| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Adware.SpeedingUp Virus Werbebanner FirefoxWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
08.04.2015, 23:15
| #1 |
 |  Adware.SpeedingUp Virus Werbebanner Firefox Hallo lieber Trojaner-Boarder, das hier ist der dritte Anlauf diesen Thread zu eröffnen, wenn ich nun wieder alles umsonst tippe und kopiere wird auch meine sehr ergiebige Geduld langsam knapp.  Vorneweg, ich habe wenig bis keine Erfahrung/Ahnung mit/von logfiles und deren Auswertung, von daher bitte ich bei Hilfen/Anweisungen auf sehr detaillierte und einfach nachvillziehbare Schritte. Mich plagt ein Virus, welches bei jedem 2. Klick ein Werbefenster in einem extra tab öffnet. Diese schließen sich nach ein paar sekunden meist wieder (vermute wegen meinem aktiven AdBlockerPlus), in der Adresszeile kann ich meist "adserv" oder "axonan" erhaschen. Gelegentlich greift auch mein Avast ein und findet Bedrohungen auf diesen Seiten, weswegen ich momentan am Pc nichts mehr im Netz mache außer hier hoffentlich Hilfe zu bekommen. Zu Anfang habe ich die Schwere der Infektion nicht erkannt, habe lediglich begonnen mir unbekannte und neu aus dem nichts installierte Programme (war sowas wie SystemProBoost Pimp up) über die Systemsteuerung gelöscht. Die popups haben aber nicht aufgehört, im Gegenteil, sie wurden eher mehr. Firefox zurücksetzen brachte keinen Effekt. In anbrechender Verzweiflung habe ich dann einen "Reparierer" namens Reimage heruntergeladen, der nach seinem Scan bezahlt werden wollte, bevor er die Probleme löst. War echt hartnäckig und wollte sich nicht so einfach deinstallieren lassen. Immerhin hat er mir gezeigt, dass mein schädlichster Virus im System ein "Variant of Adware.SpeedingUp" sei. Über dieses Virus gab es wohl schon einige Threads hier, deswegen hoffe ich auf sichere Abhilfe. Hier, was die Befolgung der ersten Schritte ergeben hat: defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:48 on 08/04/2015 (User)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by User (administrator) on USER-PC on 08-04-2015 22:50:17
Running from C:\Users\User\Downloads
Loaded Profiles: User (Available profiles: User)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
() C:\ProgramData\eazyzoom\1.1.0.30\jhrywac.exe
() C:\ProgramData\eazyzoom\1.1.0.30\jhryaac.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(PC Utilities Software Limited) C:\ProgramData\{559aac06-3e54-c069-559a-aac063e5b018}\hqghumeaylnlf.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\ProgramData\eazyzoom\1.1.0.30\jhry6ac.exe
() C:\ProgramData\eazyzoom\1.1.0.30\jhry3ac.exe
() C:\ProgramData\eazyzoom\1.1.0.30\jhrydac.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) D:\Programme\firefox.exe
(Mozilla Corporation) D:\Programme\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(GameRanger Technologies) C:\Users\User\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\Users\User\Downloads\Defogger.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775072 2010-04-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-04-23] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2101032 2010-05-03] (Synaptics Incorporated)
HKLM\...\Run: [SynBtnAsst] => C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe [54568 2010-05-03] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [776608 2009-12-19] (Lenovo)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4448704 2010-03-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056832 2010-03-11] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [6868280 2012-05-21] (Logitech Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [336384 2009-12-28] (Lenovo)
HKLM-x32\...\Run: [Lenovo SlideNav2] => C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe [318400 2009-12-30] (Lenovo)
HKLM-x32\...\Run: [Lenovo SplitScreen] => C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe [778592 2010-04-01] (Lenovo)
HKLM-x32\...\Run: [UCam_Menu] => c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] => c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167008 2010-02-04] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [3122528 2012-05-11] (Lenovo)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-10-11] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-09] (AVAST Software)
HKU\S-1-5-21-1326109875-696039885-1899394854-1000\...\Run: [Spotify Web Helper] => C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-27] (Spotify Ltd)
HKU\S-1-5-21-1326109875-696039885-1899394854-1000\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-30] (Google Inc.)
HKU\S-1-5-21-1326109875-696039885-1899394854-1000\...\Run: [DriverUpdaterPro] => C:\Program Files (x86)\oTweak\DriverUpdaterPro\DriverUpdaterPro.exe /ot /as /ss
HKU\S-1-5-21-1326109875-696039885-1899394854-1000\...\MountPoints2: {aa66b0b6-9b5a-11e1-bad3-18f46afcfaa0} - E:\CD_Start.exe
HKU\S-1-5-21-1326109875-696039885-1899394854-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [WLStart] => C:\Program Files (x86)\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{559aac06-3e54-c069-559a-aac063e5b018}\hqghumeaylnlf.exe (PC Utilities Software Limited)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
CHR HKU\S-1-5-21-1326109875-696039885-1899394854-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:58755;https=127.0.0.1:58755
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKU\S-1-5-21-1326109875-696039885-1899394854-1000\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKU\S-1-5-21-1326109875-696039885-1899394854-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1326109875-696039885-1899394854-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1326109875-696039885-1899394854-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
URLSearchHook: HKLM-x32 - (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File
URLSearchHook: HKU\S-1-5-21-1326109875-696039885-1899394854-1000 - (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1326109875-696039885-1899394854-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1326109875-696039885-1899394854-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3315513&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPDE6A0F4E-9DE7-4DCD-80F8-063D44DE57A8&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1326109875-696039885-1899394854-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1326109875-696039885-1899394854-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-09-08] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: No Name -> {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-09-08] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-02] (Oracle Corporation)
BHO-x32: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - No Name - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-1326109875-696039885-1899394854-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rfo4snbm.default-1428334381312
FF DefaultSearchUrl: https://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @microsoft.com/GENUINE -> C:\windows\system32\Wat\npWatWeb.dll [2012-06-10] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.4.0 -> C:\windows\SysWOW64\npDeployJava1.dll [2012-05-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\windows\system32\Wat\npWatWeb.dll [2012-06-10] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Extension: EazyZoom - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rfo4snbm.default-1428334381312\Extensions\ka@thsic.com [2015-04-08]
FF Extension: WEB.DE MailCheck - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rfo4snbm.default-1428334381312\Extensions\toolbar@web.de [2015-04-07]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rfo4snbm.default-1428334381312\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-05-28]
FF HKU\S-1-5-21-1326109875-696039885-1899394854-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-20]
StartMenuInternet: FIREFOX.EXE - D:\Programme\firefox.exe
Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> google.de_
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-20]
CHR Extension: (Quick start) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-22]
CHR HKU\S-1-5-21-1326109875-696039885-1899394854-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\User\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-07-05]
CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\User\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-07-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
Locked "isazpav" service could not be unlocked. <===== ATTENTION
Locked "jimshle" service could not be unlocked. <===== ATTENTION
Locked "tammgF119" service could not be unlocked. <===== ATTENTION
Locked "tammgR119" service could not be unlocked. <===== ATTENTION
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-08-20] (Anvisoft)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-08] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-09-08] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [873248 2010-01-12] (Broadcom Corporation.)
S4 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-10-11] (Comodo Security Solutions, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-10-11] (Comodo Security Solutions, Inc.)
S3 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-15] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [575304 2009-11-17] (Lenovo Group Limited)
S3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
S2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-15] (Lenovo Group Limited)
R2 Slidebar Notifier Service; C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [69568 2009-12-30] (Lenovo)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-08] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-08] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-09-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-08] ()
R3 ATIAVPCI; C:\Windows\System32\DRIVERS\atinavrr.sys [1383680 2009-07-16] (ATI Technologies Inc.)
S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-16] (Lenovo)
S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-09-03] (Windows (R) Win 7 DDK provider) [File not signed]
R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17904 2010-02-05] (JMicron Technology Corp.)
R3 JmUsbVideo; C:\Windows\System32\Drivers\jmcam.sys [56688 2010-02-05] (JMicron Technology Corp.)
R3 JmUsbVideo2; C:\Windows\System32\Drivers\jmcam_lo.sys [31088 2010-02-05] (JMicron Technology Corp.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66328 2012-02-07] (Logitech Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [File not signed]
R5 tammgF119; C:\Windows\System32\Drivers\tammgF119.sys [26760 2015-04-06] () [File not signed]
R5 tammgR119; C:\Windows\System32\Drivers\tammgR119.sys [26248 2015-04-06] () [File not signed]
R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11280 2009-07-16] (Lenovo)
U3 BcmSqlStartupSvc; No ImagePath
R3 cpuz134; \??\C:\Users\User\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
U2 RichVideo; No ImagePath
U3 SQLWriter; No ImagePath
S3 uxddrv; \??\E:\DIAGNOSE\WSTGER64\2PART\uxddrv64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-08 22:50 - 2015-04-08 22:50 - 00025988 _____ () C:\Users\User\Downloads\FRST.txt
2015-04-08 22:50 - 2015-04-08 22:50 - 00000000 ____D () C:\FRST
2015-04-08 22:49 - 2015-04-08 22:49 - 02095616 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-04-08 22:48 - 2015-04-08 22:48 - 00000470 _____ () C:\Users\User\Downloads\defogger_disable.log
2015-04-08 22:48 - 2015-04-08 22:48 - 00000000 _____ () C:\Users\User\defogger_reenable
2015-04-08 22:47 - 2015-04-08 22:47 - 00050477 _____ () C:\Users\User\Downloads\Defogger.exe
2015-04-08 22:16 - 2015-04-08 22:39 - 00000000 ____D () C:\Program Files\Reimage
2015-04-08 22:14 - 2015-04-08 22:18 - 00000158 _____ () C:\windows\Reimage.ini
2015-04-08 22:14 - 2015-04-08 22:14 - 00768512 _____ (Reimage®) C:\Users\User\Downloads\ReimageRepair.exe
2015-04-08 14:52 - 2015-04-08 14:52 - 00003202 _____ () C:\windows\System32\Tasks\avastBCLRestartS-1-5-21-1326109875-696039885-1899394854-1000
2015-04-07 16:20 - 2015-04-07 16:20 - 02876419 _____ () C:\windows\shost.bin
2015-04-06 17:33 - 2015-04-06 17:33 - 00000000 ____D () C:\Users\User\Desktop\Alte Firefox-Daten
2015-04-06 17:02 - 2015-04-06 17:02 - 00011076 _____ () C:\Users\User\Downloads\7C54E162B7FD6F2397B5500A18A326FF76ABD07B.torrent
2015-04-06 16:30 - 2015-04-06 16:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\Opera Software
2015-04-06 16:30 - 2015-04-06 16:31 - 00000000 ____D () C:\Users\User\AppData\Local\Opera Software
2015-04-06 16:25 - 2015-04-06 16:31 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-06 16:23 - 2015-04-06 16:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\00000000-1428330225-0000-0000-000000000000
2015-04-06 16:20 - 2015-04-06 16:20 - 00026760 _____ () C:\windows\system32\Drivers\tammgF119.sys
2015-04-06 16:20 - 2015-04-06 16:20 - 00026248 _____ () C:\windows\system32\Drivers\tammgR119.sys
2015-04-06 16:20 - 2015-04-06 16:20 - 00000000 ____D () C:\ProgramData\eazyzoom
2015-04-06 16:16 - 2015-04-06 16:16 - 01537552 _____ (Dummy, Ltd.) C:\Users\User\Downloads\warhammer chaos army book_10924_i50052832_il345.exe
2015-04-04 13:15 - 2015-04-04 13:16 - 00000000 ___SD () C:\windows\system32\GWX
2015-04-04 13:15 - 2015-04-04 13:15 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-04-03 12:41 - 2015-04-07 10:36 - 00001996 _____ () C:\windows\PFRO.log
2015-04-02 21:07 - 2015-04-02 21:07 - 00034128 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2015-04-02 20:13 - 2015-04-02 20:13 - 00000000 ____D () C:\ProgramData\482632dc000026a9
2015-04-02 20:11 - 2015-04-02 20:11 - 00000000 ____D () C:\Users\User\Documents\Optimizer Pro
2015-04-02 20:10 - 2015-04-02 20:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\dlg
2015-04-02 20:05 - 2015-04-08 21:52 - 00000000 ____D () C:\ProgramData\{559aac06-3e54-c069-559a-aac063e5b018}
2015-04-02 20:05 - 2015-04-02 21:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Steganos VPN
2015-04-02 20:04 - 2015-04-02 21:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\Steganos
2015-04-02 20:04 - 2015-04-02 21:22 - 00000000 ____D () C:\Program Files (x86)\OkayFreedom
2015-04-02 20:03 - 2015-04-02 20:03 - 00000000 ____D () C:\Program Files (x86)\WEB.DE MailCheck
2015-03-31 17:16 - 2015-03-31 17:25 - 146348556 _____ () C:\Users\User\Downloads\Cult Classic Records - Cult Classic Records Present- Friends and Family.zip
2015-03-30 16:05 - 2015-03-30 16:08 - 00000000 ____D () C:\Users\User\Desktop\ebay
2015-03-26 14:43 - 2015-04-08 21:49 - 00002029 _____ () C:\windows\setupact.log
2015-03-26 14:43 - 2015-03-26 14:43 - 00000000 _____ () C:\windows\setuperr.log
2015-03-18 21:50 - 2015-03-18 23:32 - 00016384 _____ () C:\Users\User\Desktop\PrinceKoala.mp4.sfk
2015-03-12 12:59 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-12 12:59 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-12 12:59 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-12 12:59 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-12 12:59 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-03-12 12:59 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-12 12:59 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-03-12 12:59 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-03-12 12:59 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-12 12:59 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-11 18:29 - 2015-03-11 18:33 - 132569976 _____ () C:\Users\User\Downloads\WHTW.zip
2015-03-11 16:41 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-11 16:41 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-11 16:41 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-11 16:41 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-11 16:41 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2015-03-11 16:41 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2015-03-11 16:40 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-11 16:40 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-03-11 16:40 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-11 16:40 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-03-11 16:40 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-11 16:40 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-11 16:40 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-11 16:40 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-11 16:40 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-11 16:40 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-11 16:40 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-11 16:40 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-11 16:40 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-11 16:40 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-11 16:40 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-11 16:40 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-11 16:40 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-11 16:40 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-11 16:40 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-11 16:40 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-11 16:40 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-11 16:40 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-03-11 16:40 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-03-11 16:40 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-03-11 16:40 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-03-11 16:40 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-03-11 16:40 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-03-11 16:40 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-03-11 16:40 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-03-11 16:40 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-03-11 16:40 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-03-11 16:40 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-11 16:40 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-11 16:40 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-11 16:40 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-03-11 16:39 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-11 16:39 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-11 16:39 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-11 16:39 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-11 16:39 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-11 16:39 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-11 16:39 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-11 16:39 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-11 16:39 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-11 16:39 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-11 16:39 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-11 16:39 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-11 16:39 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-11 16:39 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-11 16:39 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-11 16:39 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-11 16:39 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-11 16:39 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-11 16:39 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-03-11 16:39 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-03-11 16:39 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-11 16:39 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-03-11 16:39 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-03-11 16:39 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-03-11 16:39 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-03-11 16:39 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-03-11 16:39 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-03-11 16:39 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-03-11 16:39 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-03-11 16:39 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-03-11 16:39 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-03-11 16:39 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-11 16:39 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-11 16:39 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-11 16:39 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-11 16:39 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-11 16:39 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-11 16:39 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-11 16:39 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-11 16:39 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-11 16:39 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-11 16:39 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-11 16:39 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-11 16:39 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-11 16:39 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-11 16:39 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-11 16:39 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-11 16:39 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-11 16:39 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-11 16:39 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-11 16:39 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-11 16:39 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-11 16:39 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-11 16:39 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-11 16:39 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-11 16:39 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-11 16:39 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-11 16:39 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-11 16:39 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 16:39 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-11 16:39 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-11 16:39 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-11 16:39 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-03-11 16:39 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-03-11 16:39 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-11 16:39 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-11 16:39 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-11 16:39 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-11 16:39 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-03-11 16:39 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-03-11 16:39 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-03-11 16:39 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-11 16:39 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-11 16:39 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-11 16:39 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-11 16:39 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-11 16:39 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 16:39 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-11 16:39 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-11 16:39 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-11 16:39 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-11 16:39 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-11 16:39 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-03-11 16:39 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-11 16:39 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-11 16:39 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-11 16:39 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-11 16:39 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-03-11 16:39 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-11 16:39 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-11 16:39 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-11 16:39 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-03-11 16:39 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-11 16:39 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-11 16:39 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-11 16:39 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-03-11 16:39 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-11 16:39 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-11 16:39 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-03-10 23:04 - 2015-03-10 23:04 - 02364621 _____ () C:\Users\User\Desktop\taowlogobase.xcf
2015-03-10 12:58 - 2015-03-10 13:33 - 00000000 ____D () C:\Users\User\Desktop\maxworx
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-08 22:48 - 2013-06-17 20:53 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-08 22:43 - 2012-05-15 15:28 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2015-04-08 22:40 - 2012-08-15 21:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2015-04-08 22:28 - 2012-07-04 00:41 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-04-08 22:09 - 2012-05-28 03:13 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-08 22:04 - 2012-05-28 03:13 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-04-08 22:03 - 2012-05-28 03:13 - 00778928 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-08 22:03 - 2012-05-16 17:56 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-08 21:58 - 2012-05-11 10:27 - 01094898 _____ () C:\windows\WindowsUpdate.log
2015-04-08 21:56 - 2009-07-14 06:45 - 00027088 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-08 21:56 - 2009-07-14 06:45 - 00027088 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-08 21:52 - 2012-05-11 11:14 - 00000000 ____D () C:\ProgramData\VeriFace
2015-04-08 21:51 - 2013-06-17 20:53 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-08 21:50 - 2012-05-11 11:20 - 09637823 _____ () C:\FaceProv.log
2015-04-08 21:50 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-07 19:15 - 2012-05-15 15:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2015-04-06 17:11 - 2012-10-03 12:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent
2015-04-06 17:02 - 2012-05-27 11:06 - 00000000 ____D () C:\Users\User\Desktop\Games
2015-04-06 17:01 - 2012-05-15 15:28 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2015-04-06 16:31 - 2012-05-11 12:33 - 00001421 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-06 16:06 - 2012-12-24 12:06 - 00000000 ____D () C:\Users\User\Documents\My Games
2015-04-06 14:26 - 2012-05-11 18:11 - 00699682 _____ () C:\windows\system32\perfh007.dat
2015-04-06 14:26 - 2012-05-11 18:11 - 00149790 _____ () C:\windows\system32\perfc007.dat
2015-04-06 14:26 - 2009-07-14 07:13 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-05 13:05 - 2012-05-15 15:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-03 12:42 - 2009-07-14 06:45 - 00293528 _____ () C:\windows\system32\FNTCACHE.DAT
2015-04-03 01:52 - 2012-05-11 12:33 - 00068376 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-02 21:20 - 2015-03-03 00:49 - 00000000 ____D () C:\Users\User\Desktop\GiMP stuff
2015-04-02 21:07 - 2013-11-30 19:25 - 00000000 ____D () C:\Users\User\AppData\Local\gtk-2.0
2015-04-02 21:07 - 2013-11-30 19:16 - 00000000 ____D () C:\Users\User\.gimp-2.8
2015-04-02 19:50 - 2013-12-20 20:57 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-23 17:12 - 2012-06-07 18:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\Spotify
2015-03-23 16:44 - 2012-06-07 18:21 - 00000000 ____D () C:\Users\User\AppData\Local\Spotify
2015-03-20 16:13 - 2009-07-14 07:08 - 00032640 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-03-18 21:49 - 2012-12-24 22:57 - 00000000 ____D () C:\Users\User\Documents\Vegas Movie Studio HD Platinum 11.0 Projekte
2015-03-18 13:30 - 2013-05-19 18:18 - 00000000 ____D () C:\Users\User\Desktop\alles
2015-03-14 02:46 - 2012-09-26 19:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client
2015-03-12 22:46 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2015-03-12 12:44 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2015-03-12 12:44 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\Dism
==================== Files in the root of some directories =======
2013-03-30 17:25 - 2012-10-23 11:59 - 0060816 _____ () C:\Program Files (x86)\EULA.eng
2015-04-02 21:07 - 2015-04-02 21:07 - 0034128 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2012-06-10 10:05 - 2013-10-28 22:22 - 0007595 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\optprosetup.exe
C:\Users\User\AppData\Local\Temp\ReimagePackage.exe
C:\Users\User\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\User\AppData\Local\Temp\somoto_A Charming Font_1.0.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-04 12:42
==================== End Of Log ============================
|
| Themen zu Adware.SpeedingUp Virus Werbebanner Firefox |
| adobe, adware.speedingup, antivirus, browser, defender, desktop, firefox, flash player, google, home, homepage, langsam, launch, mozilla, popups, realtek, registry, rundll, scan, security, sekunden, services.exe, software, svchost.exe, virus, werbefenster, windows |
Baum-Darstellung