Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   2x Win8: Verlinkte Wörter, blinkende Virenwarnungen - das Übliche (https://www.trojaner-board.de/157691-2x-win8-verlinkte-woerter-blinkende-virenwarnungen-ubliche.html)

anonym2 17.08.2014 12:23
2x Win8: Verlinkte Wörter, blinkende Virenwarnungen - das Übliche
 
Hallo zusammen,

ich habe hier schonmal gute Hilfe erhalten und wende mich deshalb wieder an euch. Diesmal geht es um den Windows 8 eines Bekannten von mir. Die Symptome sind die im Thread-Titel beschriebenen, aus Erfahrung kenne ich die schon und vermute, es ist wieder ein "klassischer Fall". Hier erstmal die grundlegenden Logfiles:

defogger:

Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:19 on 17/08/2014 (****)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by **** (administrator) on ****PC on 17-08-2014 12:35:02
Running from C:\Users\****\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\PC Speed Up\PCSUService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\LPT\srpts.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Users\****\AppData\Roaming\VOPackage\VOsrv.exe
() C:\Program Files (x86)\LPT\srptsl.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\LPT\srptm.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Users\****\AppData\Local\fst_de_110\upfst_de_110.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Spotify Ltd) C:\Users\****\AppData\Roaming\Spotify\spotify.exe
(Pokki) C:\Users\****\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Spotify Ltd) C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Pokki) C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe
() C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe
(Smartbar) C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Software Updater) C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
() C:\Program Files (x86)\fst_de_110\fst_de_110.exe
() C:\Program Files (x86)\di9BlockAndSurf\BlockAndSurf.exe
() C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Pokki) C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe
() C:\Users\****\AppData\Local\Smartbar\Application\Lrcnta.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Plus HD) C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-bg.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulAlert.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files (x86)\UpperFind\updateUpperFind.exe
() C:\Program Files (x86)\UpperFind\bin\utilUpperFind.exe
() C:\Program Files (x86)\UpperFind\bin\UpperFind.PurBrowse64.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-16] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-09-24] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-11] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-05-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-05-20] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-06-27] (Power Software Ltd)
HKLM-x32\...\Run: [fst_de_110] => C:\Program Files (x86)\fst_de_110\fst_de_110.exe [3975136 2014-07-21] ()
HKLM-x32\...\Run: [BlockAndSurf] => C:\Program Files (x86)\di9BlockAndSurf\BlockAndSurf.exe [130560 2014-07-21] ()
HKLM-x32\...\RunOnce: [upfst_de_110.exe] => C:\Users\****\AppData\Local\fst_de_110\upfst_de_110.exe [3320800 2014-07-21] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [Pokki] => C:\WINDOWS\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [Spotify] => C:\Users\****\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-07-07] (Spotify Ltd)
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [Spotify Web Helper] => C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-07] (Spotify Ltd)
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe [2208520 2014-06-11] ()
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [PCSpeedUp] => C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe [300840 2014-07-03] ()
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [29728 2014-06-16] (Smartbar)
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Run: [help] => "C:\Users\****\AppData\Roaming\Microsoft\Windows\IEUpdate\help.exe"
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\RunOnce: [help] => "C:\Users\****\AppData\Roaming\Microsoft\Windows\IEUpdate\help.exe"
HKU\S-1-5-21-3841687710-1451113179-3550632674-1002\...\Command Processor: "C:\Users\****\AppData\Roaming\Microsoft\Windows\IEUpdate\help.exe" <===== ATTENTION!
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftwareUpdater.lnk
ShortcutTarget: SoftwareUpdater.lnk -> C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe (Software Updater)
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\help.lnk
ShortcutTarget: help.lnk -> C:\Users\****\AppData\Roaming\Microsoft\Windows\IEUpdate\help.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooAI&dpid=YahooAI&co=DE&userid=2e6cd3c0-bbb0-5894-0bc3-056f66204aac&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp13000
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooAI&dpid=YahooAI&co=DE&userid=2e6cd3c0-bbb0-5894-0bc3-056f66204aac&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp13000
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
SearchScopes: HKLM - {6E6BD5B7-2DAC-4EC9-BE1A-3C8399D91A74} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeY2Xa_MC7jVLwTkhU8uB8pH1wZ3ww2xq424r9Qt_LZRr2z0wILeRYDiSjCUV0aku3r_m9Sr6uwjd4a8egseqxfg--Np69UpeMLjK6agqZQZ94SkBh20n2JP-LvokG7Apg,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeY2Xa_MC7jVLwTkhU8uB8pH1wZ3ww2xq424r9Qt_LZRr2z0wILeRYDiSjCUV0aku3r_m9Sr6uwjd4a8egseqxfg--Np69UpeMLjK6agqZQZ94SkBh20n2JP-LvokG7Apg,,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MBBDC9E48-88CE-4A4C-8E2D-45A688CE1A94&SearchSource=58&CUI=&UM=6&UP=SP7A00C53E-7052-44AE-A8D2-9830116EB9DD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooAI&dpid=YahooAI&co=DE&userid=2e6cd3c0-bbb0-5894-0bc3-056f66204aac&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp13000
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MBBDC9E48-88CE-4A4C-8E2D-45A688CE1A94&SearchSource=58&CUI=&UM=6&UP=SP7A00C53E-7052-44AE-A8D2-9830116EB9DD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406312747&from=air&uid=ST500LT012-1DG142_S3P6MT49XXXXS3P6MT49&q={searchTerms}
BHO: Plus-HD-9.1 -> {11111111-1111-1111-1111-110511291116} -> C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-bho64.dll (Plus HD)
BHO: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO-x32: Plus-HD-9.1 -> {11111111-1111-1111-1111-110511291116} -> C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-bho.dll (Plus HD)
BHO-x32: BlockAndSurf -> {21C7BF22-6256-1D9D-920C-96C12183DE96} -> C:\Program Files (x86)\di9BlockAndSurf\176.dll ()
BHO-x32: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-05-20]
FF HKCU\...\Firefox\Extensions: [{9F586BA1-DE20-5DC0-817B-B5D24781FE6A}] - C:\Program Files (x86)\di9BlockAndSurf\176.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\di9BlockAndSurf\176.xpi [2014-07-21]

Chrome:
=======
CHR HomePage: https://www.google.de/webhp?source=search_app&gfe_rd=cr&ei=KqPSU5DqH4qY-AbO2ICICg&gws_rd=ssl
CHR StartupUrls: "https://www.google.de/"
CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: vi-view
CHR DefaultNewTabURL:
CHR Extension: (Plus-HD-9.1) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe [2014-07-21]
CHR Extension: (Google Docs) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-18]
CHR Extension: (Google Drive) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-18]
CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-18]
CHR Extension: (Google-Suche) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-18]
CHR Extension: (Google Wallet) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-18]
CHR Extension: (BlockAndSurf) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcgnnlmmkimincacnkjichcghfgjnbdb [2014-07-21]
CHR Extension: (Quick start) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-07-25]
CHR Extension: (Google Mail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-18]
CHR Extension: (Extutil) - C:\Users\****\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-07-18]
CHR Extension: (Managera) - C:\Users\****\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-07-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-09-04] (Broadcom Corporation.)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-21] (globalUpdate) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-09-24] (Intel Corporation)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [702344 2014-07-25] (Cherished Technololgy LIMITED)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34336 2014-06-16] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1844024 2013-12-18] (Maxthon)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 PCSUService; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [430888 2014-07-03] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 servervo; C:\Users\****\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-07-21] () [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [338944 2013-08-11] (IDT, Inc.) [File not signed]
R2 Update UpperFind; C:\Program Files (x86)\UpperFind\updateUpperFind.exe [323312 2014-08-17] ()
R2 Util UpperFind; C:\Program Files (x86)\UpperFind\bin\utilUpperFind.exe [323312 2014-08-17] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-05-20] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [535936 2014-07-25] (Fuyu LIMITED)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [74344 2013-07-03] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-06-11] (Audials AG)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1065728 2013-09-26] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R2 webinstr; C:\WINDOWS\system32\Drivers\webinstr.sys [57528 2014-07-07] (Corsica)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R1 {0e56f9ed-d36e-4176-bfbd-2bd7c7a74afa}w64; C:\Windows\System32\drivers\{0e56f9ed-d36e-4176-bfbd-2bd7c7a74afa}w64.sys [61016 2014-07-08] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 12:35 - 2014-08-17 12:35 - 00027866 _____ () C:\Users\****\Desktop\FRST.txt
2014-08-17 12:34 - 2014-08-17 12:35 - 00000000 ____D () C:\FRST
2014-08-17 12:34 - 2014-08-17 12:34 - 02101760 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ___HD () C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}
2014-08-17 12:19 - 2014-08-17 12:19 - 00000474 _____ () C:\Users\****\Desktop\defogger_disable.log
2014-08-17 12:19 - 2014-08-17 12:19 - 00000000 _____ () C:\Users\****\defogger_reenable
2014-08-17 12:18 - 2014-08-17 12:18 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 12:17 - 2014-08-17 12:17 - 00050477 _____ () C:\Users\****\Downloads\Defogger.exe
2014-08-17 12:13 - 2014-08-17 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-17 12:02 - 2014-08-17 12:02 - 00139488 _____ () C:\WINDOWS\SysWOW64\XMLOperations.xml
2014-07-26 10:45 - 2014-07-26 10:46 - 00000000 ____D () C:\Users\****\Documents\PCSpeedUp
2014-07-25 21:31 - 2014-07-08 13:45 - 00061016 _____ (StdLib) C:\WINDOWS\system32\Drivers\{0e56f9ed-d36e-4176-bfbd-2bd7c7a74afa}w64.sys
2014-07-25 20:26 - 2014-07-26 10:36 - 00000000 ____D () C:\Program Files (x86)\UpperFind
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-25 20:25 - 2014-07-25 20:25 - 00000000 ____D () C:\Program Files (x86)\Software Updater
2014-07-25 20:20 - 2014-07-25 20:20 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2014-07-25 20:06 - 2014-07-25 20:06 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-07-22 20:36 - 2014-07-22 22:07 - 00002675 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-22 20:36 - 2014-07-22 22:07 - 00002628 _____ () C:\Users\****\Desktop\Search.lnk
2014-07-22 20:36 - 2014-07-22 20:37 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-07-22 20:36 - 2014-07-22 20:36 - 00000000 ____D () C:\Users\****\AppData\Local\Smartbar
2014-07-22 20:36 - 2014-07-22 20:36 - 00000000 ____D () C:\Users\****\AppData\Local\LPT
2014-07-22 20:35 - 2014-07-26 15:25 - 00001113 _____ () C:\Users\****\Desktop\Continue VuuPC Installation.lnk
2014-07-21 20:07 - 2014-08-17 12:08 - 00000000 ____D () C:\Users\****\AppData\Local\fst_de_110
2014-07-21 20:07 - 2014-07-22 20:36 - 00000000 ____D () C:\Users\****\Desktop\spiele
2014-07-21 20:07 - 2014-07-21 20:07 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____D () C:\Program Files (x86)\fst_de_110
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____D () C:\Program Files (x86)\di9BlockAndSurf
2014-07-21 20:07 - 2014-07-07 17:04 - 00057528 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-07-21 20:05 - 2014-07-21 20:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2014-07-21 20:05 - 2014-07-21 20:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\dlg
2014-07-21 20:04 - 2014-07-21 20:04 - 00000000 ____D () C:\Games
2014-07-21 20:01 - 2014-07-26 10:47 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-21 20:01 - 2014-07-21 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up
2014-07-21 20:00 - 2014-07-21 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 20:00 - 2014-07-21 20:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-21 19:59 - 2014-07-21 19:59 - 00000000 ____D () C:\Users\****\AppData\Local\CrashRpt
2014-07-21 19:58 - 2014-07-21 19:58 - 00000000 ____D () C:\ProgramData\RapidSolution
2014-07-21 19:58 - 2014-07-21 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 11
2014-07-21 19:58 - 2014-07-21 19:58 - 00000000 ____D () C:\Program Files (x86)\Audials
2014-07-21 19:56 - 2014-08-17 12:10 - 00001462 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-7.job
2014-07-21 19:56 - 2014-08-17 12:05 - 00003814 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11.job
2014-07-21 19:56 - 2014-08-17 12:05 - 00003132 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3.job
2014-07-21 19:56 - 2014-08-17 12:05 - 00002286 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4.job
2014-07-21 19:56 - 2014-08-17 12:05 - 00001526 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-6.job
2014-07-21 19:56 - 2014-08-17 12:05 - 00001428 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5_user.job
2014-07-21 19:56 - 2014-08-17 12:05 - 00001412 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.job
2014-07-21 19:56 - 2014-08-17 12:04 - 00001526 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-1.job
2014-07-21 19:56 - 2014-08-17 12:04 - 00001324 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2.job
2014-07-21 19:56 - 2014-08-17 12:04 - 00000926 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-21 19:56 - 2014-07-26 19:44 - 00000000 ____D () C:\Users\****\AppData\Roaming\VOPackage
2014-07-21 19:56 - 2014-07-21 19:56 - 00006818 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11
2014-07-21 19:56 - 2014-07-21 19:56 - 00006136 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3
2014-07-21 19:56 - 2014-07-21 19:56 - 00005290 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4
2014-07-21 19:56 - 2014-07-21 19:56 - 00004530 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-6
2014-07-21 19:56 - 2014-07-21 19:56 - 00004530 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-1
2014-07-21 19:56 - 2014-07-21 19:56 - 00004466 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-7
2014-07-21 19:56 - 2014-07-21 19:56 - 00004416 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5
2014-07-21 19:56 - 2014-07-21 19:56 - 00004328 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2
2014-07-21 19:56 - 2014-07-21 19:56 - 00003666 _____ () C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Local\RapidSolution
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Local\globalUpdate
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.1
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-21 19:55 - 2014-07-21 19:55 - 00471584 _____ () C:\Users\****\Downloads\soft32_Counter Strike_1.0.exe
2014-07-20 22:51 - 2014-07-20 22:51 - 00000000 ____D () C:\Users\****\AppData\Roaming\Need for Speed World
2014-07-20 22:22 - 2014-07-20 22:22 - 00000000 ____D () C:\Users\****\AppData\Local\Electronic_Arts_Inc
2014-07-20 22:21 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-07-20 22:21 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-07-20 22:21 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-07-20 22:21 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-07-20 22:21 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-07-20 22:21 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-07-20 22:21 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2014-07-20 22:21 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2014-07-20 22:21 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2014-07-20 22:21 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2014-07-20 22:21 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2014-07-20 22:21 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2014-07-20 22:21 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2014-07-20 22:20 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2014-07-20 22:20 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2014-07-20 22:20 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2014-07-20 22:20 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-07-20 22:20 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2014-07-20 22:20 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2014-07-20 22:20 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2014-07-20 22:20 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2014-07-20 22:20 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2014-07-20 22:20 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2014-07-20 22:20 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2014-07-20 22:20 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2014-07-20 22:20 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2014-07-20 22:20 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2014-07-20 22:20 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2014-07-20 22:20 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2014-07-20 22:20 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2014-07-20 22:20 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-07-20 22:20 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-07-20 22:20 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-07-20 22:20 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-07-20 22:20 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-07-20 22:20 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-07-20 22:20 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2014-07-20 22:20 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2014-07-20 22:20 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2014-07-20 22:20 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2014-07-20 22:20 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2014-07-20 22:20 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2014-07-20 22:20 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2014-07-20 22:20 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2014-07-20 22:20 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2014-07-20 22:20 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2014-07-20 22:20 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2014-07-20 22:20 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2014-07-20 22:20 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2014-07-20 22:20 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2014-07-20 22:20 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2014-07-20 22:20 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2014-07-20 22:20 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2014-07-20 22:20 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2014-07-20 22:20 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2014-07-20 22:20 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2014-07-20 22:20 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2014-07-20 22:20 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2014-07-20 22:20 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2014-07-20 22:20 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2014-07-20 22:20 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2014-07-20 22:20 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2014-07-20 22:20 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2014-07-20 22:20 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2014-07-20 22:20 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2014-07-20 22:20 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2014-07-20 22:20 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2014-07-20 22:20 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2014-07-20 22:20 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2014-07-20 22:20 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2014-07-20 22:20 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2014-07-20 22:20 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2014-07-20 22:20 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2014-07-20 22:20 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2014-07-20 22:20 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2014-07-20 22:20 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2014-07-20 22:20 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2014-07-20 22:20 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2014-07-20 22:20 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2014-07-20 22:20 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2014-07-20 22:20 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2014-07-20 22:20 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2014-07-20 22:20 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2014-07-20 22:20 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2014-07-20 22:20 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2014-07-20 22:20 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2014-07-20 22:20 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2014-07-20 22:20 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2014-07-20 22:20 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2014-07-20 22:20 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2014-07-20 22:20 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2014-07-20 22:20 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2014-07-20 22:20 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2014-07-20 22:20 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2014-07-20 22:20 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2014-07-20 22:20 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2014-07-20 22:20 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2014-07-20 22:20 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2014-07-20 22:20 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2014-07-20 22:20 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2014-07-20 22:20 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2014-07-20 22:20 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2014-07-20 22:20 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2014-07-20 22:20 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2014-07-20 22:20 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2014-07-20 22:20 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2014-07-20 22:20 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2014-07-20 22:20 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2014-07-20 22:20 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2014-07-20 22:20 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2014-07-20 22:20 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2014-07-20 22:20 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2014-07-20 22:20 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2014-07-20 22:20 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2014-07-20 22:20 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2014-07-20 22:20 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2014-07-20 22:20 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2014-07-20 22:20 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2014-07-20 22:20 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2014-07-20 22:20 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2014-07-20 22:20 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2014-07-20 22:20 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2014-07-20 22:20 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2014-07-20 22:20 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2014-07-20 22:20 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2014-07-20 22:20 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2014-07-20 22:20 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2014-07-20 22:20 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2014-07-20 22:18 - 2014-07-20 22:21 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-07-20 22:18 - 2014-07-20 22:20 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-07-20 22:18 - 2014-07-20 22:18 - 05006472 _____ (Electronic Arts ) C:\Users\****\Downloads\setup_659.exe
2014-07-20 22:18 - 2014-07-20 22:18 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-20 22:18 - 2014-07-20 22:18 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-07-20 20:29 - 2014-07-20 20:31 - 00000000 ____D () C:\Users\****\AppData\Roaming\fltk.org
2014-07-20 20:29 - 2014-07-20 20:29 - 00000000 ____D () C:\ProgramData\fltk.org
2014-07-20 20:28 - 2014-07-20 20:31 - 00000000 ____D () C:\Users\****\AppData\Roaming\flightgear.org
2014-07-20 20:28 - 2014-07-20 20:28 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00000000 ____D () C:\ProgramData\flightgear.org
2014-07-20 20:28 - 2014-07-20 20:28 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-07-20 20:27 - 2014-07-20 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightGear 3.0.0
2014-07-20 20:22 - 2014-07-20 20:22 - 00000000 ____D () C:\Program Files\FlightGear
2014-07-20 19:59 - 2014-07-20 20:21 - 1062570539 _____ (The FlightGear Team ) C:\Users\****\Downloads\Setup_FlightGear_3.0.0__1_.exe
2014-07-20 18:48 - 2014-07-26 15:50 - 00000000 ____D () C:\Users\****\Documents\TmForever
2014-07-20 18:48 - 2014-07-20 22:20 - 00095405 _____ () C:\WINDOWS\DirectX.log
2014-07-20 18:48 - 2014-07-20 18:58 - 00000000 ____D () C:\ProgramData\TmForever
2014-07-20 18:48 - 2014-07-20 18:48 - 00001135 _____ () C:\Users\****\Desktop\TmNationsForever.lnk
2014-07-20 18:48 - 2014-07-20 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever
2014-07-20 18:48 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2014-07-20 18:48 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2014-07-20 18:48 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2014-07-20 18:48 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2014-07-20 18:48 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2014-07-20 18:48 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2014-07-20 18:48 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2014-07-20 18:48 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2014-07-20 18:48 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2014-07-20 18:48 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2014-07-20 18:48 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2014-07-20 18:48 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2014-07-20 18:48 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2014-07-20 18:48 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2014-07-20 18:48 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2014-07-20 18:48 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2014-07-20 18:48 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2014-07-20 18:48 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2014-07-20 18:48 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2014-07-20 18:48 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2014-07-20 18:48 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2014-07-20 18:48 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2014-07-20 18:48 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2014-07-20 18:48 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2014-07-20 18:47 - 2014-07-20 18:48 - 00000000 ____D () C:\Program Files (x86)\TmNationsForever
2014-07-20 18:39 - 2014-07-20 18:46 - 530600781 _____ () C:\Users\****\Downloads\tmnationsforever_setup.exe
2014-07-20 17:56 - 2014-07-20 17:56 - 00000000 ____D () C:\Users\****\AppData\Local\Skype
2014-07-20 17:55 - 2014-07-30 23:21 - 00000000 ____D () C:\Users\****\AppData\Roaming\Skype
2014-07-20 17:55 - 2014-07-20 17:55 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-20 17:55 - 2014-07-20 17:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-20 17:55 - 2014-07-20 17:55 - 00000000 ____D () C:\ProgramData\Skype
2014-07-20 17:55 - 2014-07-20 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 ____D () C:\Users\****\AppData\Roaming\OpenCandy
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-07-20 17:53 - 2014-07-20 17:54 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-07-20 17:53 - 2014-07-20 17:53 - 02876504 _____ (Power Software Ltd) C:\Users\****\Downloads\PowerISO5.exe
2014-07-18 20:50 - 2014-07-18 20:50 - 00072244 _____ () C:\Users\****\Downloads\Grand.Theft.Auto.IV-Razor1911@www.torrent.to.torrent
2014-07-18 20:17 - 2014-08-17 12:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-18 20:17 - 2014-07-18 20:17 - 01141680 _____ () C:\Users\****\Downloads\SteamSetup.exe
2014-07-18 20:17 - 2014-07-18 20:17 - 00000990 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-07-18 20:17 - 2014-07-18 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-18 20:09 - 2014-07-20 17:01 - 00000000 ____D () C:\Users\****\Downloads\Grand.Theft.Auto.IV-Razor1911
2014-07-18 20:03 - 2014-07-18 20:03 - 00000000 ____D () C:\Users\****\AppData\Roaming\PowerISO
2014-07-18 20:02 - 2014-07-20 17:54 - 00001040 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2014-07-18 20:02 - 2014-06-27 08:59 - 00131856 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2014-07-18 20:01 - 2014-07-18 20:05 - 00000000 ____D () C:\Users\****\Downloads\Best of Starvation Bundle
2014-07-18 20:01 - 2014-07-18 20:01 - 02790064 _____ (Power Software Ltd) C:\Users\****\Downloads\PowerISO6-x64.exe
2014-07-18 20:01 - 2014-07-18 20:01 - 00000000 ____D () C:\Users\****\AppData\Local\SearchProtect
2014-07-18 20:00 - 2014-07-18 20:00 - 00000891 _____ () C:\Users\****\Desktop\BitTorrent.lnk
2014-07-18 20:00 - 2014-07-18 20:00 - 00000871 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-18 19:59 - 2014-07-26 02:17 - 00000000 ____D () C:\Users\****\AppData\Roaming\BitTorrent
2014-07-18 19:59 - 2014-07-18 19:59 - 01913432 _____ (BitTorrent Inc.) C:\Users\****\Downloads\BitTorrent.exe
2014-07-18 19:53 - 2014-08-17 12:09 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-18 19:53 - 2014-07-18 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-18 19:52 - 2014-08-17 12:10 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-18 19:52 - 2014-07-30 23:57 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-18 19:52 - 2014-07-18 19:53 - 00000000 ____D () C:\Users\****\AppData\Local\Google
2014-07-18 19:52 - 2014-07-18 19:53 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-18 19:52 - 2014-07-18 19:52 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-18 19:52 - 2014-07-18 19:52 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-18 19:51 - 2014-07-18 19:52 - 00000000 ____D () C:\Users\****\AppData\Local\Deployment
2014-07-18 19:51 - 2014-07-18 19:51 - 00000000 ____D () C:\Users\****\AppData\Local\Apps\2.0

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 12:35 - 2014-08-17 12:35 - 00027866 _____ () C:\Users\****\Desktop\FRST.txt
2014-08-17 12:35 - 2014-08-17 12:34 - 00000000 ____D () C:\FRST
2014-08-17 12:35 - 2013-08-22 15:25 - 00000194 _____ () C:\WINDOWS\win.ini
2014-08-17 12:34 - 2014-08-17 12:34 - 02101760 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2014-08-17 12:34 - 2014-05-20 14:42 - 01436563 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ___HD () C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}
2014-08-17 12:28 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-17 12:26 - 2014-07-04 16:19 - 00000000 ____D () C:\Users\****\AppData\Roaming\Spotify
2014-08-17 12:23 - 2014-07-04 14:34 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{86D879C6-5202-4857-B4A1-0B266A8258D8}
2014-08-17 12:21 - 2014-07-18 20:17 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-17 12:19 - 2014-08-17 12:19 - 00000474 _____ () C:\Users\****\Desktop\defogger_disable.log
2014-08-17 12:19 - 2014-08-17 12:19 - 00000000 _____ () C:\Users\****\defogger_reenable
2014-08-17 12:19 - 2014-07-04 20:11 - 00000000 ____D () C:\Users\****
2014-08-17 12:18 - 2014-08-17 12:18 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 12:18 - 2014-07-04 20:17 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3841687710-1451113179-3550632674-1002
2014-08-17 12:17 - 2014-08-17 12:17 - 00050477 _____ () C:\Users\****\Downloads\Defogger.exe
2014-08-17 12:15 - 2013-08-22 16:46 - 00032045 _____ () C:\WINDOWS\setupact.log
2014-08-17 12:13 - 2014-08-17 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-17 12:13 - 2014-05-20 16:06 - 00001871 _____ () C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
2014-08-17 12:10 - 2014-07-21 19:56 - 00001462 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-7.job
2014-08-17 12:10 - 2014-07-18 19:52 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-17 12:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-17 12:09 - 2014-07-18 19:53 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-17 12:08 - 2014-07-21 20:07 - 00000000 ____D () C:\Users\****\AppData\Local\fst_de_110
2014-08-17 12:06 - 2014-07-04 20:11 - 00000000 ____D () C:\Users\****\AppData\Local\Pokki
2014-08-17 12:05 - 2014-07-21 19:56 - 00003814 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11.job
2014-08-17 12:05 - 2014-07-21 19:56 - 00003132 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3.job
2014-08-17 12:05 - 2014-07-21 19:56 - 00002286 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4.job
2014-08-17 12:05 - 2014-07-21 19:56 - 00001526 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-6.job
2014-08-17 12:05 - 2014-07-21 19:56 - 00001428 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5_user.job
2014-08-17 12:05 - 2014-07-21 19:56 - 00001412 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.job
2014-08-17 12:05 - 2014-07-04 20:15 - 00002135 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk
2014-08-17 12:04 - 2014-07-21 19:56 - 00001526 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-1.job
2014-08-17 12:04 - 2014-07-21 19:56 - 00001324 _____ () C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2.job
2014-08-17 12:04 - 2014-07-21 19:56 - 00000926 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-08-17 12:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-17 12:02 - 2014-08-17 12:02 - 00139488 _____ () C:\WINDOWS\SysWOW64\XMLOperations.xml
2014-08-17 12:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-30 23:57 - 2014-07-18 19:52 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-30 23:21 - 2014-07-20 17:55 - 00000000 ____D () C:\Users\****\AppData\Roaming\Skype
2014-07-29 18:34 - 2014-07-04 16:20 - 00000000 ____D () C:\Users\****\AppData\Local\Spotify
2014-07-26 19:44 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Roaming\VOPackage
2014-07-26 15:50 - 2014-07-20 18:48 - 00000000 ____D () C:\Users\****\Documents\TmForever
2014-07-26 15:25 - 2014-07-22 20:35 - 00001113 _____ () C:\Users\****\Desktop\Continue VuuPC Installation.lnk
2014-07-26 10:47 - 2014-07-21 20:01 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-26 10:46 - 2014-07-26 10:45 - 00000000 ____D () C:\Users\****\Documents\PCSpeedUp
2014-07-26 10:42 - 2014-05-21 00:27 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-26 10:42 - 2014-05-21 00:27 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-26 10:42 - 2013-10-07 20:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-26 10:37 - 2014-05-20 16:04 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-07-26 10:37 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-26 10:36 - 2014-07-25 20:26 - 00000000 ____D () C:\Program Files (x86)\UpperFind
2014-07-26 10:36 - 2013-10-07 20:23 - 00007830 _____ () C:\WINDOWS\PFRO.log
2014-07-26 02:17 - 2014-07-18 19:59 - 00000000 ____D () C:\Users\****\AppData\Roaming\BitTorrent
2014-07-26 02:17 - 2014-05-20 16:13 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2014-07-26 02:17 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-25 20:25 - 2014-07-25 20:25 - 00000000 ____D () C:\Program Files (x86)\Software Updater
2014-07-25 20:20 - 2014-07-25 20:20 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2014-07-25 20:06 - 2014-07-25 20:06 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-07-25 20:06 - 2014-07-04 20:16 - 00000000 ____D () C:\Users\****\AppData\Local\LSC
2014-07-25 20:06 - 2014-05-20 16:13 - 00000000 ____D () C:\ProgramData\Lenovo
2014-07-25 20:06 - 2014-05-20 16:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-07-25 20:06 - 2014-05-20 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-07-25 20:06 - 2014-05-20 15:29 - 00000000 ____D () C:\Program Files\Lenovo
2014-07-25 20:04 - 2014-05-20 16:08 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-07-25 18:49 - 2014-05-20 16:04 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-07-25 18:48 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-23 22:46 - 2014-05-20 16:14 - 00000000 ____D () C:\ProgramData\Energy Manager
2014-07-22 22:07 - 2014-07-22 20:36 - 00002675 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-22 22:07 - 2014-07-22 20:36 - 00002628 _____ () C:\Users\****\Desktop\Search.lnk
2014-07-22 20:37 - 2014-07-22 20:36 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-07-22 20:36 - 2014-07-22 20:36 - 00000000 ____D () C:\Users\****\AppData\Local\Smartbar
2014-07-22 20:36 - 2014-07-22 20:36 - 00000000 ____D () C:\Users\****\AppData\Local\LPT
2014-07-22 20:36 - 2014-07-21 20:07 - 00000000 ____D () C:\Users\****\Desktop\spiele
2014-07-21 20:07 - 2014-07-21 20:07 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____D () C:\Program Files (x86)\fst_de_110
2014-07-21 20:07 - 2014-07-21 20:07 - 00000000 ____D () C:\Program Files (x86)\di9BlockAndSurf
2014-07-21 20:07 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-07-21 20:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-07-21 20:05 - 2014-07-21 20:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2014-07-21 20:05 - 2014-07-21 20:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\dlg
2014-07-21 20:04 - 2014-07-21 20:04 - 00000000 ____D () C:\Games
2014-07-21 20:01 - 2014-07-21 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up
2014-07-21 20:00 - 2014-07-21 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 20:00 - 2014-07-21 20:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-21 19:59 - 2014-07-21 19:59 - 00000000 ____D () C:\Users\****\AppData\Local\CrashRpt
2014-07-21 19:58 - 2014-07-21 19:58 - 00000000 ____D () C:\ProgramData\RapidSolution
2014-07-21 19:58 - 2014-07-21 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 11
2014-07-21 19:58 - 2014-07-21 19:58 - 00000000 ____D () C:\Program Files (x86)\Audials
2014-07-21 19:56 - 2014-07-21 19:56 - 00006818 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11
2014-07-21 19:56 - 2014-07-21 19:56 - 00006136 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3
2014-07-21 19:56 - 2014-07-21 19:56 - 00005290 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4
2014-07-21 19:56 - 2014-07-21 19:56 - 00004530 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-6
2014-07-21 19:56 - 2014-07-21 19:56 - 00004530 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-1
2014-07-21 19:56 - 2014-07-21 19:56 - 00004466 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-7
2014-07-21 19:56 - 2014-07-21 19:56 - 00004416 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5
2014-07-21 19:56 - 2014-07-21 19:56 - 00004328 _____ () C:\WINDOWS\System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2
2014-07-21 19:56 - 2014-07-21 19:56 - 00003666 _____ () C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Local\RapidSolution
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Users\****\AppData\Local\globalUpdate
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.1
2014-07-21 19:56 - 2014-07-21 19:56 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-21 19:55 - 2014-07-21 19:55 - 00471584 _____ () C:\Users\****\Downloads\soft32_Counter Strike_1.0.exe
2014-07-20 22:51 - 2014-07-20 22:51 - 00000000 ____D () C:\Users\****\AppData\Roaming\Need for Speed World
2014-07-20 22:22 - 2014-07-20 22:22 - 00000000 ____D () C:\Users\****\AppData\Local\Electronic_Arts_Inc
2014-07-20 22:21 - 2014-07-20 22:18 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-07-20 22:20 - 2014-07-20 22:18 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-07-20 22:20 - 2014-07-20 18:48 - 00095405 _____ () C:\WINDOWS\DirectX.log
2014-07-20 22:18 - 2014-07-20 22:18 - 05006472 _____ (Electronic Arts ) C:\Users\****\Downloads\setup_659.exe
2014-07-20 22:18 - 2014-07-20 22:18 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-20 22:18 - 2014-07-20 22:18 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-07-20 20:31 - 2014-07-20 20:29 - 00000000 ____D () C:\Users\****\AppData\Roaming\fltk.org
2014-07-20 20:31 - 2014-07-20 20:28 - 00000000 ____D () C:\Users\****\AppData\Roaming\flightgear.org
2014-07-20 20:29 - 2014-07-20 20:29 - 00000000 ____D () C:\ProgramData\fltk.org
2014-07-20 20:28 - 2014-07-20 20:28 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2014-07-20 20:28 - 2014-07-20 20:28 - 00000000 ____D () C:\ProgramData\flightgear.org
2014-07-20 20:28 - 2014-07-20 20:28 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-07-20 20:27 - 2014-07-20 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightGear 3.0.0
2014-07-20 20:22 - 2014-07-20 20:22 - 00000000 ____D () C:\Program Files\FlightGear
2014-07-20 20:21 - 2014-07-20 19:59 - 1062570539 _____ (The FlightGear Team ) C:\Users\****\Downloads\Setup_FlightGear_3.0.0__1_.exe
2014-07-20 18:58 - 2014-07-20 18:48 - 00000000 ____D () C:\ProgramData\TmForever
2014-07-20 18:48 - 2014-07-20 18:48 - 00001135 _____ () C:\Users\****\Desktop\TmNationsForever.lnk
2014-07-20 18:48 - 2014-07-20 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever
2014-07-20 18:48 - 2014-07-20 18:47 - 00000000 ____D () C:\Program Files (x86)\TmNationsForever
2014-07-20 18:46 - 2014-07-20 18:39 - 530600781 _____ () C:\Users\****\Downloads\tmnationsforever_setup.exe
2014-07-20 17:56 - 2014-07-20 17:56 - 00000000 ____D () C:\Users\****\AppData\Local\Skype
2014-07-20 17:56 - 2014-07-04 20:12 - 00000000 ____D () C:\Users\****\AppData\Local\VirtualStore
2014-07-20 17:55 - 2014-07-20 17:55 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-20 17:55 - 2014-07-20 17:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-20 17:55 - 2014-07-20 17:55 - 00000000 ____D () C:\ProgramData\Skype
2014-07-20 17:55 - 2014-07-20 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 ____D () C:\Users\****\AppData\Roaming\OpenCandy
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-07-20 17:54 - 2014-07-20 17:53 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-07-20 17:54 - 2014-07-18 20:02 - 00001040 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2014-07-20 17:53 - 2014-07-20 17:53 - 02876504 _____ (Power Software Ltd) C:\Users\****\Downloads\PowerISO5.exe
2014-07-20 17:01 - 2014-07-18 20:09 - 00000000 ____D () C:\Users\****\Downloads\Grand.Theft.Auto.IV-Razor1911
2014-07-18 20:50 - 2014-07-18 20:50 - 00072244 _____ () C:\Users\****\Downloads\Grand.Theft.Auto.IV-Razor1911@www.torrent.to.torrent
2014-07-18 20:17 - 2014-07-18 20:17 - 01141680 _____ () C:\Users\****\Downloads\SteamSetup.exe
2014-07-18 20:17 - 2014-07-18 20:17 - 00000990 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-07-18 20:17 - 2014-07-18 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-18 20:05 - 2014-07-18 20:01 - 00000000 ____D () C:\Users\****\Downloads\Best of Starvation Bundle
2014-07-18 20:03 - 2014-07-18 20:03 - 00000000 ____D () C:\Users\****\AppData\Roaming\PowerISO
2014-07-18 20:01 - 2014-07-18 20:01 - 02790064 _____ (Power Software Ltd) C:\Users\****\Downloads\PowerISO6-x64.exe
2014-07-18 20:01 - 2014-07-18 20:01 - 00000000 ____D () C:\Users\****\AppData\Local\SearchProtect
2014-07-18 20:00 - 2014-07-18 20:00 - 00000891 _____ () C:\Users\****\Desktop\BitTorrent.lnk
2014-07-18 20:00 - 2014-07-18 20:00 - 00000871 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-18 19:59 - 2014-07-18 19:59 - 01913432 _____ (BitTorrent Inc.) C:\Users\****\Downloads\BitTorrent.exe
2014-07-18 19:53 - 2014-07-18 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-18 19:53 - 2014-07-18 19:52 - 00000000 ____D () C:\Users\****\AppData\Local\Google
2014-07-18 19:53 - 2014-07-18 19:52 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-18 19:52 - 2014-07-18 19:52 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-18 19:52 - 2014-07-18 19:52 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-18 19:52 - 2014-07-18 19:51 - 00000000 ____D () C:\Users\****\AppData\Local\Deployment
2014-07-18 19:51 - 2014-07-18 19:51 - 00000000 ____D () C:\Users\****\AppData\Local\Apps\2.0

Some content of TEMP:
====================
C:\Users\****\AppData\Local\Temp\air5493.exe
C:\Users\****\AppData\Local\Temp\airA3D.exe
C:\Users\****\AppData\Local\Temp\airAA96.exe
C:\Users\****\AppData\Local\Temp\airADE2.exe
C:\Users\****\AppData\Local\Temp\nsc847F.exe
C:\Users\****\AppData\Local\Temp\nsgF20A.exe
C:\Users\****\AppData\Local\Temp\nslFD5A.exe
C:\Users\****\AppData\Local\Temp\nsoF1DA.exe
C:\Users\****\AppData\Local\Temp\nspD582.exe
C:\Users\****\AppData\Local\Temp\nspFA6B.exe
C:\Users\****\AppData\Local\Temp\nsq7F5E.exe
C:\Users\****\AppData\Local\Temp\nsqCC2A.exe
C:\Users\****\AppData\Local\Temp\nssF4BB.exe
C:\Users\****\AppData\Local\Temp\nsu9A52.exe
C:\Users\****\AppData\Local\Temp\oct6C36.tmp.exe
C:\Users\****\AppData\Local\Temp\ShoppinH2.exe
C:\Users\****\AppData\Local\Temp\sp-downloader.exe
C:\Users\****\AppData\Local\Temp\SPSetup.exe
C:\Users\****\AppData\Local\Temp\tmp3BE8.exe
C:\Users\****\AppData\Local\Temp\utt364B.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-26 16:46

==================== End Of Log ============================
Der Rest kommt im zweiten Post, wäre sonst zu lang geworden.

anonym2 17.08.2014 12:24
Addition:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2014 04
Ran by **** at 2014-08-17 12:36:13
Running from C:\Users\****\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.1245.53580 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 20.2.1245.53580 - Alcor Micro Corp.) Hidden
Audials (HKLM-x32\...\{DA6EBFC9-8869-4B61-8D38-2668A395C5B0}) (Version: 11.0.54400.0 - Audials AG)
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32355 - BitTorrent Inc.)
BlockAndSurf (HKLM-x32\...\14B128CB-7512-6580-5764-7AEBD4390FC0) (Version:  - BlockAndSurf-software) <==== ATTENTION
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink MediaStory (x32 Version: 1.0.1314 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.1.4107 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
Energy Manager (x32 Version: 1.0.0.31 - Lenovo) Hidden
FlightGear v3.0.0 (HKLM\...\FlightGear_is1) (Version:  - The FlightGear Team)
FreeSoftToday 014.110 (HKLM-x32\...\fst_de_110_is1) (Version:  - FREESOFTTODAY) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6490.0 - IDT)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1013 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.5.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.5.1000 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7850 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.926.1 - Vimicro)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo Web Start (HKCU\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
LibreOffice 4.2 Help Pack (German) (HKLM-x32\...\{56232F31-556D-4ABB-A039-58193778A627}) (Version: 4.2.0.4 - The Document Foundation)
LibreOffice 4.2.0.4 (HKLM-x32\...\{E043231F-34F2-4AF5-9400-0961CC15AAAE}) (Version: 4.2.0.4 - The Document Foundation)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.3.5000 - Maxthon International Limited)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.659 - Electronic Arts)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.141.953 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden
NVIDIA Update 9.3.14 (Version: 9.3.14 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.14 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PC Speed Up (HKLM\...\PCSU-SL_is1) (Version: 3.6.1.0 - Speedchecker Limited)
Plus-HD-9.1 (HKLM-x32\...\Plus-HD-9.1) (Version: 1.34.7.1 - Plus HD) <==== ATTENTION
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.16.10.61 - Client Connect LTD) <==== ATTENTION
Shopping Helper Smartbar (HKLM-x32\...\{16F8A832-DD84-4271-8B76-ACADE6DB3968}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{0cc5cc23-4ebb-462a-85ae-f3bb91e618b7}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Software Updater version 1.9.4 (HKLM-x32\...\Software Updater_is1) (Version: 1.9.4 - )
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Start Menu (HKCU\...\Pokki) (Version: 0.269.2.430 - Pokki)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.9.1 - Synaptics Incorporated)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
UpperFind (HKLM\...\UpperFind) (Version: 2014.07.25.142836 - UpperFind)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
WindowsMangerProtect20.0.0.502 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.502 - WindowsProtect LIMITED) <==== ATTENTION
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

20-07-2014 11:08:24 Geplanter Prüfpunkt
21-07-2014 17:57:33 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
25-07-2014 18:05:20 Installed Lenovo Solution Center.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F6F9A1A-A3B7-4F98-90E5-3C1717FEF5A2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {12037548-288F-494B-835D-6FA95217C97D} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {148A3004-26E1-4CD4-ACE7-9904E076F2D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-18] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {243546A3-7990-4EF0-9FCC-E78EBD5F22CB} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {292B3B79-ACBC-40E7-A59E-4362DB42ED4B} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5 => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.exe [2014-07-21] (Plus HD)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2E709391-2BCC-49A5-90A7-A9F90A42126A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3B85BF54-36A1-49F2-980A-E831B86A877A} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-7 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-nova.exe [2014-07-21] (Plus HD)
Task: {3B9EAE9A-6241-4035-9688-68203971319A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-18] (Google Inc.)
Task: {443537E9-F9E9-4910-9AF0-50DD9FDC7DD6} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {46E97D05-2BCB-468E-B91F-E6A75CFE428F} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5_user => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.exe [2014-07-21] (Plus HD)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4C510E3F-5CC8-4198-8777-89926EF8FEF6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {5A3313D8-D9E5-4D8B-99FD-7D63B44F6A99} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {5AA1EA50-E62D-4D47-9046-5CA016B403FD} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-10-14] (Maxthon International ltd.)
Task: {63A1F9F8-670C-4CB8-AC5C-9AD5D24DE6C8} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3 => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3.exe [2014-07-21] (Plus HD)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75C383DA-F607-498B-9864-EFCA1C031B18} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2 => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2.exe [2014-07-21] (Plus HD)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7A4E427F-9EB0-4897-9D5E-C8FC1026F8A1} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-1 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-codedownloader.exe [2014-07-21] (Plus HD)
Task: {7B65C20E-CDFE-486F-B861-861D0D075FE9} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8ED5F765-468E-41D5-905B-13B2765ED24C} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {92312BF6-DD9D-4CB0-8DB2-779DAEA49921} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {9FF17F1E-6DAB-448A-B407-B0F5EE621E41} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-6 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-novainstaller.exe [2014-07-21] (Plus HD)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A58153E6-D8D7-49F4-81D7-D3D8DD2CDBED} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {A5D165BA-5DAD-47F1-AD4A-1814DA5C05FD} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-21] (globalUpdate)
Task: {CED832EB-75B3-4A0E-BFB9-8EBE7222DA61} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DF1744AD-EBD8-4902-B806-E3EE8F8DA407} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {E60DAE37-5134-49BD-BFB2-ABF843D38BB7} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11 => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11.exe [2014-07-21] (Plus HD)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EC56123E-E776-43AB-9A2E-EACB793D153B} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F2F5204C-167E-454B-8D47-260B87682082} - System32\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4 => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4.exe [2014-07-21] (Plus HD)
Task: {F329F74F-DAD0-49F4-A4C6-45DA848A84AC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-05-06] (Lenovo)
Task: {F647D0C9-D28D-4C7A-86F5-6037228E1B17} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-11] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-1.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11.job => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2.job => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3.job => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4.job => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.job => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5_user.job => C:\Program Files (x86)\Plus-HD-9.1\590bb23f-9df4-4da4-8066-fab06d5a0bbf-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-6.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-novainstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\590bb23f-9df4-4da4-8066-fab06d5a0bbf-7.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-nova.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-21 20:01 - 2014-07-03 07:35 - 00430888 _____ () C:\Program Files (x86)\PC Speed Up\PCSUService.exe
2013-09-04 20:13 - 2013-09-04 20:13 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00034336 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-05-20 16:07 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-07-21 19:56 - 2014-07-21 19:56 - 00071680 _____ () C:\Users\****\AppData\Roaming\VOPackage\VOsrv.exe
2014-06-16 14:21 - 2014-06-16 14:21 - 00036384 _____ () C:\Program Files (x86)\LPT\srptsl.exe
2014-05-20 16:13 - 2014-05-20 16:13 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-05-20 16:13 - 2014-05-20 16:13 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00024608 _____ () C:\Program Files (x86)\LPT\srptm.exe
2014-07-23 16:32 - 2014-07-25 20:26 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2014-07-23 16:32 - 2014-07-25 20:26 - 00732040 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2014-07-21 20:07 - 2014-07-21 14:51 - 03320800 _____ () C:\Users\****\AppData\Local\fst_de_110\upfst_de_110.exe
2014-06-11 17:31 - 2014-06-11 17:31 - 02208520 _____ () C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe
2014-07-21 20:07 - 2014-07-21 14:51 - 03975136 _____ () C:\Program Files (x86)\fst_de_110\fst_de_110.exe
2014-07-21 20:07 - 2014-07-21 20:07 - 00130560 _____ () C:\Program Files (x86)\di9BlockAndSurf\BlockAndSurf.exe
2014-07-04 16:20 - 2014-07-07 19:15 - 00601144 _____ () C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-06-16 14:18 - 2014-06-16 14:18 - 00025120 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Lrcnta.exe
2014-07-25 16:28 - 2014-08-17 12:31 - 00323312 _____ () C:\Program Files (x86)\UpperFind\updateUpperFind.exe
2014-07-25 21:30 - 2014-08-17 12:34 - 00323312 _____ () C:\Program Files (x86)\UpperFind\bin\utilUpperFind.exe
2014-07-25 21:31 - 2014-07-29 15:39 - 00286960 _____ () C:\Program Files (x86)\UpperFind\bin\UpperFind.PurBrowse64.exe
2014-07-21 20:01 - 2014-07-03 07:35 - 00585600 _____ () C:\Program Files (x86)\PC Speed Up\sqlite3.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00044064 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00060960 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-05-20 15:25 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00078368 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00067616 _____ () C:\Program Files (x86)\LPT\sppsm.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00157216 _____ () C:\Program Files (x86)\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00028704 _____ () C:\Program Files (x86)\LPT\Smartbar.Personalization.Common.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00167456 _____ () C:\Program Files (x86)\LPT\Smartbar.Infrastructure.Utilities.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00047648 _____ () C:\Program Files (x86)\LPT\srbu.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00026656 _____ () C:\Program Files (x86)\LPT\srpdm.dll
2014-06-16 14:18 - 2014-06-16 14:18 - 00028192 _____ () C:\Program Files (x86)\LPT\ProxySettings.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00047136 _____ () C:\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2014-06-16 14:18 - 2014-06-16 14:18 - 00054304 _____ () C:\Program Files (x86)\LPT\Proxy.Lib.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00029216 _____ () C:\Program Files (x86)\LPT\sreu.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00055840 _____ () C:\Program Files (x86)\LPT\srprl.dll
2014-06-16 14:18 - 2014-06-16 14:18 - 00050208 _____ () C:\Program Files (x86)\LPT\lrrot.dll
2014-07-23 16:32 - 2014-07-25 20:26 - 00093576 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2014-07-04 16:20 - 2014-07-07 19:15 - 36966968 _____ () C:\Users\****\AppData\Roaming\Spotify\Data\libcef.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00046080 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_thread-vc90-mt-1_39.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00045056 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_date_time-vc90-mt-1_39.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00068360 _____ () C:\Program Files (x86)\Audials\Audials 11\CrashRpt.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00409352 _____ () C:\Program Files (x86)\Audials\Audials 11\SQLite3.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00545032 _____ () C:\Program Files (x86)\Audials\Audials 11\StreamingClient.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00614912 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_regex-vc90-mt-1_39.dll
2014-06-11 17:31 - 2014-06-11 17:31 - 00012800 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_system-vc90-mt-1_39.dll
2014-07-21 19:59 - 2014-07-21 19:59 - 00283136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Utils\b1b0ada49bd510acb11cff9dcefc34cc\Utils.ni.dll
2014-07-21 19:59 - 2014-07-21 19:59 - 00582656 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\6bb51b5339df42f85481cf4a2dae1812\ManagedInterfaces.ni.dll
2014-07-21 19:59 - 2014-07-21 19:59 - 00174592 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\fastJSON\1c10c85d1fe7c70d10f088694a0a6a9a\fastJSON.ni.dll
2014-07-21 19:59 - 2014-07-21 19:59 - 00507392 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RSControls\2e588088757572d871eead30658adb0a\RSControls.ni.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00046624 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00071712 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srau.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00167456 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 02337824 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00068640 _____ () C:\Users\****\AppData\Local\Smartbar\Application\spbl.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00157216 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00015904 _____ () C:\Users\****\AppData\Local\Smartbar\Application\siem.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00067616 _____ () C:\Users\****\AppData\Local\Smartbar\Application\sppsm.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00698400 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00016416 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00080416 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00028704 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00060960 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srut.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00031264 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srsbs.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00067104 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00151072 _____ () C:\Users\****\AppData\Local\Smartbar\Application\smti.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00032800 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srom.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00032288 _____ () C:\Users\****\AppData\Local\Smartbar\Application\smtu.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00040992 _____ () C:\Users\****\AppData\Local\Smartbar\Application\smta.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00047648 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srbu.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00026144 _____ () C:\Users\****\AppData\Local\Smartbar\Application\sgml.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00063520 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00026656 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srpdm.dll
2014-06-16 14:18 - 2014-06-16 14:18 - 00045088 _____ () C:\Users\****\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-06-16 14:10 - 2014-06-16 14:10 - 00026656 _____ () C:\Users\****\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00036896 _____ () C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00194592 _____ () C:\Users\****\AppData\Local\Smartbar\Application\sgmu.dll
2014-05-12 11:21 - 2014-05-12 11:21 - 00061440 _____ () C:\Users\****\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00257056 _____ () C:\Users\****\AppData\Local\Smartbar\Application\srns.dll
2014-07-07 19:15 - 2014-07-07 19:15 - 00867896 _____ () C:\Users\****\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-07-04 16:20 - 2014-07-07 19:15 - 00886840 _____ () C:\Users\****\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-07-04 16:20 - 2014-07-07 19:15 - 00108600 _____ () C:\Users\****\AppData\Roaming\Spotify\Data\libegl.dll
2014-01-17 18:32 - 2014-01-17 18:32 - 00569856 _____ () C:\Users\****\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2014-01-17 18:32 - 2014-01-17 18:32 - 01400846 _____ () C:\Users\****\AppData\Local\Pokki\Engine\avcodec-54.dll
2014-01-17 18:32 - 2014-01-17 18:32 - 00151054 _____ () C:\Users\****\AppData\Local\Pokki\Engine\avutil-51.dll
2014-01-17 18:32 - 2014-01-17 18:32 - 00222734 _____ () C:\Users\****\AppData\Local\Pokki\Engine\avformat-54.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00101408 _____ () C:\Users\****\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll
2014-07-21 20:07 - 2014-07-21 20:07 - 00195072 _____ () C:\Program Files (x86)\di9BlockAndSurf\176.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00142368 _____ () C:\Users\****\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll
2014-08-17 12:35 - 2014-08-15 12:12 - 00240128 _____ () C:\Program Files (x86)\UpperFind\bin\UpperFindDsp.dll
2014-07-25 21:31 - 2014-08-17 11:41 - 00096496 _____ () C:\Program Files (x86)\UpperFind\bin\UpperFind.BrowserAdapter.exe
2014-06-16 14:18 - 2014-06-16 14:18 - 00317984 _____ () C:\Program Files (x86)\LPT\Resources\ntdis_32.dll
2014-07-25 21:31 - 2014-08-17 11:41 - 00195312 _____ () C:\Program Files (x86)\UpperFind\bin\UpperFindBAApp.dll
2014-08-17 12:09 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-17 12:09 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-17 12:09 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-17 12:09 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
2014-06-16 14:18 - 2014-06-16 14:18 - 00034848 _____ () C:\Users\****\AppData\Local\Smartbar\Application\lrcnt.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/17/2014 00:33:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/17/2014 00:30:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/17/2014 00:22:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17126 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ac4

Startzeit: 01cfba03d624ab39

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID: 57efd37c-25f8-11e4-825a-2025648809c8

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/17/2014 00:13:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/17/2014 00:06:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (07/26/2014 10:55:20 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (07/21/2014 08:11:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl.exe, Version: 1.1.1.1, Zeitstempel: 0x48feaf5a
Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel: 0x4aa7bb95
Ausnahmecode: 0xc0000417
Fehleroffset: 0x000268d3
ID des fehlerhaften Prozesses: 0x215c
Startzeit der fehlerhaften Anwendung: 0xhl.exe0
Pfad der fehlerhaften Anwendung: hl.exe1
Pfad des fehlerhaften Moduls: hl.exe2
Berichtskennung: hl.exe3
Vollständiger Name des fehlerhaften Pakets: hl.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl.exe5

Error: (07/21/2014 08:11:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl.exe, Version: 1.1.1.1, Zeitstempel: 0x48feaf5a
Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel: 0x4aa7bb95
Ausnahmecode: 0xc0000417
Fehleroffset: 0x000268d3
ID des fehlerhaften Prozesses: 0x21e8
Startzeit der fehlerhaften Anwendung: 0xhl.exe0
Pfad der fehlerhaften Anwendung: hl.exe1
Pfad des fehlerhaften Moduls: hl.exe2
Berichtskennung: hl.exe3
Vollständiger Name des fehlerhaften Pakets: hl.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl.exe5

Error: (07/21/2014 08:11:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl.exe, Version: 1.1.1.1, Zeitstempel: 0x48feaf5a
Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel: 0x4aa7bb95
Ausnahmecode: 0xc0000417
Fehleroffset: 0x000268d3
ID des fehlerhaften Prozesses: 0xd04
Startzeit der fehlerhaften Anwendung: 0xhl.exe0
Pfad der fehlerhaften Anwendung: hl.exe1
Pfad des fehlerhaften Moduls: hl.exe2
Berichtskennung: hl.exe3
Vollständiger Name des fehlerhaften Pakets: hl.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl.exe5

Error: (07/21/2014 08:10:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl.exe, Version: 1.1.1.1, Zeitstempel: 0x48feaf5a
Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel: 0x4aa7bb95
Ausnahmecode: 0xc0000417
Fehleroffset: 0x000268d3
ID des fehlerhaften Prozesses: 0x16f0
Startzeit der fehlerhaften Anwendung: 0xhl.exe0
Pfad der fehlerhaften Anwendung: hl.exe1
Pfad des fehlerhaften Moduls: hl.exe2
Berichtskennung: hl.exe3
Vollständiger Name des fehlerhaften Pakets: hl.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl.exe5


System errors:
=============
Error: (08/17/2014 00:19:20 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (08/17/2014 00:19:20 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (08/17/2014 00:10:37 PM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (07/29/2014 07:37:48 PM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (07/29/2014 07:21:38 PM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/29/2014 07:10:17 PM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/29/2014 06:52:51 PM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/29/2014 06:52:21 PM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/27/2014 03:02:52 AM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/27/2014 03:02:22 AM) (Source: DCOM) (EventID: 10010) (User: ****PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Microsoft Office Sessions:
=========================
Error: (08/17/2014 00:33:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1712653882e30jscript9.dll11.0.9600.1720753a217f1c000000500008737

Error: (08/17/2014 00:30:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1712653882e30jscript9.dll11.0.9600.1720753a217f1c000000500008737

Error: (08/17/2014 00:22:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17126ac401cfba03d624ab394294967295C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE57efd37c-25f8-11e4-825a-2025648809c8

Error: (08/17/2014 00:13:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1712653882e30jscript9.dll11.0.9600.1720753a217f1c000000500008737

Error: (08/17/2014 00:06:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1712653882e30jscript9.dll11.0.9600.1720753a217f1c000000500008737

Error: (07/26/2014 10:55:20 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (07/21/2014 08:11:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl.exe1.1.1.148feaf5asteamclient.dll0.0.0.04aa7bb95c0000417000268d3215c01cfa50f3749c90fC:\Games\Counter-Strike\hl.exec:\games\counter-strike\steamclient.dll750d76c8-1102-11e4-8259-342387f9c098

Error: (07/21/2014 08:11:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl.exe1.1.1.148feaf5asteamclient.dll0.0.0.04aa7bb95c0000417000268d321e801cfa50f314a2cc5C:\Games\Counter-Strike\hl.exec:\games\counter-strike\steamclient.dll6f0c009a-1102-11e4-8259-342387f9c098

Error: (07/21/2014 08:11:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl.exe1.1.1.148feaf5asteamclient.dll0.0.0.04aa7bb95c0000417000268d3d0401cfa50f2eed66bcC:\Games\Counter-Strike\hl.exec:\games\counter-strike\steamclient.dll6caf7355-1102-11e4-8259-342387f9c098

Error: (07/21/2014 08:10:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl.exe1.1.1.148feaf5asteamclient.dll0.0.0.04aa7bb95c0000417000268d316f001cfa50f13abfbd0C:\Games\Counter-Strike\hl.exec:\games\counter-strike\steamclient.dll517166e9-1102-11e4-8259-342387f9c098


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 55%
Total physical RAM: 8116.27 MB
Available physical RAM: 3643.56 MB
Total Pagefile: 16820.27 MB
Available Pagefile: 12329.95 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:424.26 GB) (Free:356.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.9 GB) NTFS
Drive e: (PUBLIC_ENEMIES) (CDROM) (Total:6.96 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 9440B80C)

Partition: GPT Partition Type.

==================== End Of Log ============================
GMER:

Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-17 12:53:18
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000036 ST500LT012-1DG142 rev.0002LVM1 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\****\AppData\Local\Temp\kwtdqpod.sys


---- User code sections - GMER 2.1 ----

.text    C:\WINDOWS\system32\nvvsvc.exe[9192] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                          00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text    C:\WINDOWS\system32\nvvsvc.exe[9192] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                          00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text    C:\WINDOWS\system32\nvvsvc.exe[9192] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                              00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text    C:\WINDOWS\system32\nvvsvc.exe[9192] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                              00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text    C:\WINDOWS\Explorer.EXE[6748] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                                  00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text    C:\WINDOWS\Explorer.EXE[6748] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                                  00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text    C:\WINDOWS\Explorer.EXE[6748] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                                    00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text    C:\WINDOWS\Explorer.EXE[6748] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                                    00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4124] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                            00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4124] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                            00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4124] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                              00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4124] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                              00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[7132] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                        00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[7132] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                        00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[7132] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                            00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[7132] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                            00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3892] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                    00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3892] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                    00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3892] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                      00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3892] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                      00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3892] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194                                                                                                                          00007ff8914c1f6a 4 bytes [4C, 91, F8, 7F]
.text    C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3892] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218                                                                                                                          00007ff8914c1f82 4 bytes [4C, 91, F8, 7F]
.text    C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[5224] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                                00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[5224] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                                00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[5224] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118                                                                                                                  00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[5224] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142                                                                                                                  00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text    c:\PROGRA~1\mcafee\vul\mcvulctr.exe[7928] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                                                      00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text    c:\PROGRA~1\mcafee\vul\mcvulctr.exe[7928] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                                                      00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text    c:\PROGRA~1\mcafee\vul\mcvulctr.exe[7928] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118                                                                                                                                        00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text    c:\PROGRA~1\mcafee\vul\mcvulctr.exe[7928] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142                                                                                                                                        00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text    c:\PROGRA~1\mcafee\vul\MCVULA~2.EXE[616] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                                                      00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text    c:\PROGRA~1\mcafee\vul\MCVULA~2.EXE[616] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                                                      00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text    c:\PROGRA~1\mcafee\vul\MCVULA~2.EXE[616] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118                                                                                                                                          00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text    c:\PROGRA~1\mcafee\vul\MCVULA~2.EXE[616] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142                                                                                                                                          00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files (x86)\UpperFind\bin\UpperFind.PurBrowse64.exe[7552] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                          00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files (x86)\UpperFind\bin\UpperFind.PurBrowse64.exe[7552] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                          00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files (x86)\UpperFind\bin\UpperFind.PurBrowse64.exe[7552] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                              00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files (x86)\UpperFind\bin\UpperFind.PurBrowse64.exe[7552] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                              00007ff897bf1832 4 bytes [BF, 97, F8, 7F]
.text    C:\WINDOWS\SysWOW64\rundll32.exe[10140] C:\Program Files (x86)\UpperFind\bin\UpperFindDsp.dll!Enum + 1                                                                                                                                0000000070c61001 4 bytes [DB, FF, D3, 91]
.text    C:\WINDOWS\SysWOW64\rundll32.exe[10140] C:\Program Files (x86)\UpperFind\bin\UpperFindDsp.dll!Enum + 6                                                                                                                                0000000070c61006 4 bytes {JMP 0xffffffff91d3586b}
.text    C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[3496] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                            00007ff897bf169a 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[3496] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                            00007ff897bf16a2 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[3496] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118                                                                                                              00007ff897bf181a 4 bytes [BF, 97, F8, 7F]
.text    C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[3496] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142                                                                                                              00007ff897bf1832 4 bytes [BF, 97, F8, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [5740:7116]                                                                                                                                                                                            fffff960009a5b90
Thread  C:\WINDOWS\SysWOW64\rundll32.exe [10140:8956]                                                                                                                                                                                        00000000029a4c20
---- Processes - GMER 2.1 ----

Process  C:\Users\****\AppData\Roaming\VOPackage\VOsrv.exe (*** suspicious ***) @ C:\Users\****\AppData\Roaming\VOPackage\VOsrv.exe [2492](2014-07-21 17:56:44)                                                                            0000000000ea0000
Library  C:\Users\****\AppData\Local\Pokki\Engine\libPokki.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [3944] (Chromium/The Chromium Authors)(2014-03-20 22:40:48)                              000000005c940000
Library  C:\Users\****\AppData\Local\Pokki\Engine\icudt.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [3944] (ICU Data DLL/The ICU Project)(2014-01-17 16:32:58)                                  000000005ba50000
Library  C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                    0000000004e80000
Library  C:\Users\****\AppData\Local\Smartbar\Application\srau.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                            0000000005120000
Library  C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                              0000000005140000
Library  C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                        0000000005900000
Library  C:\Users\****\AppData\Local\Smartbar\Application\spbl.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                            0000000005490000
Library  C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                      00000000054d0000
Library  C:\Users\****\AppData\Local\Smartbar\Application\siem.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                            0000000005550000
Library  C:\Users\****\AppData\Local\Smartbar\Application\sppsm.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                          00000000055b0000
Library  C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                          0000000005600000
Library  C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                        0000000005cb0000
Library  C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                            0000000005d20000
Library  C:\Users\****\AppData\Local\Smartbar\Application\srsbs.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                          0000000006400000
Library  C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)    0000000008270000
Library  C:\Users\****\AppData\Local\Smartbar\Application\smti.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                            00000000083d0000
Library  C:\Users\****\AppData\Local\Smartbar\Application\srom.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                            0000000008350000
Library  C:\Users\****\AppData\Local\Smartbar\Application\smtu.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                            0000000008430000
Library  C:\Users\****\AppData\Local\Smartbar\Application\smta.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                            0000000008450000
Library  C:\Users\****\AppData\Local\Smartbar\Application\srbu.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                            000000000a180000
Library  C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                            000000000a1e0000
Library  C:\Users\****\AppData\Local\Smartbar\Application\srpdm.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                          000000000a1d0000
Library  C:\Users\****\AppData\Local\Smartbar\Application\MACTrackBarLib.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                  000000000b7a0000
Library  C:\Users\****\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                000000000b7d0000
Library  C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                            000000000b970000
Library  C:\Users\****\AppData\Local\Smartbar\Application\sgmu.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                            000000000a260000
Library  C:\Users\****\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                000000000a2e0000
Library  C:\Users\****\AppData\Local\Smartbar\Application\Interop.WMPLib.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Smartbar.exe [4584] (FILE NOT FOUND)                                                  000000000a570000
Library  C:\Users\****\AppData\Local\Pokki\Engine\libPokki.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [6392] (Chromium/The Chromium Authors)(2014-03-20 22:40:48)                              000000005c940000
Library  C:\Users\****\AppData\Local\Pokki\Engine\icudt.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [6392] (ICU Data DLL/The ICU Project)(2014-01-17 16:32:58)                                  000000005ba50000
Library  C:\Users\****\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [6392](2014-01-17 16:32:58)                                              000000005b030000
Library  C:\Users\****\AppData\Local\Pokki\Engine\avcodec-54.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [6392](2014-01-17 16:32:58)                                                            000000005ae30000
Library  C:\Users\****\AppData\Local\Pokki\Engine\avutil-51.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [6392](2014-01-17 16:32:56)                                                            000000005c590000
Library  C:\Users\****\AppData\Local\Pokki\Engine\avformat-54.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Pokki\Engine\HostAppService.exe [6392](2014-01-17 16:32:56)                                                          000000005c470000
Library  C:\ProgramData\Windows Genuine Advantage\{661450B0-4E20-44FB-8E7C-BF52EB469422}\api-ms-win-system-d3d11ref-l1-1-0.dll (*** suspicious ***) @ C:\WINDOWS\SysWOW64\regsvr32.exe [12948] ( /Microsoft Corporation)(2014-08-17 10:18:23)  0000000050900000
Library  C:\Users\****\AppData\Local\Smartbar\Application\lrcnt.dll (*** suspicious ***) @ C:\Users\****\AppData\Local\Smartbar\Application\Lrcnta.exe [10324] (FILE NOT FOUND)                                                            0000000004950000
Library  C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_3.0.176.1_x64__bq6yxensn79aw\McCloudShim.dll (*** suspicious ***) @ C:\WINDOWS\system32\wwahost.exe [5960](2014-07-05 08:44:42)                              00007ff8902d0000

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                                                                                                                                unknown MBR code

---- EOF - GMER 2.1 ----
Anmerkung: Bei dem GMER-Scan erschien zweimal der Hinweis, dass auf irgendwelche Prozesse nicht zugegriffen werden könne, weil sie schon verwendet würden (oder so ähnlich). Ich hoffe, ich habe nicht vergessen, irgendwelche laufenden Programme zu schließen während des Scans (wie in der Anleitung stand), soweit ich weiß, hatte ich alle mir bekannten laufenden Prozesse beendet. Ich hoffe, das Logfile nützt euch auch so.

Vielen Dank schonmal im Voraus!

anonym2 18.08.2014 15:40
Der Thread kann geschlossen werden, das Problem wird in einem anderen schon behandelt.

cosinus 19.08.2014 10:04
Hier gehts weiter => http://www.trojaner-board.de/157713-...n-ubliche.html


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:39 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27