| |
| |||||||
Mülltonne: 2x Win8: Verlinkte Wörter, blinkende Virenwarnungen - das ÜblicheWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
17.08.2014, 12:23
| #1 |
 |  2x Win8: Verlinkte Wörter, blinkende Virenwarnungen - das Übliche Hallo zusammen, ich habe hier schonmal gute Hilfe erhalten und wende mich deshalb wieder an euch. Diesmal geht es um den Windows 8 eines Bekannten von mir. Die Symptome sind die im Thread-Titel beschriebenen, aus Erfahrung kenne ich die schon und vermute, es ist wieder ein "klassischer Fall". Hier erstmal die grundlegenden Logfiles: defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:19 on 17/08/2014 (****)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by **** (administrator) on ****PC on 17-08-2014 12:35:02
Running from C:\Users\****\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\PC Speed Up\PCSUService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\LPT\srpts.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Users\****\AppData\Roaming\VOPackage\VOsrv.exe
() C:\Program Files (x86)\LPT\srptsl.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\LPT\srptm.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Users\****\AppData\Local\fst_de_110\upfst_de_110.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Spotify Ltd) C:\Users\****\AppData\Roaming\Spotify\spotify.exe
(Pokki) C:\Users\****\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Spotify Ltd) C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Pokki) C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe
() C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe
(Smartbar) C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Software Updater) C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
() C:\Program Files (x86)\fst_de_110\fst_de_110.exe
() C:\Program Files (x86)\di9BlockAndSurf\BlockAndSurf.exe
() C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Pokki) C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe
() C:\Users\****\AppData\Local\Smartbar\Application\Lrcnta.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Plus HD) C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-bg.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulAlert.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files (x86)\UpperFind\updateUpperFind.exe
() C:\Program Files (x86)\UpperFind\bin\utilUpperFind.exe
() C:\Program Files (x86)\UpperFind\bin\UpperFind.PurBrowse64.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-16] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-09-24] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-11] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-05-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-05-20] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-06-27] (Power Software Ltd)
HKLM-x32\...\Run: [fst_de_110] => C:\Program Files (x86)\fst_de_110\fst_de_110.exe [3975136 2014-07-21] ()
HKLM-x32\...\Run: [BlockAndSurf] => C:\Program Files (x86)\di9BlockAndSurf\BlockAndSurf.exe [130560 2014-07-21] ()
HKLM-x32\...\RunOnce: [upfst_de_110.exe] => C:\Users\****\AppData\Local\fst_de_110\upfst_de_110.exe [3320800 2014-07-21] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [Pokki] => C:\WINDOWS\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [Spotify] => C:\Users\****\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-07-07] (Spotify Ltd)
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [Spotify Web Helper] => C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-07] (Spotify Ltd)
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe [2208520 2014-06-11] ()
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [PCSpeedUp] => C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe [300840 2014-07-03] ()
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [29728 2014-06-16] (Smartbar)
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [help] => "C:\Users\****\AppData\Roaming\Microsoft\Windows\IEUpdate\help.exe"
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\RunOnce: [help] => "C:\Users\****\AppData\Roaming\Microsoft\Windows\IEUpdate\help.exe"
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Command Processor: "C:\Users\****\AppData\Roaming\Microsoft\Windows\IEUpdate\help.exe" <===== ATTENTION!
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftwareUpdater.lnk
ShortcutTarget: SoftwareUpdater.lnk -> C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe (Software Updater)
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\help.lnk
ShortcutTarget: help.lnk -> C:\Users\****\AppData\Roaming\Microsoft\Windows\IEUpdate\help.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooAI&dpid=YahooAI&co=DE&userid=2e6cd3c0-bbb0-5894-0bc3-056f66204aac&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp13000
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooAI&dpid=YahooAI&co=DE&userid=2e6cd3c0-bbb0-5894-0bc3-056f66204aac&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp13000
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
SearchScopes: HKLM - {6E6BD5B7-2DAC-4EC9-BE1A-3C8399D91A74} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeY2Xa_MC7jVLwTkhU8uB8pH1wZ3ww2xq424r9Qt_LZRr2z0wILeRYDiSjCUV0aku3r_m9Sr6uwjd4a8egseqxfg--Np69UpeMLjK6agqZQZ94SkBh20n2JP-LvokG7Apg,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeY2Xa_MC7jVLwTkhU8uB8pH1wZ3ww2xq424r9Qt_LZRr2z0wILeRYDiSjCUV0aku3r_m9Sr6uwjd4a8egseqxfg--Np69UpeMLjK6agqZQZ94SkBh20n2JP-LvokG7Apg,,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MBBDC9E48-88CE-4A4C-8E2D-45A688CE1A94&SearchSource=58&CUI=&UM=6&UP=SP7A00C53E-7052-44AE-A8D2-9830116EB9DD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooAI&dpid=YahooAI&co=DE&userid=2e6cd3c0-bbb0-5894-0bc3-056f66204aac&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp13000
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MBBDC9E48-88CE-4A4C-8E2D-45A688CE1A94&SearchSource=58&CUI=&UM=6&UP=SP7A00C53E-7052-44AE-A8D2-9830116EB9DD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
BHO: Plus-HD-9.1 -> {11111111-1111-1111-1111-110511291116} -> C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-bho64.dll (Plus HD)
BHO: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO-x32: Plus-HD-9.1 -> {11111111-1111-1111-1111-110511291116} -> C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-bho.dll (Plus HD)
BHO-x32: BlockAndSurf -> {21C7BF22-6256-1D9D-920C-96C12183DE96} -> C:\Program Files (x86)\di9BlockAndSurf\176.dll ()
BHO-x32: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-05-20]
FF HKCU\...\Firefox\Extensions: [{9F586BA1-DE20-5DC0-817B-B5D24781FE6A}] - C:\Program Files (x86)\di9BlockAndSurf\176.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\di9BlockAndSurf\176.xpi [2014-07-21]
Chrome:
=======
CHR HomePage: https://www.google.de/webhp?source=search_app&gfe_rd=cr&ei=KqPSU5DqH4qY-AbO2ICICg&gws_rd=ssl
CHR StartupUrls: "https://www.google.de/"
CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: vi-view
CHR DefaultNewTabURL:
CHR Extension: (Plus-HD-9.1) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe [2014-07-21]
CHR Extension: (Google Docs) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-18]
CHR Extension: (Google Drive) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-18]
CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-18]
CHR Extension: (Google-Suche) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-18]
CHR Extension: (Google Wallet) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-18]
CHR Extension: (BlockAndSurf) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcgnnlmmkimincacnkjichcghfgjnbdb [2014-07-21]
CHR Extension: (Quick start) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-07-25]
CHR Extension: (Google Mail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-18]
CHR Extension: (Extutil) - C:\Users\****\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-07-18]
CHR Extension: (Managera) - C:\Users\****\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-07-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-09-04] (Broadcom Corporation.)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-21] (globalUpdate) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-09-24] (Intel Corporation)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [702344 2014-07-25] (Cherished Technololgy LIMITED)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34336 2014-06-16] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1844024 2013-12-18] (Maxthon)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 PCSUService; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [430888 2014-07-03] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 servervo; C:\Users\****\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-07-21] () [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [338944 2013-08-11] (IDT, Inc.) [File not signed]
R2 Update UpperFind; C:\Program Files (x86)\UpperFind\updateUpperFind.exe [323312 2014-08-17] ()
R2 Util UpperFind; C:\Program Files (x86)\UpperFind\bin\utilUpperFind.exe [323312 2014-08-17] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-05-20] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [535936 2014-07-25] (Fuyu LIMITED)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [74344 2013-07-03] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-06-11] (Audials AG)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1065728 2013-09-26] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R2 webinstr; C:\WINDOWS\system32\Drivers\webinstr.sys [57528 2014-07-07] (Corsica)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R1 {0e56f9ed-d36e-4176-bfbd-2bd7c7a74afa}w64; C:\Windows\System32\drivers\{0e56f9ed-d36e-4176-bfbd-2bd7c7a74afa}w64.sys [61016 2014-07-08] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 12:35 - 2014-08-17 12:35 - 00027866 _____ () C:\Users\****\Desktop\FRST.txt
2014-08-17 12:34 - 2014-08-17 12:35 - 00000000 ____D () C:\FRST
2014-08-17 12:34 - 2014-08-17 12:34 - 02101760 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ___HD () C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}
2014-08-17 12:19 - 2014-08-17 12:19 - 00000474 _____ () C:\Users\****\Desktop\defogger_disable.log
2014-08-17 12:19 - 2014-08-17 12:19 - 00000000 _____ () C:\Users\****\defogger_reenable
2014-08-17 12:18 - 2014-08-17 12:18 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 12:17 - 2014-08-17 12:17 - 00050477 _____ () C:\Users\****\Downloads\Defogger.exe
2014-08-17 12:13 - 2014-08-17 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-17 12:02 - 2014-08-17 12:02 - 00139488 _____ () C:\WINDOWS\SysWOW64\XMLOperations.xml
2014-07-26 10:45 - 2014-07-26 10:46 - 00000000 ____D () C:\Users\****\Documents\PCSpeedUp
2014-07-25 21:31 - 2014-07-08 13:45 - 00061016 _____ (StdLib) C:\WINDOWS\system32\Drivers\{0e56f9ed-d36e-4176-bfbd-2bd7c7a74afa}w64.sys
2014-07-25 20:26 - 2014-07-26 10:36 - 00000000 ____D () C:\Program Files (x86)\UpperFind
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-25 20:25 - 2014-07-25 20:25 - 00000000 ____D () C:\Program Files (x86)\Software Updater
2014-07-25 20:20 - 2014-07-25 20:20 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2014-07-25 20:06 - 2014-07-25 20:06 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-07-22 20:36 - 2014-07-22 22:07 - 00002675 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-22 20:36 - 2014-07-22 22:07 - 00002628 _____ () C:\Users\****\Desktop\Search.lnk
2014-07-22 20:36 - 2014-07-22 20:37 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-07-22 20:36 - 2014-07-22 20:36 - 00000000 ____D () C:\Users\****\AppData\Local\Smartbar
2014-07-22 20:36 - 2014-07-22 20:36 - 00000000 ____D () C:\Users\****\AppData\Local\LPT
2014-07-22 20:35 - 2014-07-26 15:25 - 00001113 _____ () C:\Users\****\Desktop\Continue VuuPC Installation.lnk
2014-07-21 20:07 - 2014-08-17 12:08 - 00000000 ____D () C:\Users\****\AppData\Local\fst_de_110
2014-07-21 20:07 - 2014-07-22 20:36 - 00000000 ____D () C:\Users\****\Desktop\spiele
2014-07-21 20:07 - 2014-07-21 20:07 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____D () C:\Program Files (x86)\fst_de_110
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____D () C:\Program Files (x86)\di9BlockAndSurf
2014-07-21 20:07 - 2014-07-07 17:04 - 00057528 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-07-21 20:05 - 2014-07-21 20:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2014-07-21 20:05 - 2014-07-21 20:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\dlg
2014-07-21 20:04 - 2014-07-21 20:04 - 00000000 ____D () C:\Games
2014-07-21 20:01 - 2014-07-26 10:47 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-21 20:01 - 2014-07-21 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up
2014-07-21 20:00 - 2014-07-21 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 20:00 - 2014-07-21 20:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-21 19:59 - 2014-07-21 19:59 - 00000000 ____D () C:\Users\****\AppData\Local\CrashRpt
2014-07-21 19:58 - 2014-07-21 19:58 - 00000000 ____D () C:\ProgramData\RapidSolution
2014-07-21 19:58 - 2014-07-21 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 11
2014-07-21 19:58 - 2014-07-21 19:58 - 00000000 ____D () C:\Program Files (x86)\Audials
2014-07-21 19:56 - 2014-08-17 12:10 - 00001462 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-7.job
2014-07-21 19:56 - 2014-08-17 12:05 - 00003814 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11.job
2014-07-21 19:56 - 2014-08-17 12:05 - 00003132 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3.job
2014-07-21 19:56 - 2014-08-17 12:05 - 00002286 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4.job
2014-07-21 19:56 - 2014-08-17 12:05 - 00001526 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-6.job
2014-07-21 19:56 - 2014-08-17 12:05 - 00001428 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5_user.job
2014-07-21 19:56 - 2014-08-17 12:05 - 00001412 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.job
2014-07-21 19:56 - 2014-08-17 12:04 - 00001526 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-1.job
2014-07-21 19:56 - 2014-08-17 12:04 - 00001324 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2.job
2014-07-21 19:56 - 2014-08-17 12:04 - 00000926 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-21 19:56 - 2014-07-26 19:44 - 00000000 ____D () C:\Users\****\AppData\Roaming\VOPackage
2014-07-21 19:56 - 2014-07-21 19:56 - 00006818 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11
2014-07-21 19:56 - 2014-07-21 19:56 - 00006136 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3
2014-07-21 19:56 - 2014-07-21 19:56 - 00005290 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4
2014-07-21 19:56 - 2014-07-21 19:56 - 00004530 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-6
2014-07-21 19:56 - 2014-07-21 19:56 - 00004530 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-1
2014-07-21 19:56 - 2014-07-21 19:56 - 00004466 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-7
2014-07-21 19:56 - 2014-07-21 19:56 - 00004416 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5
2014-07-21 19:56 - 2014-07-21 19:56 - 00004328 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2
2014-07-21 19:56 - 2014-07-21 19:56 - 00003666 _____ () C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Local\RapidSolution
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Local\globalUpdate
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.1
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-21 19:55 - 2014-07-21 19:55 - 00471584 _____ () C:\Users\****\Downloads\soft32_Counter Strike_1.0.exe
2014-07-20 22:51 - 2014-07-20 22:51 - 00000000 ____D () C:\Users\****\AppData\Roaming\Need for Speed World
2014-07-20 22:22 - 2014-07-20 22:22 - 00000000 ____D () C:\Users\****\AppData\Local\Electronic_Arts_Inc
2014-07-20 22:21 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-07-20 22:21 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-07-20 22:21 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-07-20 22:21 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-07-20 22:21 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-07-20 22:21 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2014-07-20 22:21 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2014-07-20 22:21 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2014-07-20 22:21 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2014-07-20 22:21 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2014-07-20 22:20 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2014-07-20 22:20 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2014-07-20 22:20 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2014-07-20 22:20 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-07-20 22:20 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2014-07-20 22:20 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2014-07-20 22:20 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2014-07-20 22:20 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2014-07-20 22:20 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2014-07-20 22:20 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2014-07-20 22:20 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2014-07-20 22:20 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2014-07-20 22:20 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2014-07-20 22:20 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2014-07-20 22:20 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2014-07-20 22:20 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2014-07-20 22:20 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-07-20 22:20 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-07-20 22:20 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-07-20 22:20 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-07-20 22:20 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-07-20 22:20 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-07-20 22:20 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2014-07-20 22:20 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2014-07-20 22:20 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2014-07-20 22:20 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2014-07-20 22:20 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2014-07-20 22:20 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2014-07-20 22:20 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2014-07-20 22:20 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2014-07-20 22:20 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2014-07-20 22:20 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2014-07-20 22:20 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2014-07-20 22:20 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2014-07-20 22:20 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2014-07-20 22:20 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2014-07-20 22:20 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2014-07-20 22:20 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2014-07-20 22:20 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2014-07-20 22:20 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2014-07-20 22:20 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2014-07-20 22:20 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2014-07-20 22:20 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2014-07-20 22:20 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2014-07-20 22:20 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2014-07-20 22:20 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2014-07-20 22:20 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2014-07-20 22:20 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2014-07-20 22:20 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2014-07-20 22:20 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2014-07-20 22:20 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2014-07-20 22:20 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2014-07-20 22:20 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2014-07-20 22:20 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2014-07-20 22:20 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2014-07-20 22:20 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2014-07-20 22:20 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2014-07-20 22:20 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2014-07-20 22:20 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2014-07-20 22:20 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2014-07-20 22:20 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2014-07-20 22:20 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2014-07-20 22:20 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2014-07-20 22:20 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2014-07-20 22:20 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2014-07-20 22:20 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2014-07-20 22:20 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2014-07-20 22:20 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2014-07-20 22:20 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2014-07-20 22:20 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2014-07-20 22:20 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2014-07-20 22:20 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2014-07-20 22:20 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2014-07-20 22:20 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2014-07-20 22:20 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2014-07-20 22:20 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2014-07-20 22:20 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2014-07-20 22:20 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2014-07-20 22:20 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2014-07-20 22:20 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2014-07-20 22:20 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2014-07-20 22:20 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2014-07-20 22:20 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2014-07-20 22:20 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2014-07-20 22:20 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2014-07-20 22:20 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2014-07-20 22:20 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2014-07-20 22:20 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2014-07-20 22:20 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2014-07-20 22:20 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2014-07-20 22:20 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2014-07-20 22:20 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2014-07-20 22:20 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2014-07-20 22:20 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2014-07-20 22:20 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2014-07-20 22:20 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2014-07-20 22:20 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2014-07-20 22:20 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2014-07-20 22:20 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2014-07-20 22:20 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2014-07-20 22:20 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2014-07-20 22:20 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2014-07-20 22:20 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2014-07-20 22:20 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2014-07-20 22:20 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2014-07-20 22:20 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2014-07-20 22:20 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2014-07-20 22:20 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2014-07-20 22:20 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2014-07-20 22:20 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2014-07-20 22:20 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2014-07-20 22:20 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2014-07-20 22:20 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2014-07-20 22:20 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2014-07-20 22:18 - 2014-07-20 22:21 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-07-20 22:18 - 2014-07-20 22:20 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-07-20 22:18 - 2014-07-20 22:18 - 05006472 _____ (Electronic Arts ) C:\Users\****\Downloads\setup_659.exe
2014-07-20 22:18 - 2014-07-20 22:18 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-20 22:18 - 2014-07-20 22:18 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-07-20 20:29 - 2014-07-20 20:31 - 00000000 ____D () C:\Users\****\AppData\Roaming\fltk.org
2014-07-20 20:29 - 2014-07-20 20:29 - 00000000 ____D () C:\ProgramData\fltk.org
2014-07-20 20:28 - 2014-07-20 20:31 - 00000000 ____D () C:\Users\****\AppData\Roaming\flightgear.org
2014-07-20 20:28 - 2014-07-20 20:28 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00000000 ____D () C:\ProgramData\flightgear.org
2014-07-20 20:28 - 2014-07-20 20:28 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-07-20 20:27 - 2014-07-20 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightGear 3.0.0
2014-07-20 20:22 - 2014-07-20 20:22 - 00000000 ____D () C:\Program Files\FlightGear
2014-07-20 19:59 - 2014-07-20 20:21 - 1062570539 _____ (The FlightGear Team ) C:\Users\****\Downloads\Setup_FlightGear_3.0.0__1_.exe
2014-07-20 18:48 - 2014-07-26 15:50 - 00000000 ____D () C:\Users\****\Documents\TmForever
2014-07-20 18:48 - 2014-07-20 22:20 - 00095405 _____ () C:\WINDOWS\DirectX.log
2014-07-20 18:48 - 2014-07-20 18:58 - 00000000 ____D () C:\ProgramData\TmForever
2014-07-20 18:48 - 2014-07-20 18:48 - 00001135 _____ () C:\Users\****\Desktop\TmNationsForever.lnk
2014-07-20 18:48 - 2014-07-20 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever
2014-07-20 18:48 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2014-07-20 18:48 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2014-07-20 18:48 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2014-07-20 18:48 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2014-07-20 18:48 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2014-07-20 18:48 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2014-07-20 18:48 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2014-07-20 18:48 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2014-07-20 18:48 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2014-07-20 18:48 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2014-07-20 18:48 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2014-07-20 18:48 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2014-07-20 18:48 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2014-07-20 18:48 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2014-07-20 18:48 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2014-07-20 18:48 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2014-07-20 18:48 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2014-07-20 18:48 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2014-07-20 18:48 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2014-07-20 18:48 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2014-07-20 18:48 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2014-07-20 18:48 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2014-07-20 18:48 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2014-07-20 18:48 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2014-07-20 18:47 - 2014-07-20 18:48 - 00000000 ____D () C:\Program Files (x86)\TmNationsForever
2014-07-20 18:39 - 2014-07-20 18:46 - 530600781 _____ () C:\Users\****\Downloads\tmnationsforever_setup.exe
2014-07-20 17:56 - 2014-07-20 17:56 - 00000000 ____D () C:\Users\****\AppData\Local\Skype
2014-07-20 17:55 - 2014-07-30 23:21 - 00000000 ____D () C:\Users\****\AppData\Roaming\Skype
2014-07-20 17:55 - 2014-07-20 17:55 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-20 17:55 - 2014-07-20 17:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-20 17:55 - 2014-07-20 17:55 - 00000000 ____D () C:\ProgramData\Skype
2014-07-20 17:55 - 2014-07-20 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 ____D () C:\Users\****\AppData\Roaming\OpenCandy
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-07-20 17:53 - 2014-07-20 17:54 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-07-20 17:53 - 2014-07-20 17:53 - 02876504 _____ (Power Software Ltd) C:\Users\****\Downloads\PowerISO5.exe
2014-07-18 20:50 - 2014-07-18 20:50 - 00072244 _____ () C:\Users\****\Downloads\Grand.Theft.Auto.IV-Razor1911@www.torrent.to.torrent
2014-07-18 20:17 - 2014-08-17 12:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-18 20:17 - 2014-07-18 20:17 - 01141680 _____ () C:\Users\****\Downloads\SteamSetup.exe
2014-07-18 20:17 - 2014-07-18 20:17 - 00000990 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-07-18 20:17 - 2014-07-18 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-18 20:09 - 2014-07-20 17:01 - 00000000 ____D () C:\Users\****\Downloads\Grand.Theft.Auto.IV-Razor1911
2014-07-18 20:03 - 2014-07-18 20:03 - 00000000 ____D () C:\Users\****\AppData\Roaming\PowerISO
2014-07-18 20:02 - 2014-07-20 17:54 - 00001040 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2014-07-18 20:02 - 2014-06-27 08:59 - 00131856 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2014-07-18 20:01 - 2014-07-18 20:05 - 00000000 ____D () C:\Users\****\Downloads\Best of Starvation Bundle
2014-07-18 20:01 - 2014-07-18 20:01 - 02790064 _____ (Power Software Ltd) C:\Users\****\Downloads\PowerISO6-x64.exe
2014-07-18 20:01 - 2014-07-18 20:01 - 00000000 ____D () C:\Users\****\AppData\Local\SearchProtect
2014-07-18 20:00 - 2014-07-18 20:00 - 00000891 _____ () C:\Users\****\Desktop\BitTorrent.lnk
2014-07-18 20:00 - 2014-07-18 20:00 - 00000871 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-18 19:59 - 2014-07-26 02:17 - 00000000 ____D () C:\Users\****\AppData\Roaming\BitTorrent
2014-07-18 19:59 - 2014-07-18 19:59 - 01913432 _____ (BitTorrent Inc.) C:\Users\****\Downloads\BitTorrent.exe
2014-07-18 19:53 - 2014-08-17 12:09 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-18 19:53 - 2014-07-18 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-18 19:52 - 2014-08-17 12:10 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-18 19:52 - 2014-07-30 23:57 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-18 19:52 - 2014-07-18 19:53 - 00000000 ____D () C:\Users\****\AppData\Local\Google
2014-07-18 19:52 - 2014-07-18 19:53 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-18 19:52 - 2014-07-18 19:52 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-18 19:52 - 2014-07-18 19:52 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-18 19:51 - 2014-07-18 19:52 - 00000000 ____D () C:\Users\****\AppData\Local\Deployment
2014-07-18 19:51 - 2014-07-18 19:51 - 00000000 ____D () C:\Users\****\AppData\Local\Apps\2.0
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 12:35 - 2014-08-17 12:35 - 00027866 _____ () C:\Users\****\Desktop\FRST.txt
2014-08-17 12:35 - 2014-08-17 12:34 - 00000000 ____D () C:\FRST
2014-08-17 12:35 - 2013-08-22 15:25 - 00000194 _____ () C:\WINDOWS\win.ini
2014-08-17 12:34 - 2014-08-17 12:34 - 02101760 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2014-08-17 12:34 - 2014-05-20 14:42 - 01436563 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ___HD () C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}
2014-08-17 12:28 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-17 12:26 - 2014-07-04 16:19 - 00000000 ____D () C:\Users\****\AppData\Roaming\Spotify
2014-08-17 12:23 - 2014-07-04 14:34 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{86D879C6-5202-4857-B4A1-0B266A8258D8}
2014-08-17 12:21 - 2014-07-18 20:17 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-17 12:19 - 2014-08-17 12:19 - 00000474 _____ () C:\Users\****\Desktop\defogger_disable.log
2014-08-17 12:19 - 2014-08-17 12:19 - 00000000 _____ () C:\Users\****\defogger_reenable
2014-08-17 12:19 - 2014-07-04 20:11 - 00000000 ____D () C:\Users\****
2014-08-17 12:18 - 2014-08-17 12:18 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 12:18 - 2014-07-04 20:17 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3841687710-1451113179-3550632674-1002
2014-08-17 12:17 - 2014-08-17 12:17 - 00050477 _____ () C:\Users\****\Downloads\Defogger.exe
2014-08-17 12:15 - 2013-08-22 16:46 - 00032045 _____ () C:\WINDOWS\setupact.log
2014-08-17 12:13 - 2014-08-17 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-17 12:13 - 2014-05-20 16:06 - 00001871 _____ () C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
2014-08-17 12:10 - 2014-07-21 19:56 - 00001462 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-7.job
2014-08-17 12:10 - 2014-07-18 19:52 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-17 12:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-17 12:09 - 2014-07-18 19:53 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-17 12:08 - 2014-07-21 20:07 - 00000000 ____D () C:\Users\****\AppData\Local\fst_de_110
2014-08-17 12:06 - 2014-07-04 20:11 - 00000000 ____D () C:\Users\****\AppData\Local\Pokki
2014-08-17 12:05 - 2014-07-21 19:56 - 00003814 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11.job
2014-08-17 12:05 - 2014-07-21 19:56 - 00003132 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3.job
2014-08-17 12:05 - 2014-07-21 19:56 - 00002286 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4.job
2014-08-17 12:05 - 2014-07-21 19:56 - 00001526 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-6.job
2014-08-17 12:05 - 2014-07-21 19:56 - 00001428 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5_user.job
2014-08-17 12:05 - 2014-07-21 19:56 - 00001412 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.job
2014-08-17 12:05 - 2014-07-04 20:15 - 00002135 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk
2014-08-17 12:04 - 2014-07-21 19:56 - 00001526 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-1.job
2014-08-17 12:04 - 2014-07-21 19:56 - 00001324 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2.job
2014-08-17 12:04 - 2014-07-21 19:56 - 00000926 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-08-17 12:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-17 12:02 - 2014-08-17 12:02 - 00139488 _____ () C:\WINDOWS\SysWOW64\XMLOperations.xml
2014-08-17 12:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-30 23:57 - 2014-07-18 19:52 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-30 23:21 - 2014-07-20 17:55 - 00000000 ____D () C:\Users\****\AppData\Roaming\Skype
2014-07-29 18:34 - 2014-07-04 16:20 - 00000000 ____D () C:\Users\****\AppData\Local\Spotify
2014-07-26 19:44 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Roaming\VOPackage
2014-07-26 15:50 - 2014-07-20 18:48 - 00000000 ____D () C:\Users\****\Documents\TmForever
2014-07-26 15:25 - 2014-07-22 20:35 - 00001113 _____ () C:\Users\****\Desktop\Continue VuuPC Installation.lnk
2014-07-26 10:47 - 2014-07-21 20:01 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-26 10:46 - 2014-07-26 10:45 - 00000000 ____D () C:\Users\****\Documents\PCSpeedUp
2014-07-26 10:42 - 2014-05-21 00:27 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-26 10:42 - 2014-05-21 00:27 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-26 10:42 - 2013-10-07 20:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-26 10:37 - 2014-05-20 16:04 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-07-26 10:37 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-26 10:36 - 2014-07-25 20:26 - 00000000 ____D () C:\Program Files (x86)\UpperFind
2014-07-26 10:36 - 2013-10-07 20:23 - 00007830 _____ () C:\WINDOWS\PFRO.log
2014-07-26 02:17 - 2014-07-18 19:59 - 00000000 ____D () C:\Users\****\AppData\Roaming\BitTorrent
2014-07-26 02:17 - 2014-05-20 16:13 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2014-07-26 02:17 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-25 20:25 - 2014-07-25 20:25 - 00000000 ____D () C:\Program Files (x86)\Software Updater
2014-07-25 20:20 - 2014-07-25 20:20 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2014-07-25 20:06 - 2014-07-25 20:06 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-07-25 20:06 - 2014-07-04 20:16 - 00000000 ____D () C:\Users\****\AppData\Local\LSC
2014-07-25 20:06 - 2014-05-20 16:13 - 00000000 ____D () C:\ProgramData\Lenovo
2014-07-25 20:06 - 2014-05-20 16:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-07-25 20:06 - 2014-05-20 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-07-25 20:06 - 2014-05-20 15:29 - 00000000 ____D () C:\Program Files\Lenovo
2014-07-25 20:04 - 2014-05-20 16:08 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-07-25 18:49 - 2014-05-20 16:04 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-07-25 18:48 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-23 22:46 - 2014-05-20 16:14 - 00000000 ____D () C:\ProgramData\Energy Manager
2014-07-22 22:07 - 2014-07-22 20:36 - 00002675 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-22 22:07 - 2014-07-22 20:36 - 00002628 _____ () C:\Users\****\Desktop\Search.lnk
2014-07-22 20:37 - 2014-07-22 20:36 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-07-22 20:36 - 2014-07-22 20:36 - 00000000 ____D () C:\Users\****\AppData\Local\Smartbar
2014-07-22 20:36 - 2014-07-22 20:36 - 00000000 ____D () C:\Users\****\AppData\Local\LPT
2014-07-22 20:36 - 2014-07-21 20:07 - 00000000 ____D () C:\Users\****\Desktop\spiele
2014-07-21 20:07 - 2014-07-21 20:07 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____D () C:\Program Files (x86)\fst_de_110
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____D () C:\Program Files (x86)\di9BlockAndSurf
2014-07-21 20:07 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-07-21 20:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-07-21 20:05 - 2014-07-21 20:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2014-07-21 20:05 - 2014-07-21 20:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\dlg
2014-07-21 20:04 - 2014-07-21 20:04 - 00000000 ____D () C:\Games
2014-07-21 20:01 - 2014-07-21 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up
2014-07-21 20:00 - 2014-07-21 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 20:00 - 2014-07-21 20:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-21 19:59 - 2014-07-21 19:59 - 00000000 ____D () C:\Users\****\AppData\Local\CrashRpt
2014-07-21 19:58 - 2014-07-21 19:58 - 00000000 ____D () C:\ProgramData\RapidSolution
2014-07-21 19:58 - 2014-07-21 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 11
2014-07-21 19:58 - 2014-07-21 19:58 - 00000000 ____D () C:\Program Files (x86)\Audials
2014-07-21 19:56 - 2014-07-21 19:56 - 00006818 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11
2014-07-21 19:56 - 2014-07-21 19:56 - 00006136 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3
2014-07-21 19:56 - 2014-07-21 19:56 - 00005290 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4
2014-07-21 19:56 - 2014-07-21 19:56 - 00004530 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-6
2014-07-21 19:56 - 2014-07-21 19:56 - 00004530 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-1
2014-07-21 19:56 - 2014-07-21 19:56 - 00004466 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-7
2014-07-21 19:56 - 2014-07-21 19:56 - 00004416 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5
2014-07-21 19:56 - 2014-07-21 19:56 - 00004328 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2
2014-07-21 19:56 - 2014-07-21 19:56 - 00003666 _____ () C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Local\RapidSolution
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Local\globalUpdate
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.1
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-21 19:55 - 2014-07-21 19:55 - 00471584 _____ () C:\Users\****\Downloads\soft32_Counter Strike_1.0.exe
2014-07-20 22:51 - 2014-07-20 22:51 - 00000000 ____D () C:\Users\****\AppData\Roaming\Need for Speed World
2014-07-20 22:22 - 2014-07-20 22:22 - 00000000 ____D () C:\Users\****\AppData\Local\Electronic_Arts_Inc
2014-07-20 22:21 - 2014-07-20 22:18 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-07-20 22:20 - 2014-07-20 22:18 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-07-20 22:20 - 2014-07-20 18:48 - 00095405 _____ () C:\WINDOWS\DirectX.log
2014-07-20 22:18 - 2014-07-20 22:18 - 05006472 _____ (Electronic Arts ) C:\Users\****\Downloads\setup_659.exe
2014-07-20 22:18 - 2014-07-20 22:18 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-20 22:18 - 2014-07-20 22:18 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-07-20 20:31 - 2014-07-20 20:29 - 00000000 ____D () C:\Users\****\AppData\Roaming\fltk.org
2014-07-20 20:31 - 2014-07-20 20:28 - 00000000 ____D () C:\Users\****\AppData\Roaming\flightgear.org
2014-07-20 20:29 - 2014-07-20 20:29 - 00000000 ____D () C:\ProgramData\fltk.org
2014-07-20 20:28 - 2014-07-20 20:28 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00000000 ____D () C:\ProgramData\flightgear.org
2014-07-20 20:28 - 2014-07-20 20:28 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-07-20 20:27 - 2014-07-20 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightGear 3.0.0
2014-07-20 20:22 - 2014-07-20 20:22 - 00000000 ____D () C:\Program Files\FlightGear
2014-07-20 20:21 - 2014-07-20 19:59 - 1062570539 _____ (The FlightGear Team ) C:\Users\****\Downloads\Setup_FlightGear_3.0.0__1_.exe
2014-07-20 18:58 - 2014-07-20 18:48 - 00000000 ____D () C:\ProgramData\TmForever
2014-07-20 18:48 - 2014-07-20 18:48 - 00001135 _____ () C:\Users\****\Desktop\TmNationsForever.lnk
2014-07-20 18:48 - 2014-07-20 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever
2014-07-20 18:48 - 2014-07-20 18:47 - 00000000 ____D () C:\Program Files (x86)\TmNationsForever
2014-07-20 18:46 - 2014-07-20 18:39 - 530600781 _____ () C:\Users\****\Downloads\tmnationsforever_setup.exe
2014-07-20 17:56 - 2014-07-20 17:56 - 00000000 ____D () C:\Users\****\AppData\Local\Skype
2014-07-20 17:56 - 2014-07-04 20:12 - 00000000 ____D () C:\Users\****\AppData\Local\VirtualStore
2014-07-20 17:55 - 2014-07-20 17:55 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-20 17:55 - 2014-07-20 17:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-20 17:55 - 2014-07-20 17:55 - 00000000 ____D () C:\ProgramData\Skype
2014-07-20 17:55 - 2014-07-20 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 ____D () C:\Users\****\AppData\Roaming\OpenCandy
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-07-20 17:54 - 2014-07-20 17:53 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-07-20 17:54 - 2014-07-18 20:02 - 00001040 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2014-07-20 17:53 - 2014-07-20 17:53 - 02876504 _____ (Power Software Ltd) C:\Users\****\Downloads\PowerISO5.exe
2014-07-20 17:01 - 2014-07-18 20:09 - 00000000 ____D () C:\Users\****\Downloads\Grand.Theft.Auto.IV-Razor1911
2014-07-18 20:50 - 2014-07-18 20:50 - 00072244 _____ () C:\Users\****\Downloads\Grand.Theft.Auto.IV-Razor1911@www.torrent.to.torrent
2014-07-18 20:17 - 2014-07-18 20:17 - 01141680 _____ () C:\Users\****\Downloads\SteamSetup.exe
2014-07-18 20:17 - 2014-07-18 20:17 - 00000990 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-07-18 20:17 - 2014-07-18 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-18 20:05 - 2014-07-18 20:01 - 00000000 ____D () C:\Users\****\Downloads\Best of Starvation Bundle
2014-07-18 20:03 - 2014-07-18 20:03 - 00000000 ____D () C:\Users\****\AppData\Roaming\PowerISO
2014-07-18 20:01 - 2014-07-18 20:01 - 02790064 _____ (Power Software Ltd) C:\Users\****\Downloads\PowerISO6-x64.exe
2014-07-18 20:01 - 2014-07-18 20:01 - 00000000 ____D () C:\Users\****\AppData\Local\SearchProtect
2014-07-18 20:00 - 2014-07-18 20:00 - 00000891 _____ () C:\Users\****\Desktop\BitTorrent.lnk
2014-07-18 20:00 - 2014-07-18 20:00 - 00000871 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-18 19:59 - 2014-07-18 19:59 - 01913432 _____ (BitTorrent Inc.) C:\Users\****\Downloads\BitTorrent.exe
2014-07-18 19:53 - 2014-07-18 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-18 19:53 - 2014-07-18 19:52 - 00000000 ____D () C:\Users\****\AppData\Local\Google
2014-07-18 19:53 - 2014-07-18 19:52 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-18 19:52 - 2014-07-18 19:52 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-18 19:52 - 2014-07-18 19:52 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-18 19:52 - 2014-07-18 19:51 - 00000000 ____D () C:\Users\****\AppData\Local\Deployment
2014-07-18 19:51 - 2014-07-18 19:51 - 00000000 ____D () C:\Users\****\AppData\Local\Apps\2.0
Some content of TEMP:
====================
C:\Users\****\AppData\Local\Temp\air5493.exe
C:\Users\****\AppData\Local\Temp\airA3D.exe
C:\Users\****\AppData\Local\Temp\airAA96.exe
C:\Users\****\AppData\Local\Temp\airADE2.exe
C:\Users\****\AppData\Local\Temp\nsc847F.exe
C:\Users\****\AppData\Local\Temp\nsgF20A.exe
C:\Users\****\AppData\Local\Temp\nslFD5A.exe
C:\Users\****\AppData\Local\Temp\nsoF1DA.exe
C:\Users\****\AppData\Local\Temp\nspD582.exe
C:\Users\****\AppData\Local\Temp\nspFA6B.exe
C:\Users\****\AppData\Local\Temp\nsq7F5E.exe
C:\Users\****\AppData\Local\Temp\nsqCC2A.exe
C:\Users\****\AppData\Local\Temp\nssF4BB.exe
C:\Users\****\AppData\Local\Temp\nsu9A52.exe
C:\Users\****\AppData\Local\Temp\oct6C36.tmp.exe
C:\Users\****\AppData\Local\Temp\ShoppinH2.exe
C:\Users\****\AppData\Local\Temp\sp-downloader.exe
C:\Users\****\AppData\Local\Temp\SPSetup.exe
C:\Users\****\AppData\Local\Temp\tmp3BE8.exe
C:\Users\****\AppData\Local\Temp\utt364B.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-26 16:46
==================== End Of Log ============================
|
|
17.08.2014, 12:24
| #2 |
| | 2x Win8: Verlinkte Wörter, blinkende Virenwarnungen - das Übliche Addition:
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2014 04
Ran by **** at 2014-08-17 12:36:13
Running from C:\Users\****\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.1245.53580 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 20.2.1245.53580 - Alcor Micro Corp.) Hidden
Audials (HKLM-x32\...\{DA6EBFC9-8869-4B61-8D38-2668A395C5B0}) (Version: 11.0.54400.0 - Audials AG)
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32355 - BitTorrent Inc.)
BlockAndSurf (HKLM-x32\...\14B128CB-7512-6580-5764-7AEBD4390FC0) (Version: - BlockAndSurf-software) <==== ATTENTION
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink MediaStory (x32 Version: 1.0.1314 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.1.4107 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
Energy Manager (x32 Version: 1.0.0.31 - Lenovo) Hidden
FlightGear v3.0.0 (HKLM\...\FlightGear_is1) (Version: - The FlightGear Team)
FreeSoftToday 014.110 (HKLM-x32\...\fst_de_110_is1) (Version: - FREESOFTTODAY) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6490.0 - IDT)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1013 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.5.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.5.1000 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7850 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.926.1 - Vimicro)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo Web Start (HKCU\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
LibreOffice 4.2 Help Pack (German) (HKLM-x32\...\{56232F31-556D-4ABB-A039-58193778A627}) (Version: 4.2.0.4 - The Document Foundation)
LibreOffice 4.2.0.4 (HKLM-x32\...\{E043231F-34F2-4AF5-9400-0961CC15AAAE}) (Version: 4.2.0.4 - The Document Foundation)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.3.5000 - Maxthon International Limited)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.659 - Electronic Arts)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.141.953 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden
NVIDIA Update 9.3.14 (Version: 9.3.14 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.14 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PC Speed Up (HKLM\...\PCSU-SL_is1) (Version: 3.6.1.0 - Speedchecker Limited)
Plus-HD-9.1 (HKLM-x32\...\Plus-HD-9.1) (Version: 1.34.7.1 - Plus HD) <==== ATTENTION
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.16.10.61 - Client Connect LTD) <==== ATTENTION
Shopping Helper Smartbar (HKLM-x32\...\{16F8A832-DD84-4271-8B76-ACADE6DB3968}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{0cc5cc23-4ebb-462a-85ae-f3bb91e618b7}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Software Updater version 1.9.4 (HKLM-x32\...\Software Updater_is1) (Version: 1.9.4 - )
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Start Menu (HKCU\...\Pokki) (Version: 0.269.2.430 - Pokki)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.9.1 - Synaptics Incorporated)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
UpperFind (HKLM\...\UpperFind) (Version: 2014.07.25.142836 - UpperFind)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
WindowsMangerProtect20.0.0.502 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.502 - WindowsProtect LIMITED) <==== ATTENTION
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
20-07-2014 11:08:24 Geplanter Prüfpunkt
21-07-2014 17:57:33 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
25-07-2014 18:05:20 Installed Lenovo Solution Center.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F6F9A1A-A3B7-4F98-90E5-3C1717FEF5A2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {12037548-288F-494B-835D-6FA95217C97D} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {148A3004-26E1-4CD4-ACE7-9904E076F2D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-18] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {243546A3-7990-4EF0-9FCC-E78EBD5F22CB} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {292B3B79-ACBC-40E7-A59E-4362DB42ED4B} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5 => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.exe [2014-07-21] (Plus HD)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2E709391-2BCC-49A5-90A7-A9F90A42126A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3B85BF54-36A1-49F2-980A-E831B86A877A} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-7 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-nova.exe [2014-07-21] (Plus HD)
Task: {3B9EAE9A-6241-4035-9688-68203971319A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-18] (Google Inc.)
Task: {443537E9-F9E9-4910-9AF0-50DD9FDC7DD6} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {46E97D05-2BCB-468E-B91F-E6A75CFE428F} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5_user => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.exe [2014-07-21] (Plus HD)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4C510E3F-5CC8-4198-8777-89926EF8FEF6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {5A3313D8-D9E5-4D8B-99FD-7D63B44F6A99} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {5AA1EA50-E62D-4D47-9046-5CA016B403FD} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-10-14] (Maxthon International ltd.)
Task: {63A1F9F8-670C-4CB8-AC5C-9AD5D24DE6C8} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3 => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3.exe [2014-07-21] (Plus HD)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75C383DA-F607-498B-9864-EFCA1C031B18} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2 => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2.exe [2014-07-21] (Plus HD)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7A4E427F-9EB0-4897-9D5E-C8FC1026F8A1} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-1 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-codedownloader.exe [2014-07-21] (Plus HD)
Task: {7B65C20E-CDFE-486F-B861-861D0D075FE9} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8ED5F765-468E-41D5-905B-13B2765ED24C} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {92312BF6-DD9D-4CB0-8DB2-779DAEA49921} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {9FF17F1E-6DAB-448A-B407-B0F5EE621E41} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-6 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-novainstaller.exe [2014-07-21] (Plus HD)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A58153E6-D8D7-49F4-81D7-D3D8DD2CDBED} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {A5D165BA-5DAD-47F1-AD4A-1814DA5C05FD} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-21] (globalUpdate)
Task: {CED832EB-75B3-4A0E-BFB9-8EBE7222DA61} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DF1744AD-EBD8-4902-B806-E3EE8F8DA407} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {E60DAE37-5134-49BD-BFB2-ABF843D38BB7} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11 => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11.exe [2014-07-21] (Plus HD)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EC56123E-E776-43AB-9A2E-EACB793D153B} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F2F5204C-167E-454B-8D47-260B87682082} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4 => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4.exe [2014-07-21] (Plus HD)
Task: {F329F74F-DAD0-49F4-A4C6-45DA848A84AC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-05-06] (Lenovo)
Task: {F647D0C9-D28D-4C7A-86F5-6037228E1B17} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-11] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-1.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11.job => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2.job => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3.job => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4.job => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.job => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5_user.job => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-6.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-novainstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-7.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-nova.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-07-21 20:01 - 2014-07-03 07:35 - 00430888 _____ () C:\Program Files (x86)\PC Speed Up\PCSUService.exe
2013-09-04 20:13 - 2013-09-04 20:13 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00034336 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-05-20 16:07 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-07-21 19:56 - 2014-07-21 19:56 - 00071680 _____ () C:\Users\****\AppData\Roaming\VOPackage\VOsrv.exe
2014-06-16 14:21 - 2014-06-16 14:21 - 00036384 _____ () C:\Program Files (x86)\LPT\srptsl.exe
2014-05-20 16:13 - 2014-05-20 16:13 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-05-20 16:13 - 2014-05-20 16:13 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00024608 _____ () C:\Program Files (x86)\LPT\srptm.exe
2014-07-23 16:32 - 2014-07-25 20:26 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2014-07-23 16:32 - 2014-07-25 20:26 - 00732040 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2014-07-21 20:07 - 2014-07-21 14:51 - 03320800 _____ () C:\Users\****\AppData\Local\fst_de_110\upfst_de_110.exe
2014-06-11 17:31 - 2014-06-11 17:31 - 02208520 _____ () C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe
2014-07-21 20:07 - 2014-07-21 14:51 - 03975136 _____ () C:\Program Files (x86)\fst_de_110\fst_de_110.exe
2014-07-21 20:07 - 2014-07-21 20:07 - 00130560 _____ () C:\Program Files (x86)\di9BlockAndSurf\BlockAndSurf.exe
2014-07-04 16:20 - 2014-07-07 19:15 - 00601144 _____ () C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-06-16 14:18 - 2014-06-16 14:18 - 00025120 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Lrcnta.exe
2014-07-25 16:28 - 2014-08-17 12:31 - 00323312 _____ () C:\Program Files (x86)\UpperFind\updateUpperFind.exe
2014-07-25 21:30 - 2014-08-17 12:34 - 00323312 _____ () C:\Program Files (x86)\UpperFind\bin\utilUpperFind.exe
2014-07-25 21:31 - 2014-07-29 15:39 - 00286960 _____ () C:\Program Files (x86)\UpperFind\bin\UpperFind.PurBrowse64.exe
2014-07-21 20:01 - 2014-07-03 07:35 - 00585600 _____ () C:\Program Files (x86)\PC Speed Up\sqlite3.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00044064 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00060960 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-05-20 15:25 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00078368 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00067616 _____ () C:\Program Files (x86)\LPT\sppsm.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00157216 _____ () C:\Program Files (x86)\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00028704 _____ () C:\Program Files (x86)\LPT\Smartbar.Personalization.Common.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00167456 _____ () C:\Program Files (x86)\LPT\Smartbar.Infrastructure.Utilities.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00047648 _____ () C:\Program Files (x86)\LPT\srbu.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00026656 _____ () C:\Program Files (x86)\LPT\srpdm.dll
2014-06-16 14:18 - 2014-06-16 14:18 - 00028192 _____ () C:\Program Files (x86)\LPT\ProxySettings.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00047136 _____ () C:\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2014-06-16 14:18 - 2014-06-16 14:18 - 00054304 _____ () C:\Program Files (x86)\LPT\Proxy.Lib.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00029216 _____ () C:\Program Files (x86)\LPT\sreu.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00055840 _____ () C:\Program Files (x86)\LPT\srprl.dll
2014-06-16 14:18 - 2014-06-16 14:18 - 00050208 _____ () C:\Program Files (x86)\LPT\lrrot.dll
2014-07-23 16:32 - 2014-07-25 20:26 - 00093576 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2014-07-04 16:20 - 2014-07-07 19:15 - 36966968 _____ () C:\Users\****\AppData\Roaming\Spotify\Data\libcef.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00046080 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_thread-vc90-mt-1_39.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00045056 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_date_time-vc90-mt-1_39.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00068360 _____ () C:\Program Files (x86)\Audials\Audials 11\CrashRpt.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00409352 _____ () C:\Program Files (x86)\Audials\Audials 11\SQLite3.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00545032 _____ () C:\Program Files (x86)\Audials\Audials 11\StreamingClient.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00614912 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_regex-vc90-mt-1_39.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00012800 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_system-vc90-mt-1_39.dll
2014-07-21 19:59 - 2014-07-21 19:59 - 00283136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Utils\b1b0ada49bd510acb11cff9dcefc34cc\Utils.ni.dll
2014-07-21 19:59 - 2014-07-21 19:59 - 00582656 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\6bb51b5339df42f85481cf4a2dae1812\ManagedInterfaces.ni.dll
2014-07-21 19:59 - 2014-07-21 19:59 - 00174592 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\fastJSON\1c10c85d1fe7c70d10f088694a0a6a9a\fastJSON.ni.dll
2014-07-21 19:59 - 2014-07-21 19:59 - 00507392 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RSControls\2e588088757572d871eead30658adb0a\RSControls.ni.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00046624 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00071712 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srau.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00167456 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 02337824 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00068640 _____ () C:\Users\****\AppData\Local\Smartbar\Application\spbl.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00157216 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00015904 _____ () C:\Users\****\AppData\Local\Smartbar\Application\siem.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00067616 _____ () C:\Users\****\AppData\Local\Smartbar\Application\sppsm.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00698400 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00016416 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00080416 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00028704 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00060960 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srut.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00031264 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srsbs.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00067104 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00151072 _____ () C:\Users\****\AppData\Local\Smartbar\Application\smti.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00032800 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srom.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00032288 _____ () C:\Users\****\AppData\Local\Smartbar\Application\smtu.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00040992 _____ () C:\Users\****\AppData\Local\Smartbar\Application\smta.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00047648 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srbu.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00026144 _____ () C:\Users\****\AppData\Local\Smartbar\Application\sgml.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00063520 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00026656 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srpdm.dll
2014-06-16 14:18 - 2014-06-16 14:18 - 00045088 _____ () C:\Users\****\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-06-16 14:10 - 2014-06-16 14:10 - 00026656 _____ () C:\Users\****\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00036896 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00194592 _____ () C:\Users\****\AppData\Local\Smartbar\Application\sgmu.dll
2014-05-12 11:21 - 2014-05-12 11:21 - 00061440 _____ () C:\Users\****\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00257056 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srns.dll
2014-07-07 19:15 - 2014-07-07 19:15 - 00867896 _____ () C:\Users\****\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-07-04 16:20 - 2014-07-07 19:15 - 00886840 _____ () C:\Users\****\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-07-04 16:20 - 2014-07-07 19:15 - 00108600 _____ () C:\Users\****\AppData\Roaming\Spotify\Data\libegl.dll
2014-01-17 18:32 - 2014-01-17 18:32 - 00569856 _____ () C:\Users\****\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2014-01-17 18:32 - 2014-01-17 18:32 - 01400846 _____ () C:\Users\****\AppData\Local\Pokki\Engine\avcodec-54.dll
2014-01-17 18:32 - 2014-01-17 18:32 - 00151054 _____ () C:\Users\****\AppData\Local\Pokki\Engine\avutil-51.dll
2014-01-17 18:32 - 2014-01-17 18:32 - 00222734 _____ () C:\Users\****\AppData\Local\Pokki\Engine\avformat-54.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00101408 _____ () C:\Users\****\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll
2014-07-21 20:07 - 2014-07-21 20:07 - 00195072 _____ () C:\Program Files (x86)\di9BlockAndSurf\176.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00142368 _____ () C:\Users\****\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll
2014-08-17 12:35 - 2014-08-15 12:12 - 00240128 _____ () C:\Program Files (x86)\UpperFind\bin\UpperFindDsp.dll
2014-07-25 21:31 - 2014-08-17 11:41 - 00096496 _____ () C:\Program Files (x86)\UpperFind\bin\UpperFind.BrowserAdapter.exe
2014-06-16 14:18 - 2014-06-16 14:18 - 00317984 _____ () C:\Program Files (x86)\LPT\Resources\ntdis_32.dll
2014-07-25 21:31 - 2014-08-17 11:41 - 00195312 _____ () C:\Program Files (x86)\UpperFind\bin\UpperFindBAApp.dll
2014-08-17 12:09 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-17 12:09 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-17 12:09 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-17 12:09 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
2014-06-16 14:18 - 2014-06-16 14:18 - 00034848 _____ () C:\Users\****\AppData\Local\Smartbar\Application\lrcnt.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/17/2014 00:33:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (08/17/2014 00:30:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (08/17/2014 00:22:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17126 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ac4
Startzeit: 01cfba03d624ab39
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: 57efd37c-25f8-11e4-825a-2025648809c8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/17/2014 00:13:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (08/17/2014 00:06:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (07/26/2014 10:55:20 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (07/21/2014 08:11:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl.exe, Version: 1.1.1.1, Zeitstempel: 0x48feaf5a
Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel: 0x4aa7bb95
Ausnahmecode: 0xc0000417
Fehleroffset: 0x000268d3
ID des fehlerhaften Prozesses: 0x215c
Startzeit der fehlerhaften Anwendung: 0xhl.exe0
Pfad der fehlerhaften Anwendung: hl.exe1
Pfad des fehlerhaften Moduls: hl.exe2
Berichtskennung: hl.exe3
Vollständiger Name des fehlerhaften Pakets: hl.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl.exe5
Error: (07/21/2014 08:11:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl.exe, Version: 1.1.1.1, Zeitstempel: 0x48feaf5a
Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel: 0x4aa7bb95
Ausnahmecode: 0xc0000417
Fehleroffset: 0x000268d3
ID des fehlerhaften Prozesses: 0x21e8
Startzeit der fehlerhaften Anwendung: 0xhl.exe0
Pfad der fehlerhaften Anwendung: hl.exe1
Pfad des fehlerhaften Moduls: hl.exe2
Berichtskennung: hl.exe3
Vollständiger Name des fehlerhaften Pakets: hl.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl.exe5
Error: (07/21/2014 08:11:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl.exe, Version: 1.1.1.1, Zeitstempel: 0x48feaf5a
Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel: 0x4aa7bb95
Ausnahmecode: 0xc0000417
Fehleroffset: 0x000268d3
ID des fehlerhaften Prozesses: 0xd04
Startzeit der fehlerhaften Anwendung: 0xhl.exe0
Pfad der fehlerhaften Anwendung: hl.exe1
Pfad des fehlerhaften Moduls: hl.exe2
Berichtskennung: hl.exe3
Vollständiger Name des fehlerhaften Pakets: hl.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl.exe5
Error: (07/21/2014 08:10:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl.exe, Version: 1.1.1.1, Zeitstempel: 0x48feaf5a
Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel: 0x4aa7bb95
Ausnahmecode: 0xc0000417
Fehleroffset: 0x000268d3
ID des fehlerhaften Prozesses: 0x16f0
Startzeit der fehlerhaften Anwendung: 0xhl.exe0
Pfad der fehlerhaften Anwendung: hl.exe1
Pfad des fehlerhaften Moduls: hl.exe2
Berichtskennung: hl.exe3
Vollständiger Name des fehlerhaften Pakets: hl.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl.exe5
System errors:
=============
Error: (08/17/2014 00:19:20 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (08/17/2014 00:19:20 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (08/17/2014 00:10:37 PM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (07/29/2014 07:37:48 PM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (07/29/2014 07:21:38 PM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/29/2014 07:10:17 PM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/29/2014 06:52:51 PM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/29/2014 06:52:21 PM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (07/27/2014 03:02:52 AM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (07/27/2014 03:02:22 AM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Microsoft Office Sessions:
=========================
Error: (08/17/2014 00:33:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1712653882e30jscript9.dll11.0.9600.1720753a217f1c000000500008737
Error: (08/17/2014 00:30:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1712653882e30jscript9.dll11.0.9600.1720753a217f1c000000500008737
Error: (08/17/2014 00:22:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17126ac401cfba03d624ab394294967295C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE57efd37c-25f8-11e4-825a-2025648809c8
Error: (08/17/2014 00:13:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1712653882e30jscript9.dll11.0.9600.1720753a217f1c000000500008737
Error: (08/17/2014 00:06:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1712653882e30jscript9.dll11.0.9600.1720753a217f1c000000500008737
Error: (07/26/2014 10:55:20 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (07/21/2014 08:11:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl.exe1.1.1.148feaf5asteamclient.dll0.0.0.04aa7bb95c0000417000268d3215c01cfa50f3749c90fC:\Games\Counter-Strike\hl.exec:\games\counter-strike\steamclient.dll750d76c8-1102-11e4-8259-342387f9c098
Error: (07/21/2014 08:11:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl.exe1.1.1.148feaf5asteamclient.dll0.0.0.04aa7bb95c0000417000268d321e801cfa50f314a2cc5C:\Games\Counter-Strike\hl.exec:\games\counter-strike\steamclient.dll6f0c009a-1102-11e4-8259-342387f9c098
Error: (07/21/2014 08:11:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl.exe1.1.1.148feaf5asteamclient.dll0.0.0.04aa7bb95c0000417000268d3d0401cfa50f2eed66bcC:\Games\Counter-Strike\hl.exec:\games\counter-strike\steamclient.dll6caf7355-1102-11e4-8259-342387f9c098
Error: (07/21/2014 08:10:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl.exe1.1.1.148feaf5asteamclient.dll0.0.0.04aa7bb95c0000417000268d316f001cfa50f13abfbd0C:\Games\Counter-Strike\hl.exec:\games\counter-strike\steamclient.dll517166e9-1102-11e4-8259-342387f9c098
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 55%
Total physical RAM: 8116.27 MB
Available physical RAM: 3643.56 MB
Total Pagefile: 16820.27 MB
Available Pagefile: 12329.95 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:424.26 GB) (Free:356.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.9 GB) NTFS
Drive e: (PUBLIC_ENEMIES) (CDROM) (Total:6.96 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 9440B80C)
Partition: GPT Partition Type.
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-17 12:53:18
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000036 ST500LT012-1DG142 rev.0002LVM1 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\****\AppData\Local\Temp\kwtdqpod.sys
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\nvvsvc.exe[9192] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[9192] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[9192] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[9192] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text C:\WINDOWS\Explorer.EXE[6748] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text C:\WINDOWS\Explorer.EXE[6748] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text C:\WINDOWS\Explorer.EXE[6748] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text C:\WINDOWS\Explorer.EXE[6748] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4124] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4124] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4124] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4124] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[7132] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[7132] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[7132] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[7132] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3892] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3892] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3892] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3892] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3892] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff8914c1f6a 4 bytes [4C, 91, F8, 7F]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3892] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff8914c1f82 4 bytes [4C, 91, F8, 7F]
.text C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[5224] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[5224] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[5224] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[5224] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text c:\PROGRA~1\mcafee\vul\mcvulctr.exe[7928] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text c:\PROGRA~1\mcafee\vul\mcvulctr.exe[7928] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text c:\PROGRA~1\mcafee\vul\mcvulctr.exe[7928] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text c:\PROGRA~1\mcafee\vul\mcvulctr.exe[7928] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text c:\PROGRA~1\mcafee\vul\MCVULA~2.EXE[616] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text c:\PROGRA~1\mcafee\vul\MCVULA~2.EXE[616] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text c:\PROGRA~1\mcafee\vul\MCVULA~2.EXE[616] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text c:\PROGRA~1\mcafee\vul\MCVULA~2.EXE[616] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files (x86)\UpperFind\bin\UpperFind.PurBrowse64.exe[7552] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files (x86)\UpperFind\bin\UpperFind.PurBrowse64.exe[7552] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files (x86)\UpperFind\bin\UpperFind.PurBrowse64.exe[7552] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files (x86)\UpperFind\bin\UpperFind.PurBrowse64.exe[7552] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text C:\WINDOWS\SysWOW64\rundll32.exe[10140] C:\Program Files (x86)\UpperFind\bin\UpperFindDsp.dll!Enum + 1 0000000070c61001 4 bytes [DB, FF, D3, 91]
.text C:\WINDOWS\SysWOW64\rundll32.exe[10140] C:\Program Files (x86)\UpperFind\bin\UpperFindDsp.dll!Enum + 6 0000000070c61006 4 bytes {JMP 0xffffffff91d3586b}
.text C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[3496] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[3496] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[3496] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[3496] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [5740:7116] fffff960009a5b90
Thread C:\WINDOWS\SysWOW64\rundll32.exe [10140:8956] 00000000029a4c20
---- Processes - GMER 2.1 ----
Process C:\Users\****\AppData\Roaming\VOPackage\VOsrv.exe (*** suspicious ***) @ C:\Users\****\AppData\Roaming\VOPackage\VOsrv.exe [2492](2014-07-21 17:56:44) 0000000000ea0000
Library C:\Users\****\AppData\Local\Pokki\Engine\libPokki.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [3944] (Chromium/The Chromium Authors)(2014-03-20 22:40:48) 000000005c940000
Library C:\Users\****\AppData\Local\Pokki\Engine\icudt.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [3944] (ICU Data DLL/The ICU Project)(2014-01-17 16:32:58) 000000005ba50000
Library C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000004e80000
Library C:\Users\****\AppData\Local\Smartbar\Application\srau.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000005120000
Library C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000005140000
Library C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000005900000
Library C:\Users\****\AppData\Local\Smartbar\Application\spbl.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000005490000
Library C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 00000000054d0000
Library C:\Users\****\AppData\Local\Smartbar\Application\siem.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000005550000
Library C:\Users\****\AppData\Local\Smartbar\Application\sppsm.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 00000000055b0000
Library C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000005600000
Library C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000005cb0000
Library C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000005d20000
Library C:\Users\****\AppData\Local\Smartbar\Application\srsbs.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000006400000
Library C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000008270000
Library C:\Users\****\AppData\Local\Smartbar\Application\smti.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 00000000083d0000
Library C:\Users\****\AppData\Local\Smartbar\Application\srom.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000008350000
Library C:\Users\****\AppData\Local\Smartbar\Application\smtu.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000008430000
Library C:\Users\****\AppData\Local\Smartbar\Application\smta.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 0000000008450000
Library C:\Users\****\AppData\Local\Smartbar\Application\srbu.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 000000000a180000
Library C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 000000000a1e0000
Library C:\Users\****\AppData\Local\Smartbar\Application\srpdm.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 000000000a1d0000
Library C:\Users\****\AppData\Local\Smartbar\Application\MACTrackBarLib.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 000000000b7a0000
Library C:\Users\****\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 000000000b7d0000
Library C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 000000000b970000
Library C:\Users\****\AppData\Local\Smartbar\Application\sgmu.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 000000000a260000
Library C:\Users\****\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 000000000a2e0000
Library C:\Users\****\AppData\Local\Smartbar\Application\Interop.WMPLib.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND) 000000000a570000
Library C:\Users\****\AppData\Local\Pokki\Engine\libPokki.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [6392] (Chromium/The Chromium Authors)(2014-03-20 22:40:48) 000000005c940000
Library C:\Users\****\AppData\Local\Pokki\Engine\icudt.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [6392] (ICU Data DLL/The ICU Project)(2014-01-17 16:32:58) 000000005ba50000
Library C:\Users\****\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [6392](2014-01-17 16:32:58) 000000005b030000
Library C:\Users\****\AppData\Local\Pokki\Engine\avcodec-54.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [6392](2014-01-17 16:32:58) 000000005ae30000
Library C:\Users\****\AppData\Local\Pokki\Engine\avutil-51.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [6392](2014-01-17 16:32:56) 000000005c590000
Library C:\Users\****\AppData\Local\Pokki\Engine\avformat-54.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [6392](2014-01-17 16:32:56) 000000005c470000
Library C:\ProgramData\Windows Genuine Advantage\{661450B0-4E20-44FB-8E7C-BF52EB469422}\api-ms-win-system-d3d11ref-l1-1-0.dll (*** suspicious ***) @ C:\WINDOWS\SysWOW64\regsvr32.exe [12948] ( /Microsoft Corporation)(2014-08-17 10:18:23) 0000000050900000
Library C:\Users\****\AppData\Local\Smartbar\Application\lrcnt.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Lrcnta.exe [10324] (FILE NOT FOUND) 0000000004950000
Library C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_3.0.176.1_x64__bq6yxensn79aw\McCloudShim.dll (*** suspicious ***) @ C:\WINDOWS\system32\wwahost.exe [5960](2014-07-05 08:44:42) 00007ff8902d0000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Vielen Dank schonmal im Voraus! |
|
18.08.2014, 15:40
| #3 |
| | 2x Win8: Verlinkte Wörter, blinkende Virenwarnungen - das Übliche Der Thread kann geschlossen werden, das Problem wird in einem anderen schon behandelt.
__________________ |
|
19.08.2014, 10:04
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | 2x Win8: Verlinkte Wörter, blinkende Virenwarnungen - das Übliche Hier gehts weiter => http://www.trojaner-board.de/157713-...n-ubliche.html
__________________ Logfiles bitte immer in CODE-Tags posten  |
| Themen zu 2x Win8: Verlinkte Wörter, blinkende Virenwarnungen - das Übliche |
| administrator, blockandsurf, browser, defender, detected, dll, download, explorer, explorer.exe, homepage, ics, logfiles, microsoft, newtab, nvidia, pdf, plus-hd-9.1, poweriso, registry, rundll, scan, services.exe, software, spotify web helper, svchost.exe, system, temp, usb, windows, windowsmangerprotect, winlogon.exe |
Linear-Darstellung
