NegativeZero | 16.10.2014 22:57 |
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Dominic (administrator) on CINIMOD on 16-10-2014 23:48:44
Running from C:\Users\Dominic\Downloads
Loaded Profile: Dominic (Available profiles: Dominic)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Users\Dominic\AppData\Roaming\VOPackage\VOsrv.exe
() C:\Windows\SysWOW64\SMITSC.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(enter) C:\Program Files (x86)\videos+Media+Players\b76acec1-8959-4c0b-a20c-adc5995fb977.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Users\Dominic\AppData\Local\ConvertAd\ConvertAd.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810608 2014-09-11] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-24] (TOSHIBA)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [mbot_de_131] => [X]
HKLM-x32\...\Run: [ConvertAd] => C:\Users\Dominic\AppData\Local\ConvertAd\ConvertAd.exe [2072576 2014-10-05] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3570546844-1593422857-3585846590-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-3570546844-1593422857-3585846590-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-3570546844-1593422857-3585846590-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-3570546844-1593422857-3585846590-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Dominic\AppData\Local\Smartbar\Application\Smartbar.exe startup
AppInit_DLLs: C:\Users\Dominic\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Dominic\AppData\Local\Smartbar\Application\Resources\crdlil64.dll [77856 2014-09-21] ()
AppInit_DLLs-x32: c:\users\dominic\appdata\local\smartbar\application\resources\crdlil.dll => c:\users\dominic\appdata\local\smartbar\application\resources\crdlil.dll [67104 2014-09-21] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb5RhkcXfL21618Y07zGKBc7rpZyM0aVoLMEJftzwSUzxW8ZfPtBmGs26hS7jbF-c-6dQh-ZIxE89iL9h1tCbryjXwqrHwCgHIJsQfXAzMVs-XSbnVWg4ng2i70XFFFgN67LOcLYYJkCR_P1yFGTfwJPvPbcTHRKA,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mysearchpage.net
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413035098&from=tugs&uid=TOSHIBAXMQ01ABD100H_44DIC37KTXX44DIC37KT
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb5RhkcXfL21618Y07zGKBc7rpZyM0aVoLMEJftzwSUzxW8ZfPtBmGs26hS7jbF-c-6dQh-ZIxE89iL9h1tCbryjXwqrHwCgHIJsQfXAzMVs-XSbnVWg4ng2i70XFFFgN67LOcLYYJkCR_P1yFGTfwJPvPbcTHRKA,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1413035098&from=tugs&uid=TOSHIBAXMQ01ABD100H_44DIC37KTXX44DIC37KT
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {30E498F2-A10B-47F5-957B-DB8B060A6DFF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb5RhkcXfL21618Y07zGKBc7rpZyM0aVoLMEJftzwSUzxW8ZfPtBmGs26hS7jbF-c-6dQh-ZIxE89iL9h1tCbryjXwqrHwCgHIJsQfXAzMVs-XSbnVWg4ng2i70XFFFgN67LOcLYYJkCR_P0Q1Ds_U_OE7TPGipig,,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb5RhkcXfL21618Y07zGKBc7rpZyM0aVoLMEJftzwSUzxW8ZfPtBmGs26hS7jbF-c-6dQh-ZIxE89iL9h1tCbryjXwqrHwCgHIJsQfXAzMVs-XSbnVWg4ng2i70XFFFgN67LOcLYYJkCR_P1yFGTfwJPvPbcTHRKA,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb5RhkcXfL21618Y07zGKBc7rpZyM0aVoLMEJftzwSUzxW8ZfPtBmGs26hS7jbF-c-6dQh-ZIxE89iL9h1tCbryjXwqrHwCgHIJsQfXAzMVs-XSbnVWg4ng2i70XFFFgN67LOcLYYJkCR_P1yFGTfwJPvPbcTHRKA,,&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413035098&from=tugs&uid=TOSHIBAXMQ01ABD100H_44DIC37KTXX44DIC37KT&q={searchTerms}
BHO: videos+Media+Players -> {11111111-1111-1111-1111-110611491169} -> C:\Program Files (x86)\videos+Media+Players\videos+Media+Players-bho64.dll (enter)
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO-x32: videos+Media+Players -> {11111111-1111-1111-1111-110611491169} -> C:\Program Files (x86)\videos+Media+Players\videos+Media+Players-bho.dll (enter)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> No File
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\Eyx8qVNB.default
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF user.js: detected! => C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\Eyx8qVNB.default\user.js
FF Extension: HC-nemAP2V11.10 - C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\Eyx8qVNB.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [2014-10-11]
FF Extension: videos+Media+Players - C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\Eyx8qVNB.default\Extensions\975af956-6d8c-4897-837a-25c267d2cec1@gmail.com [2014-10-01]
FF Extension: Avira Browser Safety - C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\Eyx8qVNB.default\Extensions\abs@avira.com [2014-09-03]
FF Extension: {{EXT_NAME}} - C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\Eyx8qVNB.default\Extensions\goo.gl_lite@matthew.flaschen.gatech.edu [2014-10-07]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-09-17]
CHR Extension: (Google Präsentationen) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-03]
CHR Extension: (Google Docs) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-03]
CHR Extension: (Google Drive) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-03]
CHR Extension: (Google-Suche) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-03]
CHR Extension: (Google Tabellen) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-03]
CHR Extension: (Avira Browser Safety) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-03]
CHR Extension: (Google Wallet) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-03]
CHR Extension: (Google Mail) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-03]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-10-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-28] (Avira Operations GmbH & Co. KG)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-17] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-26] (WildTangent)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-11] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-11] (globalUpdate) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-21] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 servervo; C:\Users\Dominic\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-10-01] () [File not signed]
R2 SMITS; C:\Windows\SysWOW64\SMITSC.exe [13312 2014-02-27] () [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-12-24] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-10-11] (Fuyu LIMITED) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-21] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-16] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3609568 2013-12-25] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466648 2014-02-21] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-09-11] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-11] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-16 23:48 - 2014-10-16 23:48 - 00022446 _____ () C:\Users\Dominic\Downloads\FRST.txt
2014-10-16 23:48 - 2014-10-16 23:48 - 00000000 ____D () C:\FRST
2014-10-16 23:47 - 2014-10-16 23:47 - 02112000 _____ (Farbar) C:\Users\Dominic\Downloads\FRST64.exe
2014-10-16 23:47 - 2014-10-16 23:47 - 02112000 _____ (Farbar) C:\Users\Dominic\Downloads\FRST64 (1).exe
2014-10-15 07:27 - 2014-10-15 07:27 - 20220837 _____ () C:\Users\Dominic\Desktop\Sommerblume_Musik.zip
2014-10-15 07:07 - 2014-10-15 07:14 - 00000000 ____D () C:\Users\Dominic\Desktop\Sommerblume_Musik
2014-10-12 20:30 - 2014-10-12 20:30 - 00003106 _____ () C:\Windows\System32\Tasks\{BB8FA071-A882-40D6-9032-1F02117DE483}
2014-10-12 20:24 - 2014-10-12 20:24 - 20185766 _____ () C:\Users\Dominic\Desktop\Sommerblume.zip
2014-10-11 15:46 - 2014-10-12 20:31 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\Probit Software
2014-10-11 15:45 - 2014-10-16 10:58 - 00001708 _____ () C:\Windows\Tasks\ASFVTNV.job
2014-10-11 15:45 - 2014-10-16 10:58 - 00001356 _____ () C:\Windows\Tasks\NWN.job
2014-10-11 15:45 - 2014-10-11 15:50 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-10-11 15:45 - 2014-10-11 15:45 - 00004710 _____ () C:\Windows\System32\Tasks\ASFVTNV
2014-10-11 15:45 - 2014-10-11 15:45 - 00004364 _____ () C:\Windows\System32\Tasks\NWN
2014-10-11 15:45 - 2014-10-11 15:45 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-10-11 15:45 - 2014-10-11 15:45 - 00000000 ____D () C:\Program Files (x86)\Easy Speed Check
2014-10-11 15:44 - 2014-10-12 20:31 - 00000000 ____D () C:\Program Files (x86)\Probit Software
2014-10-11 15:44 - 2014-10-12 16:16 - 00000000 ____D () C:\Users\Dominic\AppData\Local\StormWatch
2014-10-11 15:44 - 2014-10-11 15:44 - 00000000 ____D () C:\Users\Dominic\Desktop\Fi
2014-10-11 15:44 - 2014-10-11 15:44 - 00000000 ____D () C:\Users\Dominic\AppData\Local\Weather_Protector_LLC
2014-10-11 11:42 - 2014-10-16 23:48 - 00000000 ____D () C:\Users\Dominic\AppData\Local\Deployment
2014-10-11 11:42 - 2014-10-11 11:43 - 00000000 ____D () C:\Users\Dominic\AppData\Local\Apps\2.0
2014-10-05 22:22 - 2014-10-05 22:22 - 00000000 ____D () C:\ProgramData\374311380
2014-10-05 22:20 - 2014-10-05 22:20 - 00000000 ____D () C:\Program Files (x86)\predm
2014-10-05 19:05 - 2014-10-05 19:05 - 10122660 _____ () C:\Users\Dominic\Desktop\05 Physical Education.m4a
2014-10-05 18:59 - 2014-10-11 15:50 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-10-05 18:59 - 2014-10-06 18:59 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-10-05 18:59 - 2014-10-05 19:29 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-10-05 18:59 - 2014-10-05 18:59 - 00002812 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-10-05 18:59 - 2014-10-05 18:59 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-10-05 18:59 - 2014-10-05 18:59 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-10-05 18:58 - 2014-10-05 18:58 - 00612080 _____ (ClickMeIn Limited) C:\Users\Dominic\AppData\Local\nsd932B.tmp
2014-10-05 18:58 - 2014-10-05 18:58 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\ap_movie
2014-10-05 18:56 - 2014-10-05 18:57 - 02628432 _____ () C:\Users\Dominic\Downloads\setup_amsldo.exe
2014-10-05 18:29 - 2014-10-05 18:29 - 00000000 ____D () C:\Users\Dominic\AppData\Local\ConvertAd
2014-10-03 16:49 - 2014-10-03 16:54 - 227191371 _____ () C:\Users\Dominic\Downloads\Woven-Web-Lesson-LoRes.m4v
2014-10-03 16:14 - 2014-10-03 16:26 - 509759424 _____ () C:\Users\Dominic\Downloads\Woven Web Lesson-2.m4v
2014-10-03 15:07 - 2014-10-03 15:30 - 230031360 _____ () C:\Users\Dominic\Downloads\Woven Web Lesson-1.m4v
2014-10-03 14:53 - 2014-10-09 16:55 - 00000000 ____D () C:\Users\Dominic\Desktop\Matt Garstka
2014-10-02 23:07 - 2014-10-02 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-10-02 23:07 - 2014-10-02 23:07 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2014-10-02 23:07 - 2014-06-14 16:03 - 00260696 _____ () C:\Windows\system32\unrar64.dll
2014-10-02 23:07 - 2014-06-14 16:03 - 00218200 _____ () C:\Windows\SysWOW64\unrar.dll
2014-10-02 23:06 - 2014-10-02 23:07 - 21565204 _____ ( ) C:\Users\Dominic\Downloads\klitecodecpackstanda_17528.exe
2014-10-02 19:57 - 2014-10-02 19:58 - 15263023 _____ () C:\Users\Dominic\Downloads\Trailer - Werbung.mp4
2014-10-01 20:55 - 2014-10-05 18:28 - 00001116 _____ () C:\Users\Dominic\Desktop\Continue Live Installation.lnk
2014-10-01 20:50 - 2014-10-01 20:50 - 00000000 ____D () C:\Users\Dominic\Documents\Optimizer Pro
2014-10-01 20:46 - 2014-10-16 23:46 - 00004176 _____ () C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-6.job
2014-10-01 20:46 - 2014-10-16 11:48 - 00000000 ____D () C:\Program Files (x86)\videos+Media+Players
2014-10-01 20:46 - 2014-10-16 10:58 - 00005202 _____ () C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-11.job
2014-10-01 20:46 - 2014-10-16 10:58 - 00004512 _____ () C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-4.job
2014-10-01 20:46 - 2014-10-16 10:58 - 00003832 _____ () C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-7.job
2014-10-01 20:46 - 2014-10-16 10:58 - 00003832 _____ () C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-3.job
2014-10-01 20:46 - 2014-10-16 10:58 - 00003482 _____ () C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-1.job
2014-10-01 20:46 - 2014-10-16 10:58 - 00002464 _____ () C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-5_user.job
2014-10-01 20:46 - 2014-10-16 10:58 - 00002464 _____ () C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-5.job
2014-10-01 20:46 - 2014-10-16 10:58 - 00002128 _____ () C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-2.job
2014-10-01 20:46 - 2014-10-16 10:58 - 00001452 _____ () C:\Windows\Tasks\b76acec1-8959-4c0b-a20c-adc5995fb977.job
2014-10-01 20:46 - 2014-10-16 10:58 - 00000960 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-01 20:46 - 2014-10-15 15:50 - 00000964 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-01 20:46 - 2014-10-11 15:45 - 00003936 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-10-01 20:46 - 2014-10-11 15:45 - 00003700 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-10-01 20:46 - 2014-10-01 20:46 - 00008206 _____ () C:\Windows\System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-11
2014-10-01 20:46 - 2014-10-01 20:46 - 00007516 _____ () C:\Windows\System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-4
2014-10-01 20:46 - 2014-10-01 20:46 - 00007180 _____ () C:\Windows\System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-6
2014-10-01 20:46 - 2014-10-01 20:46 - 00006836 _____ () C:\Windows\System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-7
2014-10-01 20:46 - 2014-10-01 20:46 - 00006836 _____ () C:\Windows\System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-3
2014-10-01 20:46 - 2014-10-01 20:46 - 00006486 _____ () C:\Windows\System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-1
2014-10-01 20:46 - 2014-10-01 20:46 - 00005468 _____ () C:\Windows\System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-5
2014-10-01 20:46 - 2014-10-01 20:46 - 00005132 _____ () C:\Windows\System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-2
2014-10-01 20:46 - 2014-10-01 20:46 - 00004456 _____ () C:\Windows\System32\Tasks\b76acec1-8959-4c0b-a20c-adc5995fb977
2014-10-01 20:46 - 2014-10-01 20:46 - 00000000 ____D () C:\Users\Dominic\AppData\Local\globalUpdate
2014-10-01 20:46 - 2014-10-01 20:46 - 00000000 ____D () C:\Users\Dominic\AppData\Local\com
2014-10-01 20:46 - 2014-10-01 20:46 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-01 20:45 - 2014-10-01 20:45 - 01393224 _____ () C:\Users\Dominic\Downloads\Setup.exe
2014-10-01 20:45 - 2014-10-01 20:45 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\VOPackage
2014-09-29 16:27 - 2014-09-29 16:27 - 00000000 ____D () C:\Users\Dominic\Desktop\Free Loop
2014-09-29 16:15 - 2014-09-29 16:15 - 00000000 ____D () C:\Users\Dominic\Downloads\Free Loop
2014-09-22 15:08 - 2014-09-22 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-09-21 18:41 - 2014-09-21 18:07 - 29055820 _____ () C:\Users\Dominic\Desktop\Groove Me Solostelle + Ende.wav
2014-09-21 17:59 - 2014-09-25 22:00 - 00000000 ____D () C:\ProgramData\Skype
2014-09-21 17:59 - 2014-09-25 21:55 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\Skype
2014-09-21 17:59 - 2014-09-21 17:59 - 00000000 ____D () C:\Users\Dominic\AppData\Local\Skype
2014-09-21 17:58 - 2014-09-21 17:58 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\TuneUp Software
2014-09-21 17:58 - 2014-09-21 17:58 - 00000000 ____D () C:\Users\Dominic\AppData\Local\TuneUp Software
2014-09-21 17:57 - 2014-09-22 14:40 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-09-21 17:57 - 2014-09-21 17:57 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-21 17:57 - 2014-09-21 17:57 - 00000000 ____D () C:\Users\Dominic\AppData\Local\Smartbar
2014-09-21 17:57 - 2014-09-21 17:57 - 00000000 ____D () C:\Users\Dominic\AppData\Local\LPT
2014-09-21 17:56 - 2014-09-21 17:58 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\RHEng
2014-09-21 17:56 - 2014-09-21 17:56 - 00001465 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-09-21 17:56 - 2014-09-21 17:56 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\OpenCandy
2014-09-21 17:56 - 2014-09-21 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-21 17:56 - 2014-09-21 17:56 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-21 17:55 - 2014-09-21 17:56 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\DVDVideoSoft
2014-09-21 17:54 - 2014-09-21 17:54 - 30229480 _____ (DVDVideoSoft Ltd. ) C:\Users\Dominic\Downloads\FreeAudioConverter.exe
2014-09-21 17:51 - 2014-09-21 17:51 - 09636928 _____ () C:\Users\Dominic\Downloads\reaper473_x64-install.exe
2014-09-18 19:17 - 2014-09-18 19:17 - 00000000 ____D () C:\Users\Dominic\Desktop\Steckermeier
2014-09-18 19:15 - 2014-09-18 19:16 - 23205935 _____ () C:\Users\Dominic\Downloads\order.zip
2014-09-17 23:02 - 2014-09-17 23:02 - 00000916 _____ () C:\Users\Dominic\Desktop\Titelsong-Deutsch.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-16 23:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-16 18:07 - 2014-07-30 14:36 - 02041834 _____ () C:\Windows\WindowsUpdate.log
2014-10-16 17:58 - 2014-03-18 20:50 - 00001156 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 11:07 - 2014-09-03 16:04 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3570546844-1593422857-3585846590-1001
2014-10-16 10:59 - 2014-09-03 22:26 - 00000000 ___RD () C:\Users\Dominic\Google Drive
2014-10-16 10:58 - 2014-09-03 16:18 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-16 10:58 - 2014-09-03 16:01 - 00000000 ___DO () C:\Users\Dominic\OneDrive
2014-10-16 10:58 - 2014-03-18 20:50 - 00001152 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-15 23:05 - 2014-09-03 16:02 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9F978EA7-7ADD-40F6-9608-3F1E328CC719}
2014-10-15 15:43 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-10-14 15:12 - 2014-09-03 16:09 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-14 15:12 - 2014-09-03 16:06 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-14 15:12 - 2014-09-03 16:06 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-12 10:57 - 2014-03-18 19:09 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-12 10:57 - 2013-08-28 11:59 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-10-12 10:57 - 2013-08-28 11:59 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-10-12 10:53 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-11 15:50 - 2014-03-19 02:57 - 00148286 _____ () C:\Windows\PFRO.log
2014-10-11 15:49 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-10-09 21:47 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-25 22:02 - 2014-09-03 22:33 - 00000000 ___RD () C:\Users\Dominic\Desktop\Sonstige Verknüpfungen
2014-09-25 21:59 - 2014-09-04 16:23 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-09-24 16:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-24 15:34 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-24 14:24 - 2013-08-22 16:44 - 00338216 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-23 13:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-23 13:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-23 13:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-23 13:53 - 2013-08-22 21:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-23 13:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-23 13:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-23 13:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-23 13:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-23 13:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-23 13:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-21 19:01 - 2014-09-03 15:58 - 00000000 ____D () C:\Users\Dominic\AppData\Local\VirtualStore
2014-09-21 18:06 - 2014-09-03 16:51 - 00000000 ____D () C:\Users\Dominic\Documents\REAPER Media
2014-09-21 18:05 - 2014-09-03 16:50 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\REAPER
2014-09-21 17:51 - 2014-09-03 16:49 - 00000851 _____ () C:\Users\Public\Desktop\REAPER (x64).lnk
2014-09-21 17:51 - 2014-09-03 16:49 - 00000000 ____D () C:\Program Files\REAPER (x64)
2014-09-16 15:30 - 2014-09-03 19:37 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\Apple Computer
2014-09-16 15:29 - 2014-09-03 19:37 - 00000000 ____D () C:\Users\Dominic\AppData\Local\Apple Computer
Some content of TEMP:
====================
C:\Users\Dominic\AppData\Local\Temp\55su2zv2.dll
C:\Users\Dominic\AppData\Local\Temp\ACLE18.dll
C:\Users\Dominic\AppData\Local\Temp\avgnt.exe
C:\Users\Dominic\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Dominic\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Dominic\AppData\Local\Temp\OnlineBackup.exe
C:\Users\Dominic\AppData\Local\Temp\pmIB3.exe
C:\Users\Dominic\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Dominic\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Dominic\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Dominic\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Dominic\AppData\Local\Temp\vhpE7.dll
C:\Users\Dominic\AppData\Local\Temp\vhpE7.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-11 12:01
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014
Ran by Dominic at 2014-10-16 23:51:08
Running from C:\Users\Dominic\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
AMD Accelerated Video Transcoding (Version: 13.30.100.40404 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0404.1912.32634 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{F9626784-9EDD-32B3-3888-5A840B88DF23}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0404.1912.32634 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0404.1912.32634 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2014.0404.1912.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0404.1911.32634 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0404.1912.32634 - Advanced Micro Devices, Inc.) Hidden
ConvertAd (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1321 - CyberLink Corp.)
CyberLink MediaStory (x32 Version: 1.0.1321 - CyberLink Corp.) Hidden
DTS Sound (HKLM-x32\...\{5B54DDC3-0ACC-4722-9C23-C3F07AF4825D}) (Version: 1.01.6600 - DTS, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Free Audio Converter version 5.0.47.906 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.47.906 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.08.0000.1031 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.6.0.0128 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.9.0.1001 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{96C730E4-F055-4118-BDF3-6E071763853C}) (Version: 3.0.1342.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eff1d9d1-41fa-49ef-a986-082bfe49c293}) (Version: 16.8.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.7.0.0297 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
K-Lite Codec Pack 10.6.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{61A09A66-D7E6-22EF-AF75-16D83ADE30E3}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7173 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
StormWatch (HKCU\...\StormWatch) (Version: 1.0.1.27 - StormWatch)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.3.6 - Synaptics Incorporated)
Torchlight II (HKLM-x32\...\{55F7D521-17CA-454D-9D4D-975EF2E10708}_is1) (Version: - White Rabbit Interactive)
TOSHIBA Blu-ray Disc Player (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 2.1.2.1 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.02.6402 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{DF800E02-DCC0-424B-A126-5AE2E07B3DD4}) (Version: 1.2.2.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.6.02.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 4.06.000 - Toshiba Corporation)
TOSHIBA Password Utility (x32 Version: 4.06.000 - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 3.01.01.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.03.55065007 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.1 - Toshiba Europe GmbH)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
videos+Media+Players (HKLM-x32\...\videos+Media+Players) (Version: 1.35.9.29 - enter) <==== ATTENTION
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25 - WildTangent) Hidden
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
WinMend Folder Hidden 1.5.1 (HKLM-x32\...\WinMend Folder Hidden_is1) (Version: - WinMend.com)
Yahoo Community Smartbar (HKLM-x32\...\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {054BCBB3-1054-4733-A8C6-B8FA3073DB24} - System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-2 => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-2.exe [2014-10-01] (enter) <==== ATTENTION
Task: {065FF797-6F8C-444E-A111-2382F1F30BB7} - System32\Tasks\b76acec1-8959-4c0b-a20c-adc5995fb977 => C:\Program Files (x86)\videos+Media+Players\b76acec1-8959-4c0b-a20c-adc5995fb977.exe [2014-10-01] (enter) <==== ATTENTION
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0EF0429A-2046-4FBC-A2CB-4C2E2470E5A6} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {165CB7C9-BC89-4362-8991-37AD27F77C49} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-12-24] (Toshiba Europe GmbH)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {209ADA62-6711-409B-AC0F-3CA8D3A8D4F1} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)
Task: {229656CA-8B60-4FDD-9349-7F9131A1399E} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-11] (globalUpdate) <==== ATTENTION
Task: {24012888-364D-4DA3-B7FA-6C4D4A79CEB1} - System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-5_user => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-5.exe [2014-10-01] (enter) <==== ATTENTION
Task: {2433194C-2379-43DE-85F7-A908DD053DFF} - System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-5 => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-5.exe [2014-10-01] (enter) <==== ATTENTION
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2D8F863A-64B7-4651-A917-9A639484C359} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-09-12] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {39095A1C-B328-4D5E-ABD9-2A6E7F5A8B90} - System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-6 => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-6.exe
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {478DB1D0-85BA-4565-B5E0-FB483A0287F9} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4F96D608-34D9-4CCD-81C9-E7B6B0A46701} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-11] (globalUpdate) <==== ATTENTION
Task: {538C513F-2B56-4316-BD31-1B8A64AB35EC} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {5A80DC55-9C43-4508-8C49-7BBC44FF2DB2} - System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-4 => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-4.exe
Task: {5AF53F07-F8BE-4ADC-847B-CBCCEBC304FE} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {5B613E0F-1654-436F-8483-50746659C2DD} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {5EA1AF28-6C5F-44D2-AE35-A4A5562421F1} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {62FBBAA9-8695-4F58-9779-33F20F81593B} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\JustCloud\Signup Wizard.exe
Task: {684FBD5D-1050-4E08-B42F-769BC0A0AF64} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {944B0AC3-1338-4997-94E5-E8E0461F9C11} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-18] (Google Inc.)
Task: {9F2F5767-BD41-4CD7-BC63-2EAF31CC0FA6} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-11-09] (TOSHIBA Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B925BBD6-A10E-483E-BEF6-BCF1BCF3DE3D} - System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-11 => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-11.exe
Task: {BD342E33-883F-4479-93C2-423ED0C5F28C} - System32\Tasks\ASFVTNV => C:\Users\Dominic\AppData\Roaming\ASFVTNV.exe <==== ATTENTION
Task: {BEF41D0F-091A-4986-8963-960DB06D188F} - System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-3 => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-3.exe
Task: {CA44C527-D60C-4F9A-976F-E7A4F993CE0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-18] (Google Inc.)
Task: {CA82E62A-0742-4B36-98F5-56CB331ADD86} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-20] (Realtek Semiconductor)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E4E8B81A-6984-4C77-B9B3-A936F7D9F68B} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {ED1A4BFE-3B1C-40AC-B672-F95915080618} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {ED9F7F66-001E-4075-A3B9-C918E58C8006} - System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-7 => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-7.exe
Task: {F171B7E5-8A97-4C18-9761-052D891D995C} - System32\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-1 => C:\Program Files (x86)\videos+Media+Players\videos+Media+Players-codedownloader.exe [2014-10-01] (enter) <==== ATTENTION
Task: {F2F16A80-0908-4ECE-A4D5-97BC2CBD9E48} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {F3D96C0E-3AE9-442C-BBD2-E61EBCFBA1DE} - System32\Tasks\NWN => C:\Users\Dominic\AppData\Roaming\NWN.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\ASFVTNV.job => C:\Users\Dominic\AppData\Roaming\ASFVTNV.exe <==== ATTENTION
Task: C:\Windows\Tasks\b76acec1-8959-4c0b-a20c-adc5995fb977.job => C:\Program Files (x86)\videos+Media+Players\b76acec1-8959-4c0b-a20c-adc5995fb977.exe
Task: C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-1.job => C:\Program Files (x86)\videos+Media+Players\videos+Media+Players-codedownloader.exe
Task: C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-11.job => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-11.exe
Task: C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-2.job => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-2.exe
Task: C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-3.job => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-3.exe
Task: C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-4.job => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-4.exe
Task: C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-5.job => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-5.exe
Task: C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-5_user.job => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-5.exe
Task: C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-6.job => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-6.exe
Task: C:\Windows\Tasks\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-7.job => C:\Program Files (x86)\videos+Media+Players\e3dd4c80-5381-4170-b2b3-7749e4bfa4f1-7.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\NWN.job => C:\Users\Dominic\AppData\Roaming\NWN.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-03-27 21:53 - 2013-03-27 21:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2014-03-17 23:25 - 2014-03-17 23:25 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2014-10-01 20:45 - 2014-10-01 20:45 - 00071680 _____ () C:\Users\Dominic\AppData\Roaming\VOPackage\VOsrv.exe
2014-02-27 22:31 - 2014-02-27 22:31 - 00013312 _____ () C:\Windows\SysWOW64\SMITSC.exe
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-01 23:24 - 2013-08-01 23:24 - 00438112 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2014-10-05 17:42 - 2014-10-05 17:42 - 02072576 _____ () C:\Users\Dominic\AppData\Local\ConvertAd\ConvertAd.exe
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-28 05:00 - 2014-08-28 05:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-28 05:00 - 2014-08-28 05:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-07-30 14:31 - 2013-12-10 00:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-16 10:58 - 2014-10-16 10:58 - 00098816 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32api.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00110080 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\pywintypes27.dll
2014-10-16 10:58 - 2014-10-16 10:58 - 00364544 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\pythoncom27.dll
2014-10-16 10:58 - 2014-10-16 10:58 - 00045568 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\_socket.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 01160704 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\_ssl.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00320512 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32com.shell.shell.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00713216 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\_hashlib.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 01175040 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\wx._core_.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00805888 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\wx._gdi_.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00811008 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\wx._windows_.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 01062400 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\wx._controls_.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00735232 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\wx._misc_.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00128512 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\_elementtree.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00127488 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\pyexpat.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00557056 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\pysqlite2._sqlite.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00007168 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\hashobjs_ext.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00087552 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\_ctypes.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00119808 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32file.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00108544 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32security.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00018432 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32event.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00038912 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32inet.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00070656 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\wx._html2.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00167936 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32gui.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00011264 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32crypt.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00027136 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\_multiprocessing.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00686080 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\unicodedata.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00122368 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\wx._wizard.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00010240 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\select.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00024064 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32pipe.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00025600 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32pdh.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00525640 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\windows._lib_cacheinvalidation.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00035840 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32process.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00017408 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32profile.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00022528 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\win32ts.pyd
2014-10-16 10:58 - 2014-10-16 10:58 - 00078336 _____ () C:\Users\Dominic\AppData\Local\Temp\_MEI34762\wx._animate.pyd
2014-09-03 16:07 - 2014-08-28 05:00 - 00052472 _____ () C:\Users\Dominic\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-09-25 17:00 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 17:00 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 17:00 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 17:00 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 17:00 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Dominic:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\Users\Dominic\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Dominic\Cookies:gs5sys
AlternateDataStreams: C:\Users\Dominic\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\Dominic\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Dominic\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Dominic\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Dominic\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Dominic\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Dominic\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Dominic\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\Dominic\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3570546844-1593422857-3585846590-500 - Administrator - Disabled)
Dominic (S-1-5-21-3570546844-1593422857-3585846590-1001 - Administrator - Enabled) => C:\Users\Dominic
Gast (S-1-5-21-3570546844-1593422857-3585846590-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/16/2014 06:08:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1250
Error: (10/16/2014 06:08:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1250
Error: (10/16/2014 06:08:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/16/2014 05:11:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7360
Error: (10/16/2014 05:11:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7360
Error: (10/16/2014 05:11:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/16/2014 05:11:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6141
Error: (10/16/2014 05:11:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6141
Error: (10/16/2014 05:11:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/16/2014 05:11:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4891
System errors:
=============
Error: (10/12/2014 08:34:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Computer Backup (JustCloud)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/12/2014 10:52:50 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841122688
Error: (10/12/2014 10:53:30 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 11.10.2014 um 15:50:50 unerwartet heruntergefahren.
Error: (10/11/2014 03:49:44 PM) (Source: DCOM) (EventID: 10010) (User: CINIMOD)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (10/11/2014 03:49:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Multimediaklassenplaner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/11/2014 03:49:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Multimediaklassenplaner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/11/2014 03:49:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Multimediaklassenplaner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/11/2014 03:49:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Multimediaklassenplaner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/11/2014 03:49:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Multimediaklassenplaner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/11/2014 03:49:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Multimediaklassenplaner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (10/16/2014 06:08:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1250
Error: (10/16/2014 06:08:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1250
Error: (10/16/2014 06:08:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/16/2014 05:11:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7360
Error: (10/16/2014 05:11:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7360
Error: (10/16/2014 05:11:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/16/2014 05:11:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6141
Error: (10/16/2014 05:11:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6141
Error: (10/16/2014 05:11:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/16/2014 05:11:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4891
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 34%
Total physical RAM: 8102.87 MB
Available physical RAM: 5328.89 MB
Total Pagefile: 9382.87 MB
Available Pagefile: 6108.35 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (TI31303200C) (Fixed) (Total:918.54 GB) (Free:831.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================ So hoffentlich passt das so. |