Guten Tach!
da mir das doofe Ding langsam zu Kopf steigt, hab ich ich mal entschieden das es doch klüger wäre fachmännischen Rat einzuholen^^
Folgendes:
Habe einen Laptop (Lenovo Y-50) auf dem ich seit 3 Stunden mehrere immer wieder auftretende Programme bekomme:
-istartsurf uninstall
-Remote Desktop Access (VuuPC)
-WindApp
-Selection Tools
-Bubble Dock
sämtliche Progamme bis auf Bubble Dock hatte ich vor ein paar Wochen ebenfalls bekommen nachdem ich versucht habe den SUPER Converter herunterzuladen der mittlerweile auch (seit neustem) eben diese genannten Programme mit installiert....
Hatte dann damals mit Avira und adwcleaner gesäubert aber nun treten sie wieder auf nachdem ich mich auf Wikipedia über 9/11 und Fahrenheit 9/11 informieren wollte...
Bis jetzt habe ich versucht mit der gekauften Version von Kaspersky + adwcleaner diese wieder zu entfernen, allerdings tauchen sie nach 5 Minuten wieder aus dem nichts aus (wahrscheinlich nicht komplett gelöscht)
schon zum dritten mal...
Bitte um Abhilfe
FRST:
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by besti_000 (administrator) on TATI on 22-03-2015 00:22:24
Running from C:\Users\besti_000\Desktop
Loaded Profiles: besti_000 (Available profiles: besti_000)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Users\besti_000\AppData\Roaming\6D414ED0-1426972148-E411-B2A0-F0761C1523A5\jnskB8E7.tmp
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Valve Corporation) C:\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\besti_000\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\besti_000\AppData\Local\Akamai\netsession_win.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILQE.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe
(XTab system) C:\Program Files (x86)\XTab\HPNotify.exe
() C:\Users\besti_000\AppData\Local\Temp\nsf2C4A.tmp
(Nosibay) C:\Users\besti_000\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\besti_000\Desktop\Defogger.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-06-10] (Realtek semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216576 2014-03-10] (Realtek Semiconductor Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2786032 2014-03-07] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-10-06] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-10-06] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-10-06] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\...\Run: [Steam] => C:\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\...\Run: [Akamai NetSession Interface] => C:\Users\besti_000\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [297024 2015-01-18] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\...\Run: [Bubble Dock] => C:\Users\besti_000\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe [666384 2015-03-20] (Nosibay)
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\...\Run: [WindApp] => "C:\Users\besti_000\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\...\Run: [Selection Tools] => C:\Users\besti_000\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe [1510160 2015-03-20] (Nosibay)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9&q={searchTerms}
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9&q={searchTerms}
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3779141926-2993411616-3819481465-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=ill&utm_campaign=install_ie&utm_content=ds&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9&ts=1426978082&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3779141926-2993411616-3819481465-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=ill&utm_campaign=install_ie&utm_content=ds&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9&ts=1426978082&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3779141926-2993411616-3819481465-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=ill&utm_campaign=install_ie&utm_content=ds&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9&ts=1426978082&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3779141926-2993411616-3819481465-1001 -> {48B28562-1674-424A-B909-341EF158D525} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=ill&utm_campaign=install_ie&utm_content=ds&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9&ts=1426978082&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3779141926-2993411616-3819481465-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=ill&utm_campaign=install_ie&utm_content=ds&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9&ts=1426978082&type=default&q={searchTerms}
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-10] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-10] (Oracle Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-03-16] (Thinknice Co. Limited)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-10] (Oracle Corporation)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-10] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9
FireFox:
========
FF ProfilePath: C:\Users\besti_000\AppData\Roaming\Mozilla\Firefox\Profiles\eyeh6psz.default-1426972978212
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: istartsurf
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-10] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-02-26] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-02-26] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-02-26] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2015-02-11] (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF user.js: detected! => C:\Users\besti_000\AppData\Roaming\Mozilla\Firefox\Profiles\eyeh6psz.default-1426972978212\user.js [2015-03-21]
FF SearchPlugin: C:\Users\besti_000\AppData\Roaming\Mozilla\Firefox\Profiles\eyeh6psz.default-1426972978212\searchplugins\istartsurf.xml [2015-03-22]
FF Extension: Fast Start - C:\Users\besti_000\AppData\Roaming\Mozilla\Firefox\Profiles\eyeh6psz.default-1426972978212\Extensions\istart_ffnt@gmail.com [2015-03-21]
FF Extension: Search Enginer - C:\Users\besti_000\AppData\Roaming\Mozilla\Firefox\Profiles\eyeh6psz.default-1426972978212\Extensions\searchengine@gmail.com [2015-03-21]
FF Extension: Firefox Certificate Store Hotfix - C:\Users\besti_000\AppData\Roaming\Mozilla\Firefox\Profiles\eyeh6psz.default-1426972978212\Extensions\firefox-hotfix@mozilla.org.xpi [2015-03-21]
FF Extension: Adblock Plus - C:\Users\besti_000\AppData\Roaming\Mozilla\Firefox\Profiles\eyeh6psz.default-1426972978212\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-21]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-02-26]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-02-26]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Sicherer Zahlungsverkehr - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-02-26]
FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\besti_000\AppData\Roaming\Mozilla\Firefox\Profiles\eyeh6psz.default-1426972978212\extensions\searchengine@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [istart_ffnt@gmail.com] - C:\Users\besti_000\AppData\Roaming\Mozilla\Firefox\Profiles\eyeh6psz.default-1426972978212\extensions\istart_ffnt@gmail.com
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1426978037&from=ill&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A84LZYZ9LZYZ9
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 0073201424941663mcinstcleanup; C:\Users\besti_000\AppData\Local\Temp\0073201424941663mcinst.exe [851136 2014-08-08] (McAfee, Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [92160 2014-03-12] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-05] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-16] (Intel Corporation)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-03-16] (XTab system)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 jumosegy; C:\Users\besti_000\AppData\Roaming\6D414ED0-1426972148-E411-B2A0-F0761C1523A5\jnskB8E7.tmp [128512 2015-03-21] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-10-06] (Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-10-06] (Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-17] (Lenovo(beijing) Limited)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-05] (NVIDIA Corporation)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-10-06] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-10-06] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-10-06] (Lenovo)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-10-06] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [493712 2015-03-21] (SysTool PasSame LIMITED)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-01-28] (Disc Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [47112 2014-08-19] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247496 2014-10-22] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [825016 2014-12-13] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [31432 2014-10-30] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [69320 2014-11-20] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [559832 2014-02-26] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-24] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9121496 2014-06-10] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3301592 2014-02-20] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-03-07] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-22 00:22 - 2015-03-22 00:22 - 00030671 _____ () C:\Users\besti_000\Desktop\FRST.txt
2015-03-22 00:22 - 2015-03-22 00:22 - 00000000 ____D () C:\FRST
2015-03-22 00:21 - 2015-03-22 00:21 - 02095616 _____ (Farbar) C:\Users\besti_000\Desktop\FRST64.exe
2015-03-22 00:21 - 2015-03-22 00:21 - 00000550 _____ () C:\Users\besti_000\Desktop\defogger_disable.log
2015-03-22 00:21 - 2015-03-22 00:21 - 00000128 _____ () C:\Users\besti_000\defogger_reenable
2015-03-22 00:20 - 2015-03-22 00:20 - 00050477 _____ () C:\Users\besti_000\Desktop\Defogger.exe
2015-03-21 23:50 - 2015-03-21 23:50 - 00003760 _____ () C:\WINDOWS\System32\Tasks\Selection Tools Update
2015-03-21 23:50 - 2015-03-21 23:50 - 00003726 _____ () C:\WINDOWS\System32\Tasks\WindApp Update
2015-03-21 23:50 - 2015-03-21 23:50 - 00000078 _____ () C:\Users\besti_000\AppData\Roaming\WindApp.installation.log
2015-03-21 23:50 - 2015-03-21 23:50 - 00000078 _____ () C:\Users\besti_000\AppData\Roaming\Selection Tools.installation.log
2015-03-21 23:50 - 2015-03-21 23:50 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\WTools
2015-03-21 23:50 - 2015-03-21 23:50 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\Store
2015-03-21 23:49 - 2015-03-21 23:50 - 00001314 _____ () C:\Users\besti_000\AppData\Roaming\Bubble Dock.boostrap.log
2015-03-21 23:49 - 2015-03-21 23:49 - 00005738 _____ () C:\Users\besti_000\AppData\Roaming\Bubble Dock.installation.log
2015-03-21 23:49 - 2015-03-21 23:49 - 00000097 _____ () C:\Users\besti_000\AppData\Roaming\WindApp.boostrap.log
2015-03-21 23:49 - 2015-03-21 23:49 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\VOPackage
2015-03-21 23:49 - 2015-03-21 23:49 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\Nosibay
2015-03-21 23:49 - 2015-03-21 23:49 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2015-03-21 23:49 - 2015-03-21 23:49 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock
2015-03-21 23:49 - 2015-03-21 23:49 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\6D414ED0-1426978154-E411-B2A0-F0761C1523A5
2015-03-21 23:48 - 2015-03-21 23:48 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-03-21 23:48 - 2015-03-21 23:48 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-03-21 23:47 - 2015-03-21 23:47 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\istartsurf
2015-03-21 23:47 - 2015-03-21 23:47 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-03-21 23:19 - 2015-03-21 23:47 - 00001412 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-21 23:19 - 2015-03-21 23:47 - 00001400 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-21 23:19 - 2015-03-21 23:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-21 23:19 - 2015-03-21 23:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-21 23:06 - 2015-03-21 23:06 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\6D414ED0-1426975581-E411-B2A0-F0761C1523A5
2015-03-21 22:45 - 2015-03-21 22:45 - 02171392 _____ () C:\Users\besti_000\Desktop\adwcleaner_4.112.exe
2015-03-21 22:41 - 2015-03-21 22:41 - 00001722 _____ () C:\WINDOWS\SysWOW64\${LOGFILE}
2015-03-21 22:10 - 2015-03-21 22:10 - 00000129 _____ () C:\WINDOWS\wininit.ini
2015-03-21 22:09 - 2015-03-21 23:15 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\6D414ED0-1426972148-E411-B2A0-F0761C1523A5
2015-03-21 08:52 - 2015-03-21 08:52 - 00003290 _____ () C:\WINDOWS\System32\Tasks\g3sWqfHgixii1KT
2015-03-21 08:52 - 2015-03-21 08:52 - 00003248 _____ () C:\WINDOWS\System32\Tasks\dhaoOy6e2HLsTiV
2015-03-21 08:52 - 2015-03-21 08:52 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\TX9VCaj
2015-03-21 08:52 - 2015-03-21 08:52 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\aoDKGRi
2015-03-18 17:53 - 2015-03-21 14:49 - 00000000 ____D () C:\Users\besti_000\AppData\Local\Ori and the Blind Forest
2015-03-18 15:44 - 2015-03-18 15:44 - 00000202 _____ () C:\Users\besti_000\Desktop\Ori and the Blind Forest.url
2015-03-10 23:35 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-10 23:35 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-10 23:35 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-10 23:35 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-10 23:35 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-10 23:35 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-10 23:35 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-10 23:34 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-10 23:34 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-10 23:34 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-10 23:34 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-10 23:34 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-10 23:34 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-10 23:34 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-10 23:34 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-10 23:34 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-10 23:34 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-10 23:34 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-10 23:34 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-10 23:34 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-10 23:34 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-10 23:34 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-10 23:34 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-10 23:34 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-10 23:34 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-10 23:34 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-10 23:34 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-10 23:34 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-10 23:34 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-10 23:34 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-10 23:34 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-10 23:34 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-10 23:34 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-10 23:34 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-10 23:34 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-10 23:34 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-10 23:34 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-10 23:34 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-10 23:34 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-10 23:34 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-10 23:34 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-10 23:34 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-10 23:34 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-10 23:34 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-10 23:34 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-10 23:34 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-10 23:34 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-10 23:34 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-10 23:34 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-10 23:34 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-10 23:34 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-10 23:34 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-10 23:34 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-10 23:34 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-10 23:34 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-10 23:34 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-10 23:34 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-10 23:34 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-10 23:34 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-10 23:34 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-10 23:34 - 2015-01-30 04:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-10 23:34 - 2015-01-30 04:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-10 23:34 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-10 23:34 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-10 23:34 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-10 23:34 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-10 23:34 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-10 23:34 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-10 23:34 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-10 23:34 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-10 23:34 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-10 23:34 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-10 23:34 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-10 23:34 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-10 23:34 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-10 23:34 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-10 23:34 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-10 23:34 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-10 23:34 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-10 23:34 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-10 23:34 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-10 23:34 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-10 23:34 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-10 23:34 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-10 23:34 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-10 23:34 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-10 23:34 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-10 23:34 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-10 23:34 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-10 23:34 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-10 23:34 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-10 23:34 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-10 23:34 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-10 23:34 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-10 23:34 - 2014-10-29 04:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-10 23:34 - 2014-10-29 03:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-10 23:34 - 2014-10-29 03:46 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-10 23:34 - 2014-10-29 03:46 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-10 23:34 - 2014-10-29 03:45 - 01198080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-10 23:34 - 2014-10-29 03:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-10 23:34 - 2014-10-29 03:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-10 23:34 - 2014-10-29 03:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-10 23:34 - 2014-10-29 03:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-10 23:34 - 2014-10-29 03:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-10 23:34 - 2014-10-29 03:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-10 23:34 - 2014-10-29 03:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-10 23:34 - 2014-10-29 03:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-10 23:34 - 2014-10-29 03:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-10 23:34 - 2014-10-29 03:03 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-10 23:34 - 2014-10-29 03:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-10 23:34 - 2014-10-29 03:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-10 23:34 - 2014-10-29 02:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-10 23:34 - 2014-10-29 02:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-10 23:34 - 2014-10-29 02:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-10 23:34 - 2014-10-29 02:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-10 23:34 - 2014-10-29 02:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-10 23:34 - 2014-10-29 02:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-10 23:34 - 2014-10-29 02:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-10 23:34 - 2014-10-29 02:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-10 23:34 - 2014-10-29 02:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-10 23:34 - 2014-10-29 02:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-10 23:34 - 2014-10-29 01:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-10 23:34 - 2014-10-29 01:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-10 23:34 - 2014-10-29 01:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-10 23:34 - 2014-10-29 01:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-10 23:34 - 2014-10-29 01:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-10 23:34 - 2014-10-29 01:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-10 23:33 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-10 23:33 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-10 23:33 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-10 23:33 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-10 23:33 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-10 23:33 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-10 23:33 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-10 23:33 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-10 23:33 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-10 23:33 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-10 23:33 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-10 23:33 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-10 23:33 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-07 18:45 - 2015-03-07 18:45 - 00000000 ____D () C:\Users\besti_000\Documents\Firefall
2015-03-07 18:45 - 2015-03-07 18:45 - 00000000 ____D () C:\Users\besti_000\AppData\Local\Red 5 Studios
2015-03-06 21:30 - 2015-03-06 21:31 - 00000000 ____D () C:\Zanzarah
2015-03-04 17:47 - 2015-03-04 17:47 - 00000000 ____D () C:\Users\besti_000\AppData\Local\BigHugeEngine
2015-03-04 15:25 - 2015-03-04 15:25 - 00000202 _____ () C:\Users\besti_000\Desktop\Kingdoms of Amalur Reckoning.url
2015-03-01 19:17 - 2015-03-01 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2015-03-01 19:17 - 2015-03-01 19:17 - 00000000 ____D () C:\Program Files (x86)\Xiph.Org
2015-03-01 00:17 - 1998-10-21 18:43 - 00328704 _____ (InstallShield Software Corporation ) C:\WINDOWS\IsUn0407.exe
2015-02-26 10:13 - 2015-02-26 10:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-02-26 10:13 - 2015-02-26 10:12 - 00002167 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-02-26 10:12 - 2015-03-22 00:12 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-26 10:12 - 2015-02-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-02-26 10:12 - 2014-12-13 18:21 - 00825016 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2015-02-26 10:12 - 2014-11-28 18:19 - 00151240 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2015-02-26 10:12 - 2014-10-22 21:13 - 00247496 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klhk.sys
2015-02-26 10:12 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2015-02-26 10:10 - 2015-02-26 10:10 - 00000000 ___HD () C:\kleaner.tmp
2015-02-25 12:09 - 2015-02-25 12:09 - 00000202 _____ () C:\Users\besti_000\Desktop\Firefall.url
2015-02-24 22:51 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-24 22:51 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-24 22:51 - 2014-10-29 02:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-02-24 22:51 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-02-24 22:51 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-02-24 22:51 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-22 00:21 - 2015-01-07 23:39 - 00000000 ____D () C:\Users\besti_000
2015-03-22 00:16 - 2015-01-09 16:48 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-22 00:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-21 23:52 - 2015-01-09 15:45 - 00000000 ____D () C:\Users\besti_000\AppData\Local\Warframe
2015-03-21 23:52 - 2015-01-07 23:57 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3779141926-2993411616-3819481465-1001
2015-03-21 23:50 - 2015-02-19 04:47 - 00000238 _____ () C:\Users\besti_000\AppData\Local\recently-fix.db
2015-03-21 23:47 - 2015-02-13 11:47 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\Nitro PDF
2015-03-21 23:47 - 2015-02-01 14:47 - 00000929 _____ () C:\WINDOWS\Tasks\EPSON XP-610 Series Update {B4B486DF-8731-4EB7-970E-E58848CE531C}.job
2015-03-21 23:47 - 2015-02-01 14:47 - 00000743 _____ () C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {B4B486DF-8731-4EB7-970E-E58848CE531C}.job
2015-03-21 23:47 - 2015-01-07 23:40 - 00001252 _____ () C:\Users\besti_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-21 23:47 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2015-03-21 23:38 - 2014-10-07 05:31 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-21 23:38 - 2014-10-07 05:31 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-21 23:38 - 2014-03-18 10:53 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-21 23:33 - 2015-01-07 23:57 - 00000000 ____D () C:\Steam
2015-03-21 23:32 - 2015-01-07 23:52 - 00000000 ____D () C:\Users\besti_000\OneDrive
2015-03-21 23:32 - 2015-01-07 23:40 - 00254646 _____ () C:\Users\besti_000\AppData\Local\BTServer.log
2015-03-21 23:31 - 2014-10-06 20:46 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2015-03-21 23:31 - 2014-10-06 20:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-21 23:31 - 2013-08-22 15:46 - 00029327 _____ () C:\WINDOWS\setupact.log
2015-03-21 23:31 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-21 23:21 - 2015-02-19 17:12 - 00000000 ____D () C:\AdwCleaner
2015-03-21 23:21 - 2014-03-18 10:44 - 00057000 _____ () C:\WINDOWS\PFRO.log
2015-03-21 23:11 - 2015-01-09 15:45 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2015-03-21 22:36 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-21 22:33 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-21 22:08 - 2014-10-06 19:46 - 01910418 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-21 08:52 - 2015-02-19 04:47 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\aLGgXv1
2015-03-17 18:09 - 2015-01-09 18:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-15 14:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-15 10:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-03-13 01:12 - 2013-08-22 15:44 - 00346960 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-13 01:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-13 01:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-13 01:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-13 01:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-13 01:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-13 01:09 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-13 01:09 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-12 23:41 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-12 23:36 - 2015-01-09 18:05 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-11 23:15 - 2014-10-06 20:45 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2015-03-07 18:35 - 2015-02-03 23:35 - 00000000 ____D () C:\Users\besti_000\AppData\Local\Battle.net
2015-03-04 22:24 - 2013-08-22 16:38 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-04 22:24 - 2013-08-22 16:38 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-04 17:47 - 2015-01-09 21:43 - 00000000 ____D () C:\Users\besti_000\Documents\my games
2015-03-04 17:46 - 2015-01-07 18:07 - 00123499 _____ () C:\WINDOWS\DirectX.log
2015-03-02 21:30 - 2015-01-08 19:37 - 00000000 ____D () C:\Users\besti_000\AppData\Roaming\vlc
2015-03-02 18:39 - 2015-02-16 15:43 - 00000000 ____D () C:\Users\besti_000\Desktop\Spongebob
2015-03-01 19:24 - 2013-08-22 12:22 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-03-01 19:24 - 2013-08-22 12:22 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-03-01 19:24 - 2013-08-22 12:17 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-03-01 19:24 - 2013-08-22 12:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-03-01 19:24 - 2013-08-22 12:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-03-01 19:24 - 2013-08-22 04:56 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-03-01 19:24 - 2013-08-22 04:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-03-01 19:24 - 2013-08-22 04:51 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-03-01 19:24 - 2013-08-22 04:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-03-01 19:24 - 2013-08-22 04:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-03-01 19:23 - 2013-08-22 05:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-03-01 19:23 - 2013-08-22 05:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-03-01 19:23 - 2013-08-22 04:59 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-03-01 19:23 - 2013-08-22 04:51 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-02-27 23:16 - 2015-02-03 23:35 - 00000000 ____D () C:\Battle.net
2015-02-26 10:12 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-02-26 10:10 - 2014-10-06 20:47 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-02-26 10:09 - 2014-10-06 20:47 - 00000000 ____D () C:\ProgramData\McAfee
==================== Files in the root of some directories =======
2015-03-21 23:49 - 2015-03-21 23:50 - 0001314 _____ () C:\Users\besti_000\AppData\Roaming\Bubble Dock.boostrap.log
2015-03-21 23:49 - 2015-03-21 23:49 - 0005738 _____ () C:\Users\besti_000\AppData\Roaming\Bubble Dock.installation.log
2015-03-21 23:50 - 2015-03-21 23:50 - 0000078 _____ () C:\Users\besti_000\AppData\Roaming\Selection Tools.installation.log
2015-03-21 23:49 - 2015-03-21 23:49 - 0000097 _____ () C:\Users\besti_000\AppData\Roaming\WindApp.boostrap.log
2015-03-21 23:50 - 2015-03-21 23:50 - 0000078 _____ () C:\Users\besti_000\AppData\Roaming\WindApp.installation.log
2015-01-07 23:40 - 2015-03-21 23:32 - 0254646 _____ () C:\Users\besti_000\AppData\Local\BTServer.log
2015-02-19 04:47 - 2015-03-21 23:50 - 0000238 _____ () C:\Users\besti_000\AppData\Local\recently-fix.db
2014-10-06 20:20 - 2014-10-06 20:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\besti_000\AppData\Local\Temp\0073201424941663mcinst.exe
C:\Users\besti_000\AppData\Local\Temp\1364.exe
C:\Users\besti_000\AppData\Local\Temp\1440.exe
C:\Users\besti_000\AppData\Local\Temp\5522.exe
C:\Users\besti_000\AppData\Local\Temp\bdfilters.dll
C:\Users\besti_000\AppData\Local\Temp\bitool.dll
C:\Users\besti_000\AppData\Local\Temp\BTServer.exe
C:\Users\besti_000\AppData\Local\Temp\mccspuninstall.exe
C:\Users\besti_000\AppData\Local\Temp\NGMDll.dll
C:\Users\besti_000\AppData\Local\Temp\NGMResource.dll
C:\Users\besti_000\AppData\Local\Temp\NGMSetup.exe
C:\Users\besti_000\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\besti_000\AppData\Local\Temp\Quarantine.exe
C:\Users\besti_000\AppData\Local\Temp\SpOrder.dll
C:\Users\besti_000\AppData\Local\Temp\SPSetup.exe
C:\Users\besti_000\AppData\Local\Temp\sqlite3.dll
C:\Users\besti_000\AppData\Local\Temp\unicows.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-15 12:50
==================== End Of Log ============================
Addition:
Code:
Alles auswählen Aufklappen ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by besti_000 at 2015-03-22 00:23:02
Running from C:\Users\besti_000\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Bubble Dock (HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\...\Bubble Dock) (Version: - Nosibay)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version: - SEIKO EPSON Corporation)
Firefall (HKLM-x32\...\Steam App 227700) (Version: - Red 5 Studios)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version: - istartsurf) <==== ATTENTION
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
Kingdoms of Amalur: Reckoning™ (HKLM-x32\...\Steam App 102500) (Version: - Big Huge Games)
LEGO - The Hobbit (HKLM-x32\...\Steam App 285160) (Version: - Traveller's Tales)
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version: - Traveller's Tales)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10279 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.2 - Lenovo) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Ihr Firmenname)
Lenovo Settings (x32 Version: 1.0.0.46 - Ihr Firmenname) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.61 - Lenovo) Hidden
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.3211 - Lenovo)
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Magic Transfer (x32 Version: 1.1.1.11 - Lenovo) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.2 - Black Tree Gaming)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.810.810.031214 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0237 - REALTEK Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Selection Tools (HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\...\Selection Tools) (Version: - WTools) <==== ATTENTION
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
StageLight (HKLM\...\StageLight) (Version: 1.3.0.4350 - Open Labs, LLC.)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.81 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\{2664B43F-B02C-4DCB-B745-E55FED9B3F72}) (Version: 1.0.0 - Digital Extremes)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
WindApp (HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\...\WindApp) (Version: - Store) <==== ATTENTION
Windows-Treiberpaket - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
X Rebirth (HKLM-x32\...\Steam App 2870) (Version: - Egosoft)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3779141926-2993411616-3819481465-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
04-03-2015 17:45:19 DirectX wurde installiert
12-03-2015 23:33:46 Windows Update
21-03-2015 18:15:12 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0DBF00C8-C3FF-4822-8AF5-F9C54DC85A59} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {29A95643-2F3F-4DE9-AB0C-A2B830950883} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {6068B5F4-8622-42D6-A0AF-05E0DC37EBB8} - System32\Tasks\pGneiP1C2sHsBHf => C:\Users\besti_000\AppData\Roaming\aLGgXv1\QvsSUsB.exe [2015-02-19] ( )
Task: {716056F1-D223-4867-8057-D1EA13E3E8ED} - System32\Tasks\g3sWqfHgixii1KT => C:\Users\besti_000\AppData\Roaming\TX9VCaj\idjmNWR.exe [2015-03-21] ( )
Task: {785E799D-7785-4802-9200-85C11414B049} - System32\Tasks\Selection Tools Update => C:\Users\besti_000\AppData\Roaming\WTools\Selection Tools\Selection Tools Update.exe [2015-03-20] (Nosibay)
Task: {7901028C-C2C3-4C53-99F6-BFC487A2584B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {7CFD60CA-9D80-4EE4-9B5C-88EBEC42CB84} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {7E7A71AD-5437-46A8-9965-513326A0BCB3} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {9A295152-94FB-4D07-A288-134608A50927} - System32\Tasks\dhaoOy6e2HLsTiV => C:\Users\besti_000\AppData\Roaming\aoDKGRi\BauA52c.exe [2015-03-21] ( )
Task: {ACAE65F7-B6B9-4279-9B9B-569668B24E3B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-12] (Microsoft Corporation)
Task: {C05013D9-E1D3-457D-BC6C-5DE294DE6BC0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {C1EE5E02-7725-4693-8358-52EC9F4755CA} - System32\Tasks\WindApp Update => C:\Users\besti_000\AppData\Roaming\Store\WindApp\WindApp Update.exe [2015-03-20] (Nosibay) <==== ATTENTION
Task: {C9BEEC1F-0329-49EB-A534-8D99199CBBEF} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-01-07] (Lenovo)
Task: {E4C24912-9654-43BA-8B5A-79E77EF826AF} - System32\Tasks\EPSON XP-610 Series Invitation {B4B486DF-8731-4EB7-970E-E58848CE531C} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2015-01-18] (SEIKO EPSON CORPORATION)
Task: {F8CE6FBA-A58C-44D4-BFCC-868C053E2072} - System32\Tasks\EPSON XP-610 Series Update {B4B486DF-8731-4EB7-970E-E58848CE531C} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2015-01-18] (SEIKO EPSON CORPORATION)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {B4B486DF-8731-4EB7-970E-E58848CE531C}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {B4B486DF-8731-4EB7-970E-E58848CE531C}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{B4B486DF-8731-4EB7-970E-E58848CE531C} /F:Update�WORKGROUP\TATI$
�Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Loaded Modules (whitelisted) ==============
2014-10-06 20:12 - 2015-02-05 20:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-06 20:15 - 2014-03-12 13:30 - 00092160 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-03-21 22:09 - 2015-03-21 22:09 - 00128512 _____ () C:\Users\besti_000\AppData\Roaming\6D414ED0-1426972148-E411-B2A0-F0761C1523A5\jnskB8E7.tmp
2014-10-06 20:50 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-10-06 20:46 - 2014-10-06 20:46 - 00068880 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-10-06 20:46 - 2014-10-06 20:46 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2014-10-06 20:19 - 2013-10-01 10:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-06-17 06:47 - 2014-04-16 09:28 - 00080312 _____ () C:\WINDOWS\system32\igfxexps.dll
2014-03-26 11:50 - 2014-10-06 20:55 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2014-10-06 20:51 - 2014-10-06 20:51 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2015-03-21 23:48 - 2015-03-21 23:48 - 00045438 _____ () C:\Users\besti_000\AppData\Local\Temp\nsf2C4A.tmp
2015-03-22 00:20 - 2015-03-22 00:20 - 00050477 _____ () C:\Users\besti_000\Desktop\Defogger.exe
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\kpcengine.2.3.dll
2014-02-25 15:42 - 2014-02-25 15:42 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2015-01-07 17:56 - 2014-11-11 19:47 - 00774656 _____ () C:\Steam\SDL2.dll
2015-01-22 18:38 - 2014-12-02 01:29 - 05002752 _____ () C:\Steam\v8.dll
2015-01-07 17:56 - 2015-02-19 00:51 - 02360000 _____ () C:\Steam\video.dll
2015-01-22 18:38 - 2014-12-02 01:29 - 01612800 _____ () C:\Steam\icui18n.dll
2015-01-22 18:38 - 2014-12-02 01:29 - 01210368 _____ () C:\Steam\icuuc.dll
2015-01-07 17:56 - 2014-12-01 22:31 - 02396672 _____ () C:\Steam\libavcodec-56.dll
2015-01-07 17:56 - 2014-12-01 22:31 - 00479744 _____ () C:\Steam\libavformat-56.dll
2015-01-07 17:56 - 2014-12-01 22:31 - 00332800 _____ () C:\Steam\libavresample-2.dll
2015-01-07 17:56 - 2014-12-01 22:31 - 00442880 _____ () C:\Steam\libavutil-54.dll
2015-01-07 17:56 - 2014-12-01 22:31 - 00485888 _____ () C:\Steam\libswscale-3.dll
2015-01-07 17:56 - 2015-02-19 00:51 - 00702656 _____ () C:\Steam\bin\chromehtml.DLL
2015-01-07 17:56 - 2015-01-28 02:30 - 34641288 _____ () C:\Steam\bin\libcef.dll
2015-01-07 17:56 - 2015-01-28 02:30 - 01709960 _____ () C:\Steam\bin\ffmpegsumo.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 00502056 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 00608040 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 00338216 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\besti_000\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VisualDiscovery => ""="service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3779141926-2993411616-3819481465-1001\Control Panel\Desktop\\Wallpaper -> C:\Steam\userdata\39364554\760\remote\230410\screenshots\2015-01-31_00003.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3779141926-2993411616-3819481465-500 - Administrator - Disabled)
besti_000 (S-1-5-21-3779141926-2993411616-3819481465-1001 - Administrator - Enabled) => C:\Users\besti_000
Gast (S-1-5-21-3779141926-2993411616-3819481465-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/21/2015 11:51:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17668, Zeitstempel: 0x54c850f5
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec500
ID des fehlerhaften Prozesses: 0x15ec
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5
Error: (03/21/2015 11:31:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 007320~1.EXE, Version: 8.6.154.0, Zeitstempel: 0x53e5162a
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x01921058
ID des fehlerhaften Prozesses: 0x758
Startzeit der fehlerhaften Anwendung: 0x007320~1.EXE0
Pfad der fehlerhaften Anwendung: 007320~1.EXE1
Pfad des fehlerhaften Moduls: 007320~1.EXE2
Berichtskennung: 007320~1.EXE3
Vollständiger Name des fehlerhaften Pakets: 007320~1.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 007320~1.EXE5
Error: (03/21/2015 11:21:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 007320~1.EXE, Version: 8.6.154.0, Zeitstempel: 0x53e5162a
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00d71058
ID des fehlerhaften Prozesses: 0x74c
Startzeit der fehlerhaften Anwendung: 0x007320~1.EXE0
Pfad der fehlerhaften Anwendung: 007320~1.EXE1
Pfad des fehlerhaften Moduls: 007320~1.EXE2
Berichtskennung: 007320~1.EXE3
Vollständiger Name des fehlerhaften Pakets: 007320~1.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 007320~1.EXE5
Error: (03/21/2015 11:15:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 007320~1.EXE, Version: 8.6.154.0, Zeitstempel: 0x53e5162a
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x006b1058
ID des fehlerhaften Prozesses: 0x744
Startzeit der fehlerhaften Anwendung: 0x007320~1.EXE0
Pfad der fehlerhaften Anwendung: 007320~1.EXE1
Pfad des fehlerhaften Moduls: 007320~1.EXE2
Berichtskennung: 007320~1.EXE3
Vollständiger Name des fehlerhaften Pakets: 007320~1.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 007320~1.EXE5
Error: (03/21/2015 11:08:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17668, Zeitstempel: 0x54c850f5
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec500
ID des fehlerhaften Prozesses: 0x185c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5
Error: (03/21/2015 10:49:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 007320~1.EXE, Version: 8.6.154.0, Zeitstempel: 0x53e5162a
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x01801058
ID des fehlerhaften Prozesses: 0x6ec
Startzeit der fehlerhaften Anwendung: 0x007320~1.EXE0
Pfad der fehlerhaften Anwendung: 007320~1.EXE1
Pfad des fehlerhaften Moduls: 007320~1.EXE2
Berichtskennung: 007320~1.EXE3
Vollständiger Name des fehlerhaften Pakets: 007320~1.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 007320~1.EXE5
Error: (03/21/2015 10:37:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 007320~1.EXE, Version: 8.6.154.0, Zeitstempel: 0x53e5162a
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014b1058
ID des fehlerhaften Prozesses: 0x774
Startzeit der fehlerhaften Anwendung: 0x007320~1.EXE0
Pfad der fehlerhaften Anwendung: 007320~1.EXE1
Pfad des fehlerhaften Moduls: 007320~1.EXE2
Berichtskennung: 007320~1.EXE3
Vollständiger Name des fehlerhaften Pakets: 007320~1.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 007320~1.EXE5
Error: (03/21/2015 10:12:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 007320~1.EXE, Version: 8.6.154.0, Zeitstempel: 0x53e5162a
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x01281058
ID des fehlerhaften Prozesses: 0x738
Startzeit der fehlerhaften Anwendung: 0x007320~1.EXE0
Pfad der fehlerhaften Anwendung: 007320~1.EXE1
Pfad des fehlerhaften Moduls: 007320~1.EXE2
Berichtskennung: 007320~1.EXE3
Vollständiger Name des fehlerhaften Pakets: 007320~1.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 007320~1.EXE5
Error: (03/21/2015 10:03:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.3.5556, Zeitstempel: 0x550bb6a0
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.3.5556, Zeitstempel: 0x550ba813
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x183c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (03/21/2015 10:03:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.3.5556, Zeitstempel: 0x550bb6a0
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.3.5556, Zeitstempel: 0x550ba813
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x2e0c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
System errors:
=============
Error: (03/21/2015 11:52:23 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {682159D9-C321-47CA-B3F1-30E36B2EC8B9}
Error: (03/21/2015 11:32:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee Application Installer Cleanup (0073201424941663)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/21/2015 11:28:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Formula Address" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/21/2015 11:21:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee Application Installer Cleanup (0073201424941663)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/21/2015 11:15:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee Application Installer Cleanup (0073201424941663)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/21/2015 11:15:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll
Error: (03/21/2015 11:15:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll
Error: (03/21/2015 11:15:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll
Error: (03/21/2015 11:11:14 PM) (Source: DCOM) (EventID: 10000) (User: TATI)
Description: C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (03/21/2015 11:11:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (03/21/2015 11:51:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.3.9600.1766754c6f7c2USER32.dll6.3.9600.1766854c850f5c000014200000000000ec50015ec01d064299fd0b3c1C:\WINDOWS\explorer.exeUSER32.dlldd86033a-d01c-11e4-826c-1008b1864378
Error: (03/21/2015 11:31:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 007320~1.EXE8.6.154.053e5162aunknown0.0.0.000000000c00000050192105875801d06426d3389348C:\Users\BESTI_~1\AppData\Local\Temp\007320~1.EXEunknown149a484f-d01a-11e4-826c-1008b1864378
Error: (03/21/2015 11:21:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 007320~1.EXE8.6.154.053e5162aunknown0.0.0.000000000c000000500d7105874c01d06425644707ecC:\Users\BESTI_~1\AppData\Local\Temp\007320~1.EXEunknowna53f05db-d018-11e4-826b-1008b1864378
Error: (03/21/2015 11:15:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 007320~1.EXE8.6.154.053e5162aunknown0.0.0.000000000c0000005006b105874401d064248e2271daC:\Users\BESTI_~1\AppData\Local\Temp\007320~1.EXEunknowncef0a98e-d017-11e4-826a-1008b1864378
Error: (03/21/2015 11:08:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.3.9600.1766754c6f7c2USER32.dll6.3.9600.1766854c850f5c000014200000000000ec500185c01d064239dd8a647C:\WINDOWS\explorer.exeUSER32.dlldb8ff19c-d016-11e4-8269-1008b1864378
Error: (03/21/2015 10:49:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 007320~1.EXE8.6.154.053e5162aunknown0.0.0.000000000c0000005018010586ec01d06420cf81ab35C:\Users\BESTI_~1\AppData\Local\Temp\007320~1.EXEunknown15017771-d014-11e4-8269-1008b1864378
Error: (03/21/2015 10:37:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 007320~1.EXE8.6.154.053e5162aunknown0.0.0.000000000c0000005014b105877401d0641f2b278144C:\Users\BESTI_~1\AppData\Local\Temp\007320~1.EXEunknown7315a9e5-d012-11e4-8268-1008b1864378
Error: (03/21/2015 10:12:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 007320~1.EXE8.6.154.053e5162aunknown0.0.0.000000000c00000050128105873801d0641bc5a4b57cC:\Users\BESTI_~1\AppData\Local\Temp\007320~1.EXEunknown0a5bd169-d00f-11e4-8267-1008b1864378
Error: (03/21/2015 10:03:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.3.5556550bb6a0mozalloc.dll36.0.3.5556550ba8138000000300001e02183c01d0641a5b78acebC:\Mozilla Firefox\plugin-container.exeC:\Mozilla Firefox\mozalloc.dlla811954c-d00d-11e4-8266-1008b1864378
Error: (03/21/2015 10:03:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.3.5556550bb6a0mozalloc.dll36.0.3.5556550ba8138000000300001e022e0c01d0641a5b33894aC:\Mozilla Firefox\plugin-container.exeC:\Mozilla Firefox\mozalloc.dlla7874bf5-d00d-11e4-8266-1008b1864378
CodeIntegrity Errors:
===================================
Date: 2015-02-19 17:48:58.293
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-19 17:48:58.119
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-19 17:48:57.916
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-19 17:48:57.722
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-19 17:48:57.568
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-19 17:48:57.426
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-19 17:48:57.256
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-19 17:48:57.130
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-19 17:48:57.010
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-19 17:48:56.889
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 36%
Total physical RAM: 8104.27 MB
Available physical RAM: 5161.87 MB
Total Pagefile: 9384.27 MB
Available Pagefile: 5680.45 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:888.57 GB) (Free:687.68 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 563F7413)
Partition: GPT Partition Type.
==================== End Of Log ============================
schon zum dritten mal...
Baum-Darstellung