Windows Driver Package - Ricoh Company xD Host Controller (07/30/2007 6.00.01.13)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"ATI Uninstaller" = ATI Uninstaller
"AviSynth" = AviSynth 2.5
"BitDefender" = BitDefender Antivirus Pro 2011
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = ThinkPad Modem Adapter
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Combat Arms EU" = Combat Arms EU
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.52.2
"Dipmon" = Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"E6CEFD9A59425A2A27E92572AB367B28C371D3D8" = Windows Driver Package - Intel System (09/15/2006 7.0.0.1011)
"EADM" = EA Download Manager
"Easy-Shutdown" = Easy-Shutdown 1.3
"EC1E678D1EFB79A1D02C312390944027C715CD5C" = Windows Driver Package - Intel (iaStor) hdc (02/11/2009 8.8.0.1009)
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"EPSON Stylus CX7300_CX8300_DX7400_DX8400 Benutzerhandbuch" = EPSON Stylus CX7300_CX8300_DX7400_DX8400 Handbuch
"FPIRPOn" = Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"HECI" = Intel(R) Management Engine Interface
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Lenovo Registration" = Lenovo Registration
"Lenovo Welcome_is1" = Lenovo Welcome
"LENOVO.SMIIF" = Lenovo System Interface Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MESOL" = Intel® Active Management Technology
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"OnScreenDisplay" = On Screen Display
"PC-Doctor for Windows" = Lenovo System Toolbox
"Power Management Driver" = ThinkPad Power Management Driver
"PROHYBRIDR" = 2007 Microsoft Office system
"ProInst" = Intel PROSet Wireless
"PROR" = Microsoft Office Professional 2007
"StarCraft II" = StarCraft II
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"USBPMon" = Registry patch for Windows Vista USB S3 PM Enablement
"Videora iPod Converter" = Videora iPod Converter 5.04
"VLC media player" = VLC media player 1.0.2
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XMind" = XMind
"YouTube Downloader App" = YouTube Downloader App 2.03
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Anwendungserkennung
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.01.2011 09:47:24 | Computer Name = al-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 187154
Error - 26.01.2011 09:49:51 | Computer Name = al-PC | Source = WinMgmt | ID = 10
Description =
Error - 26.01.2011 11:32:16 | Computer Name = al-PC | Source = EventSystem | ID = 4621
Description =
Error - 26.01.2011 11:47:37 | Computer Name = al-PC | Source = WinMgmt | ID = 10
Description =
Error - 26.01.2011 13:44:11 | Computer Name = al-PC | Source = EventSystem | ID = 4609
Description =
Error - 26.01.2011 13:45:03 | Computer Name = al-PC | Source = WinMgmt | ID = 10
Description =
Error - 26.01.2011 13:50:50 | Computer Name = al-PC | Source = WinMgmt | ID = 10
Description =
Error - 26.01.2011 15:01:59 | Computer Name = al-PC | Source = WinMgmt | ID = 10
Description =
Error - 26.01.2011 15:17:46 | Computer Name = al-PC | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 26.01.2011 17:49:11 | Computer Name = al-PC | Source = WinMgmt | ID = 10
Description =
[ Cisco AnyConnect VPN Client Events ]
Error - 25.01.2011 16:00:28 | Computer Name = al-PC | Source = vpnagent | ID = 50331649
Description = Function: CVpnMgr::processEvents Return code: 0 File: .\MainThread.cpp
Line:
997 Description: fatal error, stopping service
Error - 25.01.2011 16:02:03 | Computer Name = al-PC | Source = vpnagent | ID = 50331649
Description = Function: CVCMSSaxParser Return code: 0xC00CE225 File: .\xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Description: WINDOWS_ERROR_CODE XML Parser fatal error: Validate failed.
Error - 26.01.2011 06:20:07 | Computer Name = al-PC | Source = vpnagent | ID = 50331649
Description = Function: CVCMSSaxParser Return code: 0xC00CE225 File: .\xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Description: WINDOWS_ERROR_CODE XML Parser fatal error: Validate failed.
Error - 26.01.2011 09:49:31 | Computer Name = al-PC | Source = vpnagent | ID = 50331649
Description = Function: CVCMSSaxParser Return code: 0xC00CE225 File: .\xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Description: WINDOWS_ERROR_CODE XML Parser fatal error: Validate failed.
Error - 26.01.2011 11:47:20 | Computer Name = al-PC | Source = vpnagent | ID = 50331649
Description = Function: CVCMSSaxParser Return code: 0xC00CE225 File: .\xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Description: WINDOWS_ERROR_CODE XML Parser fatal error: Validate failed.
Error - 26.01.2011 13:50:29 | Computer Name = al-PC | Source = vpnagent | ID = 50331649
Description = Function: CVCMSSaxParser Return code: 0xC00CE225 File: .\xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Description: WINDOWS_ERROR_CODE XML Parser fatal error: Validate failed.
Error - 26.01.2011 15:01:41 | Computer Name = al-PC | Source = vpnagent | ID = 50331649
Description = Function: CVCMSSaxParser Return code: 0xC00CE225 File: .\xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Description: WINDOWS_ERROR_CODE XML Parser fatal error: Validate failed.
Error - 26.01.2011 17:47:11 | Computer Name = al-PC | Source = vpnagent | ID = 50331650
Description = Termination reason code 9: Client PC is shutting down.
Error - 26.01.2011 17:47:11 | Computer Name = al-PC | Source = vpnagent | ID = 50331649
Description = Function: CVpnMgr::processEvents Return code: 0 File: .\MainThread.cpp
Line:
997 Description: fatal error, stopping service
Error - 26.01.2011 17:48:44 | Computer Name = al-PC | Source = vpnagent | ID = 50331649
Description = Function: CVCMSSaxParser Return code: 0xC00CE225 File: .\xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Description: WINDOWS_ERROR_CODE XML Parser fatal error: Validate failed.
[ Lenovo-Message Center Plus/Admin Events ]
Error - 25.10.2009 10:13:18 | Computer Name = al-PC | Source = Lenovo-Message Center Plus/Admin | ID = 4
Description = The file size of the downloaded file /TOC.cab is not the same as the
file size of the file on the server
Error - 25.10.2009 10:13:18 | Computer Name = al-PC | Source = Lenovo-Message Center Plus/Admin | ID = 4
Description = The file C:\ProgramData\Lenovo\MessageCenterPlus\ServerRepository\temp\wrapper.py
does not have a Lenovo Digital Signature. The file will be deleted
Error - 21.01.2011 21:44:20 | Computer Name = al-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Unable to retrieve machine model -> Exception message: Provider load
failure
Error - 21.01.2011 21:44:20 | Computer Name = al-PC | Source = Lenovo-Message Center Plus/Admin | ID = 4
Description = Retrieved null machine type model
Error - 21.01.2011 21:45:18 | Computer Name = al-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Unable to retrieve machine model -> Exception message:
[ System Events ]
Error - 26.01.2011 15:01:32 | Computer Name = al-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 19:59:28 on 26.01.2011 was unexpected.
Error - 26.01.2011 15:01:59 | Computer Name = al-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.01.2011 15:01:59 | Computer Name = al-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.01.2011 15:01:59 | Computer Name = al-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 26.01.2011 15:01:59 | Computer Name = al-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 26.01.2011 17:46:57 | Computer Name = al-PC | Source = DCOM | ID = 10010
Description =
Error - 26.01.2011 17:49:11 | Computer Name = al-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.01.2011 17:49:11 | Computer Name = al-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.01.2011 17:49:11 | Computer Name = al-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 26.01.2011 17:49:11 | Computer Name = al-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
--- --- ---
OTL Logfile: Code:
OTL logfile created on: 26.01.2011 22:51:46 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\al\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 29,00% Memory free
5,00 Gb Paging File | 3,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,65 Gb Total Space | 33,92 Gb Free Space | 15,30% Space Free | Partition Type: NTFS
Drive Q: | 9,77 Gb Total Space | 3,63 Gb Free Space | 37,12% Space Free | Partition Type: NTFS
Drive S: | 1,46 Gb Total Space | 0,51 Gb Free Space | 34,54% Space Free | Partition Type: NTFS
Computer Name: AL-PC | User Name: al | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\al\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
PRC - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe (BitDefender S.R.L.)
PRC - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe (BitDefender S.R.L.)
PRC - C:\Users\al\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft)
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo)
PRC - C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe ()
PRC - C:\Program Files\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
PRC - C:\Program Files\ThinkPad\Utilities\PWMUIAux.EXE (Lenovo Group Limited)
PRC - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe (Lenovo)
PRC - C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe (Lenovo Group Limited)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\ibmpmsvc.exe (Lenovo)
PRC - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (Lenovo)
PRC - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated)
PRC - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files\Intel\AMT\LMS.exe (Intel Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Windows\System32\TpShocks.exe (Lenovo.)
PRC - C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)
PRC - C:\Windows\System32\TPHDEXLG.exe (Lenovo.)
PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
PRC - c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
PRC - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)
PRC - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
PRC - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_FATICEE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe (Roxio)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
========== Modules (SafeList) ==========
MOD - C:\Users\al\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00074_002\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00074_002\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00074_002\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00074_002\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00074_002\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00074_002\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00074_002\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Updatesrv) -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe (BitDefender S.R.L.)
SRV - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe (BitDefender S.R.L.)
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll ()
SRV - (Update Server) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (BitDefender)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (vpnagent) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (AcSvc) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo)
SRV - (AcPrfMgrSvc) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo)
SRV - (LENOVO.MICMUTE) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
SRV - (TPHKSVC) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
SRV - (Power Manager DBC Service) -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE (Lenovo)
SRV - (IBMPMSVC) -- C:\Windows\System32\ibmpmsvc.exe (Lenovo)
SRV - (TSSCoreService) -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (Lenovo)
SRV - (ThinkVantage Registry Monitor Service) -- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (UNS) Intel(R) -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files\Intel\AMT\LMS.exe (Intel Corporation)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (TPHDEXLGSVC) -- C:\Windows\System32\TPHDEXLG.exe (Lenovo.)
SRV - (SUService) -- c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
SRV - (TVT_UpdateMonitor) -- C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe (Lenovo Group Limited)
SRV - (TVT Scheduler) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (TVT Backup Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)
SRV - (TVT Backup Protection Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe ()
SRV - (RoxMediaDB10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
========== Driver Services (SafeList) ==========
DRV - (bdselfpr) -- C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender LLC)
DRV - (Trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (Bdftdif) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (bdfsfltr) -- C:\Windows\system32\DRIVERS\bdfsfltr.sys (BitDefender)
DRV - (avckf) -- C:\Windows\System32\drivers\avckf.sys (BitDefender)
DRV - (avc3) -- C:\Windows\System32\drivers\avc3.sys (BitDefender)
DRV - (BDFM) -- C:\Windows\System32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (vpnva) -- C:\Windows\System32\drivers\vpnva.sys (Cisco Systems, Inc.)
DRV - (tvtfilter) -- C:\Windows\System32\drivers\tvtfilter.sys (Lenovo)
DRV - (psadd) -- C:\Windows\System32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (TPPWRIF) -- C:\Windows\System32\drivers\TPPWR32V.SYS (Lenovo Group Limited)
DRV - (cpuz132) -- C:\Windows\System32\drivers\cpuz132_x32.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (IBMPMDRV) -- C:\Windows\System32\drivers\ibmpmdrv.sys (Lenovo.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (MUXP) -- C:\Windows\System32\drivers\mux.sys (Intel© Corporation)
DRV - (MUXMP) -- C:\Windows\System32\drivers\mux.sys (Intel© Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (Shockprf) -- C:\Windows\System32\DRIVERS\Apsx86.sys (Lenovo.)
DRV - (TPDIGIMN) -- C:\Windows\System32\DRIVERS\ApsHM86.sys (Lenovo.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (e1yexpress) Intel(R) -- C:\Windows\System32\drivers\e1y6032.sys (Intel Corporation)
DRV - (tvtumon) -- C:\Windows\System32\drivers\tvtumon.sys (Lenovo)
DRV - (intelkmd) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (lenovo.smi) -- C:\Windows\System32\drivers\smiif32.sys (Lenovo Group Limited)
DRV - (HECI) Intel(R) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (TVTI2C) -- C:\Windows\System32\drivers\tvti2c.sys (Lenovo (United States) Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (DLADResM) -- C:\Windows\System32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\Windows\System32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\Windows\System32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\Windows\System32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\Windows\System32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\Windows\System32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\Windows\System32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\Windows\System32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\Windows\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DRVNDDM) -- C:\Windows\System32\drivers\DRVNDDM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\Windows\System32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\Windows\System32\drivers\DLACDBHM.SYS (Roxio)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011.01.19 17:57:47 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
O4 - HKLM..\Run: [ACWlIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BLOG] C:\Program Files\ThinkPad\Utilities\BTVLOGEX.DLL ()
O4 - HKLM..\Run: [CreateLMBCShortCut] C:\Program Files\Lenovo\Mobile Broadband Connect\UserShortcutCreator.exe ()
O4 - HKLM..\Run: [cssauth] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [EZEJMNAP] C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)
O4 - HKLM..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [LPMailChecker] C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [LPManager] C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe ()
O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TpShocks] C:\Windows\System32\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPSON Stylus DX8400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\al\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\al\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.06.02 23:46:54 | 000,000,049 | -HS- | M] () - S:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{1f2d3753-8599-11de-99e1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1f2d3753-8599-11de-99e1-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2008.07.21 17:09:40 | 000,262,144 | -HS- | M] (Lenovo Group Limited)
O33 - MountPoints2\{4443a7d9-7884-11df-9702-00216a59994b}\Shell\AutoRun\command - "" = bbjl2g.exe
O33 - MountPoints2\{4443a7d9-7884-11df-9702-00216a59994b}\Shell\open\Command - "" = bbjl2g.exe
O33 - MountPoints2\{51653459-8592-11de-918a-00247e6e40e2}\Shell - "" = AutoRun
O33 - MountPoints2\{51653459-8592-11de-918a-00247e6e40e2}\Shell\AutoRun\command - "" = S:\LenovoSDrive.exe -- [2008.07.29 23:37:58 | 000,180,224 | -HS- | M] ()
O33 - MountPoints2\{a0cd3604-ea55-11de-ab3f-00216a59994b}\Shell - "" = AutoRun
O33 - MountPoints2\{a0cd3604-ea55-11de-ab3f-00216a59994b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{a7c1fa13-f795-11de-8f13-00216a59994a}\Shell - "" = AutoRun
O33 - MountPoints2\{a7c1fa13-f795-11de-8f13-00216a59994a}\Shell\AutoRun\command - "" = F:\JackLaunch.exe
O33 - MountPoints2\{b5be4edf-11ca-11e0-9bb0-00216a59994a}\Shell\AutoRun\command - "" = D:\Menu.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.01.26 20:56:09 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\al\Desktop\OTL.exe
[2011.01.26 18:58:20 | 000,000,000 | ---D | C] -- C:\Program Files\HJT
[2011.01.26 18:58:20 | 000,000,000 | ---D | C] -- C:\Users\al\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011.01.25 14:52:43 | 000,000,000 | ---D | C] -- C:\Users\al\Desktop\präsis
[2011.01.19 17:57:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDefender 2011
[2011.01.19 17:57:50 | 000,000,000 | ---D | C] -- C:\Users\al\AppData\Roaming\BitDefender
[2011.01.19 17:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2011.01.19 16:45:32 | 000,000,000 | ---D | C] -- C:\Users\al\AppData\Roaming\QuickScan
[2011.01.19 16:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2011.01.19 16:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2011.01.19 16:41:38 | 000,308,152 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2011.01.19 16:41:21 | 000,327,368 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdfsfltr.sys
[2011.01.19 01:32:30 | 000,000,000 | ---D | C] -- C:\Users\al\AppData\Roaming\Malwarebytes
[2011.01.19 01:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.01.19 01:30:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.01.19 01:30:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.01.19 01:29:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.01.19 01:29:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.01.19 00:46:41 | 000,000,000 | ---D | C] -- C:\Users\al\Documents\Chu Desktop
[2011.01.14 00:39:14 | 000,000,000 | ---D | C] -- C:\Users\al\Documents\My Palettes
[2011.01.12 11:16:56 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.01.12 11:16:55 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011.01.04 16:24:09 | 000,000,000 | ---D | C] -- C:\Users\al\Desktop\LeagueOfLegends.EU.12_20_2010
[2009.08.10 11:47:24 | 000,225,280 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2009.08.10 11:47:24 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
========== Files - Modified Within 30 Days ==========
[2011.01.26 22:48:45 | 000,000,874 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.26 22:48:41 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.26 22:48:41 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.26 22:48:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.26 22:48:32 | 2642,440,192 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.26 22:47:16 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.01.26 22:04:03 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.26 22:02:04 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-769887172-4083246247-2960312149-1003UA.job
[2011.01.26 20:56:10 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\al\Desktop\OTL.exe
[2011.01.26 19:00:15 | 000,002,599 | ---- | M] () -- C:\Users\al\Desktop\HiJackThis.lnk
[2011.01.26 12:41:35 | 000,642,704 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.01.26 12:41:35 | 000,121,592 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.01.25 13:07:00 | 000,131,968 | ---- | M] () -- C:\Users\al\Documents\Tiger Airways Booking Confirmation - C2TILS.PDF
[2011.01.25 13:02:07 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-769887172-4083246247-2960312149-1003Core.job
[2011.01.24 12:09:54 | 011,938,082 | ---- | M] () -- C:\Users\al\Desktop\vladi.pdf
[2011.01.22 03:30:27 | 000,048,414 | ---- | M] () -- C:\Users\al\Desktop\MYM.JPG
[2011.01.22 01:23:21 | 000,009,804 | ---- | M] () -- C:\Users\al\Documents\Poker.xlsx
[2011.01.19 22:10:00 | 000,019,969 | ---- | M] () -- C:\Users\al\Documents\EmiratesETicket1.PDF
[2011.01.19 18:24:59 | 000,000,000 | ---- | M] () -- C:\Windows\System32\imblacklist.dat
[2011.01.19 18:14:38 | 000,510,337 | ---- | M] () -- C:\ProgramData\bdinstall.bin
[2011.01.19 18:08:58 | 000,308,152 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2011.01.19 18:07:54 | 000,000,415 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2011.01.19 17:57:55 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Antivirus Pro 2011.lnk
[2011.01.19 01:30:17 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.19 00:45:42 | 000,035,807 | ---- | M] () -- C:\Users\al\Documents\Welcome to Skywards.docx
[2011.01.18 23:04:27 | 000,667,373 | ---- | M] () -- C:\Users\al\Desktop\Reisepass Arne.jpg
[2011.01.15 09:03:45 | 000,002,037 | ---- | M] () -- C:\Users\al\Desktop\Google Chrome.lnk
[2011.01.15 09:03:45 | 000,001,999 | ---- | M] () -- C:\Users\al\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011.01.14 11:41:23 | 000,188,928 | ---- | M] () -- C:\Users\al\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.10 20:41:00 | 002,567,680 | ---- | M] () -- C:\Users\al\Documents\2010_09_Paper_Waibel_final_E.doc
[2011.01.04 16:24:23 | 000,000,378 | ---- | M] () -- C:\Users\al\Desktop\Resume Download of League of Legends.url
[2010.12.28 16:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
========== Files Created - No Company Name ==========
[2011.01.26 18:58:20 | 000,002,599 | ---- | C] () -- C:\Users\al\Desktop\HiJackThis.lnk
[2011.01.26 18:50:16 | 2642,440,192 | -HS- | C] () -- C:\hiberfil.sys
[2011.01.25 13:07:00 | 000,131,968 | ---- | C] () -- C:\Users\al\Documents\Tiger Airways Booking Confirmation - C2TILS.PDF
[2011.01.24 12:11:28 | 011,938,082 | ---- | C] () -- C:\Users\al\Desktop\vladi.pdf
[2011.01.21 21:56:24 | 000,048,414 | ---- | C] () -- C:\Users\al\Desktop\MYM.JPG
[2011.01.21 20:33:36 | 000,009,804 | ---- | C] () -- C:\Users\al\Documents\Poker.xlsx
[2011.01.19 22:10:00 | 000,019,969 | ---- | C] () -- C:\Users\al\Documents\EmiratesETicket1.PDF
[2011.01.19 18:24:59 | 000,000,000 | ---- | C] () -- C:\Windows\System32\imblacklist.dat
[2011.01.19 18:07:54 | 000,000,415 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2011.01.19 17:57:55 | 000,002,013 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Antivirus Pro 2011.lnk
[2011.01.19 16:41:13 | 000,510,337 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011.01.19 01:30:17 | 000,000,916 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.19 00:45:41 | 000,035,807 | ---- | C] () -- C:\Users\al\Documents\Welcome to Skywards.docx
[2011.01.18 23:04:26 | 000,667,373 | ---- | C] () -- C:\Users\al\Desktop\Reisepass Arne.jpg
[2011.01.10 20:41:00 | 002,567,680 | ---- | C] () -- C:\Users\al\Documents\2010_09_Paper_Waibel_final_E.doc
[2011.01.04 16:24:23 | 000,000,378 | ---- | C] () -- C:\Users\al\Desktop\Resume Download of League of Legends.url
[2010.07.08 09:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2010.02.02 18:04:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.01.13 15:55:35 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.01.13 15:49:08 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX8400DEFGIPS.ini
[2010.01.02 12:38:22 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.10.08 16:54:01 | 000,188,928 | ---- | C] () -- C:\Users\al\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.01 18:04:06 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.10.01 17:52:05 | 000,007,728 | ---- | C] () -- C:\Users\al\AppData\Local\d3d9caps.dat
[2009.10.01 15:34:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.10 12:01:18 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2009.08.10 12:01:18 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2009.08.10 11:59:37 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2009.08.10 11:59:37 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2009.08.10 11:59:37 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2009.08.10 11:59:37 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2009.08.10 11:59:37 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2009.08.10 11:59:37 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2009.08.10 11:48:30 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.08.10 11:47:24 | 001,754,368 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009.08.10 11:47:24 | 000,028,800 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2009.08.10 11:47:24 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2007.01.31 13:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
< End of report >
--- --- ---
nochmal vielen Dank
und lieben Gruß
arne |
