Plagegeister aller Art und deren Bekämpfung: "Yahoo Community Smartbar Engine" lässt sich nicht entfernen
"Yahoo Community Smartbar Engine" lässt sich nicht entfernen Dann bitte ein frisches FRST Logfile.
"Yahoo Community Smartbar Engine" lässt sich nicht entfernenFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014 Ran by Ich (administrator) on ICH-PC on 09-09-2014 15:36:04 Running from C:\Users\Ich\Desktop Platform: Microsoft® Windows Vista™ Home Premium (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe (Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe () C:\Program Files\Acer\Acer Bio Protection\BASVC.exe (hxxp://libusb-win32.sourceforge.net) C:\Windows\System32\libusbd-nt.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE (Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [817672 2008-06-04] (Dritek System Inc.) HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3673600 2012-10-05] (Arachnoid Biometrics Identification Group Corp.) HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-02-26] (Nero AG) HKLM\...\Run: [Smart File Advisor] => C:\Program Files\Smart File Advisor\sfa.exe [280824 2011-04-04] (Filefacts.net) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.) HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation) HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [smoother] => C:\Users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe [489603 2014-08-12] () HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [404080 2014-06-12] (CyberGhost S.R.L.) HKU\S-1-5-21-3325081473-2881869368-4166051970-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: http=;ftp=;https=; HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default FF NewTab: www.google.de FF Homepage: https://www.google.de/?gfe_rd=cr&ei=NPsFVOX3HqiF8QfCtYCgDQ&gws_rd=ssl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Unblock YouTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\ich@maltegoetz.de [2014-07-23] FF Extension: YouTube Unblocker - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\youtubeunblocker@unblocker.yt [2014-07-05] FF Extension: Smoother Web - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-08-28] FF Extension: Tab Converter - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{40f3666d-0746-451b-893f-6be81e8d1e33}.xpi [2014-07-12] FF Extension: {519dc759-96fc-494f-8786-1ada2fcc4f8f} - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{519dc759-96fc-494f-8786-1ada2fcc4f8f}.xpi [2014-07-06] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-22] FF Extension: Adblock Plus - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-28] FF HKCU\...\Firefox\Extensions: [{60525b7e-56a2-4031-a4f4-35eb2c9dd4d8}] - C:\Program Files\LyriXeeker\130.xpi FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L) R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-08-19] () [File not signed] R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3521024 2012-10-05] () [File not signed] R2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2012-10-05] (Alfa Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG) R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed] S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48640 2007-05-09] (JMicron Technology Corp.) R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.) R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed] S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-21] (Avira GmbH) R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation) U5 AppMgmt; C:\Windows\system32\svchost.exe [22016 2006-11-02] (Microsoft Corporation) S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-09 15:36 - 2014-09-09 15:36 - 00014209 _____ () C:\Users\Ich\Desktop\FRST.txt 2014-09-09 15:35 - 2014-09-09 15:35 - 00000000 ____D () C:\Users\Ich\Desktop\FRST-OlderVersion 2014-09-05 20:41 - 2014-09-05 20:42 - 00000000 ____D () C:\Users\Ich\AppData\Local\CyberGhost 2014-09-05 20:40 - 2014-09-05 20:41 - 00000000 ____D () C:\Program Files\TAP-Windows 2014-09-05 20:40 - 2014-09-05 20:40 - 00001720 _____ () C:\Users\Ich\Desktop\CyberGhost 5.lnk 2014-09-05 20:40 - 2014-09-05 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5 2014-09-05 16:58 - 2014-09-05 16:58 - 00004343 _____ () C:\Windows\system32\jupdate-1.7.0_67-b01.log 2014-09-05 16:58 - 2014-09-05 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-05 16:58 - 2014-09-05 16:58 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-09-05 16:58 - 2014-07-25 12:55 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-09-05 16:58 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-09-05 16:58 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-09-05 16:58 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-09-04 21:58 - 2013-06-21 09:16 - 304039822 _____ () C:\Users\Ich\Desktop\[AKA] One Piece 590[x264,720p][Hi10P][B31241A3].mp4 2014-09-04 18:31 - 2014-09-04 18:31 - 00854417 _____ () C:\Users\Ich\Downloads\SecurityCheck.exe 2014-09-03 20:00 - 2014-09-03 20:00 - 00000000 ____D () C:\Users\Ich\Desktop\Microsoft office 2014-09-03 15:13 - 2014-09-03 15:13 - 00000000 ____D () C:\Windows\ERUNT 2014-09-03 13:48 - 2014-09-03 13:49 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Ich\Downloads\CG_5.0.13.17.exe 2014-09-02 20:10 - 2014-09-02 20:10 - 00009538 _____ () C:\ComboFix.txt 2014-09-02 20:00 - 2014-09-02 20:10 - 00000000 ____D () C:\ComboFix 2014-09-02 19:31 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-09-02 19:31 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-09-02 19:31 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-09-02 19:31 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-09-02 19:31 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-09-02 19:31 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe 2014-09-02 19:31 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-09-02 19:31 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-09-02 19:31 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-09-02 19:30 - 2014-09-02 20:10 - 00000000 ____D () C:\Qoobox 2014-09-02 19:30 - 2014-09-02 19:47 - 00000000 ____D () C:\Windows\erdnt 2014-09-02 15:33 - 2014-09-03 19:40 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-08-31 19:31 - 2014-09-09 15:36 - 00000000 ____D () C:\FRST 2014-08-30 03:22 - 2014-09-09 15:35 - 01097728 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe 2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-08-29 17:47 - 2006-10-26 19:56 - 00032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll 2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works 2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH 2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8 2014-08-29 17:39 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-29 17:39 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ___RD () C:\MSOCache 2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help 2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml 2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini 2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-28 04:29 - 2014-08-28 05:50 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP 2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb 2014-08-28 04:06 - 2014-09-03 14:26 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar 2014-08-28 04:06 - 2014-08-28 04:20 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb 2014-08-27 19:00 - 2010-03-05 16:01 - 00420352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-27 19:00 - 2009-12-04 09:19 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-08-27 16:27 - 2009-03-08 23:09 - 00391536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-27 16:27 - 2009-03-08 13:41 - 05937152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-27 16:27 - 2009-03-08 13:39 - 11063808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-27 16:27 - 2009-03-08 13:35 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-08-27 16:27 - 2009-03-08 13:34 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-27 16:27 - 2009-03-08 13:34 - 01206784 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-27 16:27 - 2009-03-08 13:34 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-27 16:27 - 2009-03-08 13:34 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-08-27 16:27 - 2009-03-08 13:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\WinFXDocObj.exe 2014-08-27 16:27 - 2009-03-08 13:34 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-27 16:27 - 2009-03-08 13:34 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-08-27 16:27 - 2009-03-08 13:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-08-27 16:27 - 2009-03-08 13:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-08-27 16:27 - 2009-03-08 13:33 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll 2014-08-27 16:27 - 2009-03-08 13:33 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-27 16:27 - 2009-03-08 13:33 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll 2014-08-27 16:27 - 2009-03-08 13:33 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\PDMSetup.exe 2014-08-27 16:27 - 2009-03-08 13:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-08-27 16:27 - 2009-03-08 13:33 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-08-27 16:27 - 2009-03-08 13:33 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-08-27 16:27 - 2009-03-08 13:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-27 16:27 - 2009-03-08 13:33 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-27 16:27 - 2009-03-08 13:32 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-08-27 16:27 - 2009-03-08 13:32 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-08-27 16:27 - 2009-03-08 13:32 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-27 16:27 - 2009-03-08 13:31 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-08-27 16:27 - 2009-03-08 13:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-08-27 16:27 - 2009-03-08 13:30 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-08-27 16:27 - 2009-03-08 13:22 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-27 16:27 - 2009-03-08 13:22 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-08-27 16:27 - 2009-03-08 13:11 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-27 16:27 - 2009-02-07 06:07 - 03698584 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-08-27 16:26 - 2014-08-27 16:42 - 00058468 _____ () C:\Windows\ie8_main.log 2014-08-27 16:23 - 2014-09-05 20:41 - 00000000 ____D () C:\Program Files\CyberGhost 5 2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini 2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll 2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll 2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo 2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice 2014-08-21 17:41 - 2014-09-08 00:01 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe 2014-08-19 18:14 - 2014-08-19 18:14 - 00000104 _____ () C:\Users\Ich\Spiele - Verknüpfung.lnk 2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-09 15:36 - 2014-09-09 15:36 - 00014209 _____ () C:\Users\Ich\Desktop\FRST.txt 2014-09-09 15:36 - 2014-08-31 19:31 - 00000000 ____D () C:\FRST 2014-09-09 15:35 - 2014-09-09 15:35 - 00000000 ____D () C:\Users\Ich\Desktop\FRST-OlderVersion 2014-09-09 15:35 - 2014-08-30 03:22 - 01097728 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe 2014-09-09 15:35 - 2006-11-02 12:33 - 00810610 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-09 15:32 - 2006-11-02 14:52 - 01910035 _____ () C:\Windows\WindowsUpdate.log 2014-09-09 15:30 - 2012-10-06 00:25 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-09 15:27 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-09 15:27 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-09 15:27 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-09 00:45 - 2006-11-02 15:01 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-09-09 00:43 - 2014-01-24 20:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-09 00:33 - 2012-10-06 00:14 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Winamp 2014-09-09 00:19 - 2012-10-06 00:25 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-08 19:54 - 2012-10-06 03:59 - 00121344 _____ () C:\Users\Ich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-08 00:01 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe 2014-09-07 23:54 - 2013-08-22 19:03 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-09-07 23:54 - 2013-08-22 19:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-09-06 05:34 - 2012-10-06 03:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\vlc 2014-09-05 20:42 - 2014-09-05 20:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\CyberGhost 2014-09-05 20:41 - 2014-09-05 20:40 - 00000000 ____D () C:\Program Files\TAP-Windows 2014-09-05 20:41 - 2014-08-27 16:23 - 00000000 ____D () C:\Program Files\CyberGhost 5 2014-09-05 20:40 - 2014-09-05 20:40 - 00001720 _____ () C:\Users\Ich\Desktop\CyberGhost 5.lnk 2014-09-05 20:40 - 2014-09-05 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5 2014-09-05 17:27 - 2012-10-05 21:12 - 00000000 ____D () C:\Users\Ich 2014-09-05 16:58 - 2014-09-05 16:58 - 00004343 _____ () C:\Windows\system32\jupdate-1.7.0_67-b01.log 2014-09-05 16:58 - 2014-09-05 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-05 16:58 - 2014-09-05 16:58 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-09-05 16:58 - 2013-08-14 19:50 - 00000000 ____D () C:\Program Files\Java 2014-09-05 15:52 - 2012-10-06 04:20 - 00084120 _____ () C:\Windows\PFRO.log 2014-09-04 18:31 - 2014-09-04 18:31 - 00854417 _____ () C:\Users\Ich\Downloads\SecurityCheck.exe 2014-09-03 21:03 - 2014-06-20 12:51 - 00000000 ____D () C:\Users\Ich\Desktop\Handyvertrag 2014-09-03 20:00 - 2014-09-03 20:00 - 00000000 ____D () C:\Users\Ich\Desktop\Microsoft office 2014-09-03 19:40 - 2014-09-02 15:33 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-09-03 15:13 - 2014-09-03 15:13 - 00000000 ____D () C:\Windows\ERUNT 2014-09-03 14:26 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar 2014-09-03 13:49 - 2014-09-03 13:48 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Ich\Downloads\CG_5.0.13.17.exe 2014-09-02 20:10 - 2014-09-02 20:10 - 00009538 _____ () C:\ComboFix.txt 2014-09-02 20:10 - 2014-09-02 20:00 - 00000000 ____D () C:\ComboFix 2014-09-02 20:10 - 2014-09-02 19:30 - 00000000 ____D () C:\Qoobox 2014-09-02 20:08 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini 2014-09-02 19:49 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default 2014-09-02 19:49 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public 2014-09-02 19:47 - 2014-09-02 19:30 - 00000000 ____D () C:\Windows\erdnt 2014-09-02 19:42 - 2006-11-02 12:22 - 38010880 _____ () C:\Windows\system32\config\SOFTWARE.bak 2014-09-02 19:42 - 2006-11-02 12:22 - 25427968 _____ () C:\Windows\system32\config\COMPON~1.bak 2014-09-02 19:42 - 2006-11-02 12:22 - 20709376 _____ () C:\Windows\system32\config\SYSTEM.bak 2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak 2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\SAM.bak 2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak 2014-08-30 18:17 - 2012-10-28 17:56 - 00000000 ____D () C:\Users\Ich\Desktop\Controller - Gamepad 2014-08-29 18:13 - 2012-10-05 21:13 - 00100432 _____ () C:\Users\Ich\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-29 18:12 - 2006-11-02 14:47 - 00374776 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-08-29 17:47 - 2014-08-29 17:39 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works 2014-08-29 17:45 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-08-29 17:44 - 2014-08-29 17:39 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\ShellNew 2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\MSBuild 2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH 2014-08-29 17:43 - 2012-10-27 17:28 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8 2014-08-29 17:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\System 2014-08-29 17:40 - 2006-11-02 12:23 - 00000219 _____ () C:\Windows\win.ini 2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ___RD () C:\MSOCache 2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help 2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml 2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\TOP 20 Deutsche Single Charts April 2013 - YouTube.URL 2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\Top 20 Deutsche Charts Mai 2013 - YouTube.URL 2014-08-28 15:42 - 2012-10-05 23:12 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-08-28 15:42 - 2012-10-05 21:13 - 00000949 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini 2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-28 05:50 - 2014-08-28 04:29 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP 2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-08-28 04:20 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb 2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb 2014-08-27 18:07 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE 2014-08-27 16:42 - 2014-08-27 16:26 - 00058468 _____ () C:\Windows\ie8_main.log 2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini 2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll 2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll 2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo 2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice 2014-08-23 03:25 - 2012-09-04 15:31 - 00000000 ____D () C:\Users\Ich\Desktop\Dwb projekte 2014-08-19 18:14 - 2014-08-19 18:14 - 00000104 _____ () C:\Users\Ich\Spiele - Verknüpfung.lnk 2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA 2014-08-12 20:58 - 2013-07-13 04:27 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-12 20:56 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe Some content of TEMP: ==================== C:\Users\Ich\AppData\Local\temp\avgnt.exe C:\Users\Ich\AppData\Local\temp\jre-7u67-windows-i586-iftw.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-09 15:36 ==================== End Of Log ============================ |
"Yahoo Community Smartbar Engine" lässt sich nicht entfernenZitat:
"Yahoo Community Smartbar Engine" lässt sich nicht entfernen Service Pack ist jetzt installiert. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014 Ran by Ich (administrator) on ICH-PC on 10-09-2014 22:48:07 Running from C:\Users\Ich\Desktop Platform: Microsoft® Windows Vista™ Home Premium (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe () C:\Program Files\Acer\Acer Bio Protection\BASVC.exe (hxxp://libusb-win32.sourceforge.net) C:\Windows\System32\libusbd-nt.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE (Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe () C:\Users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe (CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [817672 2008-06-04] (Dritek System Inc.) HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3673600 2012-10-05] (Arachnoid Biometrics Identification Group Corp.) HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-02-26] (Nero AG) HKLM\...\Run: [Smart File Advisor] => C:\Program Files\Smart File Advisor\sfa.exe [280824 2011-04-04] (Filefacts.net) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.) HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation) HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [smoother] => C:\Users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe [489603 2014-08-12] () HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [404080 2014-06-12] (CyberGhost S.R.L.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: http=;ftp=;https=; HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default FF NewTab: www.google.de FF Homepage: https://www.google.de/?gfe_rd=cr&ei=NPsFVOX3HqiF8QfCtYCgDQ&gws_rd=ssl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Unblock YouTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\ich@maltegoetz.de [2014-07-23] FF Extension: YouTube Unblocker - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\youtubeunblocker@unblocker.yt [2014-07-05] FF Extension: Smoother Web - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-08-28] FF Extension: Tab Converter - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{40f3666d-0746-451b-893f-6be81e8d1e33}.xpi [2014-07-12] FF Extension: {519dc759-96fc-494f-8786-1ada2fcc4f8f} - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{519dc759-96fc-494f-8786-1ada2fcc4f8f}.xpi [2014-07-06] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-22] FF Extension: Adblock Plus - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-28] FF HKCU\...\Firefox\Extensions: [{60525b7e-56a2-4031-a4f4-35eb2c9dd4d8}] - C:\Program Files\LyriXeeker\130.xpi FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L) R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-08-19] () [File not signed] R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3521024 2012-10-05] () [File not signed] R2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2012-10-05] (Alfa Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG) R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed] S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48640 2007-05-09] (JMicron Technology Corp.) R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.) R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed] S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-21] (Avira GmbH) R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation) U5 AppMgmt; C:\Windows\system32\svchost.exe [22016 2006-11-02] (Microsoft Corporation) S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-10 22:48 - 2014-09-10 22:48 - 00013948 _____ () C:\Users\Ich\Desktop\FRST.txt 2014-09-09 15:35 - 2014-09-09 15:35 - 00000000 ____D () C:\Users\Ich\Desktop\FRST-OlderVersion 2014-09-05 20:41 - 2014-09-05 20:42 - 00000000 ____D () C:\Users\Ich\AppData\Local\CyberGhost 2014-09-05 20:40 - 2014-09-05 20:41 - 00000000 ____D () C:\Program Files\TAP-Windows 2014-09-05 20:40 - 2014-09-05 20:40 - 00001720 _____ () C:\Users\Ich\Desktop\CyberGhost 5.lnk 2014-09-05 20:40 - 2014-09-05 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5 2014-09-05 16:58 - 2014-09-05 16:58 - 00004343 _____ () C:\Windows\system32\jupdate-1.7.0_67-b01.log 2014-09-05 16:58 - 2014-09-05 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-05 16:58 - 2014-09-05 16:58 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-09-05 16:58 - 2014-07-25 12:55 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-09-05 16:58 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-09-05 16:58 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-09-05 16:58 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-09-04 21:58 - 2013-06-21 09:16 - 304039822 _____ () C:\Users\Ich\Desktop\[AKA] One Piece 590[x264,720p][Hi10P][B31241A3].mp4 2014-09-04 18:31 - 2014-09-04 18:31 - 00854417 _____ () C:\Users\Ich\Downloads\SecurityCheck.exe 2014-09-03 20:00 - 2014-09-03 20:00 - 00000000 ____D () C:\Users\Ich\Desktop\Microsoft office 2014-09-03 15:13 - 2014-09-03 15:13 - 00000000 ____D () C:\Windows\ERUNT 2014-09-03 13:48 - 2014-09-03 13:49 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Ich\Downloads\CG_5.0.13.17.exe 2014-09-02 20:10 - 2014-09-02 20:10 - 00009538 _____ () C:\ComboFix.txt 2014-09-02 20:00 - 2014-09-02 20:10 - 00000000 ____D () C:\ComboFix 2014-09-02 19:31 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-09-02 19:31 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-09-02 19:31 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-09-02 19:31 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-09-02 19:31 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-09-02 19:31 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe 2014-09-02 19:31 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-09-02 19:31 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-09-02 19:31 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-09-02 19:30 - 2014-09-02 20:10 - 00000000 ____D () C:\Qoobox 2014-09-02 19:30 - 2014-09-02 19:47 - 00000000 ____D () C:\Windows\erdnt 2014-09-02 15:33 - 2014-09-03 19:40 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-08-31 19:31 - 2014-09-10 22:48 - 00000000 ____D () C:\FRST 2014-08-30 03:22 - 2014-09-09 15:35 - 01097728 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe 2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-08-29 17:47 - 2006-10-26 19:56 - 00032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll 2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works 2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH 2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8 2014-08-29 17:39 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-29 17:39 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ___RD () C:\MSOCache 2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help 2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml 2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini 2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-28 04:29 - 2014-08-28 05:50 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP 2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb 2014-08-28 04:06 - 2014-09-03 14:26 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar 2014-08-28 04:06 - 2014-08-28 04:20 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb 2014-08-27 19:00 - 2010-03-05 16:01 - 00420352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-27 19:00 - 2009-12-04 09:19 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-08-27 16:27 - 2009-03-08 23:09 - 00391536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-27 16:27 - 2009-03-08 13:41 - 05937152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-27 16:27 - 2009-03-08 13:39 - 11063808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-27 16:27 - 2009-03-08 13:35 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-08-27 16:27 - 2009-03-08 13:34 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-27 16:27 - 2009-03-08 13:34 - 01206784 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-27 16:27 - 2009-03-08 13:34 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-27 16:27 - 2009-03-08 13:34 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-08-27 16:27 - 2009-03-08 13:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\WinFXDocObj.exe 2014-08-27 16:27 - 2009-03-08 13:34 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-27 16:27 - 2009-03-08 13:34 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-08-27 16:27 - 2009-03-08 13:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-08-27 16:27 - 2009-03-08 13:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-08-27 16:27 - 2009-03-08 13:33 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll 2014-08-27 16:27 - 2009-03-08 13:33 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-27 16:27 - 2009-03-08 13:33 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll 2014-08-27 16:27 - 2009-03-08 13:33 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\PDMSetup.exe 2014-08-27 16:27 - 2009-03-08 13:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-08-27 16:27 - 2009-03-08 13:33 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-08-27 16:27 - 2009-03-08 13:33 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-08-27 16:27 - 2009-03-08 13:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-27 16:27 - 2009-03-08 13:33 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-27 16:27 - 2009-03-08 13:32 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-08-27 16:27 - 2009-03-08 13:32 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-27 16:27 - 2009-03-08 13:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-08-27 16:27 - 2009-03-08 13:32 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-27 16:27 - 2009-03-08 13:31 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-08-27 16:27 - 2009-03-08 13:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-08-27 16:27 - 2009-03-08 13:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-08-27 16:27 - 2009-03-08 13:30 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-08-27 16:27 - 2009-03-08 13:22 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-27 16:27 - 2009-03-08 13:22 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-08-27 16:27 - 2009-03-08 13:11 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-27 16:27 - 2009-02-07 06:07 - 03698584 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-08-27 16:26 - 2014-08-27 16:42 - 00058468 _____ () C:\Windows\ie8_main.log 2014-08-27 16:23 - 2014-09-05 20:41 - 00000000 ____D () C:\Program Files\CyberGhost 5 2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini 2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll 2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll 2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo 2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice 2014-08-21 17:41 - 2014-09-08 00:01 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe 2014-08-19 18:14 - 2014-08-19 18:14 - 00000104 _____ () C:\Users\Ich\Spiele - Verknüpfung.lnk 2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-10 22:48 - 2014-09-10 22:48 - 00013948 _____ () C:\Users\Ich\Desktop\FRST.txt 2014-09-10 22:48 - 2014-08-31 19:31 - 00000000 ____D () C:\FRST 2014-09-10 22:47 - 2012-10-06 00:25 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-10 22:46 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-10 22:46 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-10 22:46 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-10 16:09 - 2006-11-02 15:01 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-09-10 16:09 - 2006-11-02 14:52 - 02001643 _____ () C:\Windows\WindowsUpdate.log 2014-09-10 15:43 - 2014-01-24 20:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-10 15:18 - 2012-10-06 00:25 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-10 15:05 - 2006-11-02 12:33 - 00810610 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-10 15:01 - 2012-10-06 00:14 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Winamp 2014-09-10 00:27 - 2013-07-13 04:27 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-10 00:23 - 2006-11-02 12:24 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-09-09 15:35 - 2014-09-09 15:35 - 00000000 ____D () C:\Users\Ich\Desktop\FRST-OlderVersion 2014-09-09 15:35 - 2014-08-30 03:22 - 01097728 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe 2014-09-08 19:54 - 2012-10-06 03:59 - 00121344 _____ () C:\Users\Ich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-08 00:01 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe 2014-09-07 23:54 - 2013-08-22 19:03 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-09-07 23:54 - 2013-08-22 19:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-09-06 05:34 - 2012-10-06 03:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\vlc 2014-09-05 20:42 - 2014-09-05 20:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\CyberGhost 2014-09-05 20:41 - 2014-09-05 20:40 - 00000000 ____D () C:\Program Files\TAP-Windows 2014-09-05 20:41 - 2014-08-27 16:23 - 00000000 ____D () C:\Program Files\CyberGhost 5 2014-09-05 20:40 - 2014-09-05 20:40 - 00001720 _____ () C:\Users\Ich\Desktop\CyberGhost 5.lnk 2014-09-05 20:40 - 2014-09-05 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5 2014-09-05 17:27 - 2012-10-05 21:12 - 00000000 ____D () C:\Users\Ich 2014-09-05 16:58 - 2014-09-05 16:58 - 00004343 _____ () C:\Windows\system32\jupdate-1.7.0_67-b01.log 2014-09-05 16:58 - 2014-09-05 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-05 16:58 - 2014-09-05 16:58 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-09-05 16:58 - 2013-08-14 19:50 - 00000000 ____D () C:\Program Files\Java 2014-09-05 15:52 - 2012-10-06 04:20 - 00084120 _____ () C:\Windows\PFRO.log 2014-09-04 18:31 - 2014-09-04 18:31 - 00854417 _____ () C:\Users\Ich\Downloads\SecurityCheck.exe 2014-09-03 21:03 - 2014-06-20 12:51 - 00000000 ____D () C:\Users\Ich\Desktop\Handyvertrag 2014-09-03 20:00 - 2014-09-03 20:00 - 00000000 ____D () C:\Users\Ich\Desktop\Microsoft office 2014-09-03 19:40 - 2014-09-02 15:33 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-09-03 15:13 - 2014-09-03 15:13 - 00000000 ____D () C:\Windows\ERUNT 2014-09-03 14:26 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar 2014-09-03 13:49 - 2014-09-03 13:48 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Ich\Downloads\CG_5.0.13.17.exe 2014-09-02 20:10 - 2014-09-02 20:10 - 00009538 _____ () C:\ComboFix.txt 2014-09-02 20:10 - 2014-09-02 20:00 - 00000000 ____D () C:\ComboFix 2014-09-02 20:10 - 2014-09-02 19:30 - 00000000 ____D () C:\Qoobox 2014-09-02 20:08 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini 2014-09-02 19:49 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default 2014-09-02 19:49 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public 2014-09-02 19:47 - 2014-09-02 19:30 - 00000000 ____D () C:\Windows\erdnt 2014-09-02 19:42 - 2006-11-02 12:22 - 38010880 _____ () C:\Windows\system32\config\SOFTWARE.bak 2014-09-02 19:42 - 2006-11-02 12:22 - 25427968 _____ () C:\Windows\system32\config\COMPON~1.bak 2014-09-02 19:42 - 2006-11-02 12:22 - 20709376 _____ () C:\Windows\system32\config\SYSTEM.bak 2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak 2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\SAM.bak 2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak 2014-08-30 18:17 - 2012-10-28 17:56 - 00000000 ____D () C:\Users\Ich\Desktop\Controller - Gamepad 2014-08-29 18:13 - 2012-10-05 21:13 - 00100432 _____ () C:\Users\Ich\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-29 18:12 - 2006-11-02 14:47 - 00374776 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-08-29 17:47 - 2014-08-29 17:39 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works 2014-08-29 17:45 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-08-29 17:44 - 2014-08-29 17:39 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\ShellNew 2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\MSBuild 2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH 2014-08-29 17:43 - 2012-10-27 17:28 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8 2014-08-29 17:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\System 2014-08-29 17:40 - 2006-11-02 12:23 - 00000219 _____ () C:\Windows\win.ini 2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ___RD () C:\MSOCache 2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help 2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml 2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\TOP 20 Deutsche Single Charts April 2013 - YouTube.URL 2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\Top 20 Deutsche Charts Mai 2013 - YouTube.URL 2014-08-28 15:42 - 2012-10-05 23:12 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-08-28 15:42 - 2012-10-05 21:13 - 00000949 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini 2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-28 05:50 - 2014-08-28 04:29 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP 2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-08-28 04:20 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb 2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb 2014-08-27 18:07 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE 2014-08-27 16:42 - 2014-08-27 16:26 - 00058468 _____ () C:\Windows\ie8_main.log 2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini 2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll 2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll 2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo 2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice 2014-08-23 03:25 - 2012-09-04 15:31 - 00000000 ____D () C:\Users\Ich\Desktop\Dwb projekte 2014-08-19 18:14 - 2014-08-19 18:14 - 00000104 _____ () C:\Users\Ich\Spiele - Verknüpfung.lnk 2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA Some content of TEMP: ==================== C:\Users\Ich\AppData\Local\temp\avgnt.exe C:\Users\Ich\AppData\Local\temp\jre-7u67-windows-i586-iftw.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-10 15:05 ==================== End Of Log ============================ |
"Yahoo Community Smartbar Engine" lässt sich nicht entfernen Laut Log fehlt es immer noch. Hast du jetzt Servicepack 1 und 2 installiert?
gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!
"Yahoo Community Smartbar Engine" lässt sich nicht entfernen Immer wenn ich auf Windows update geh steht da Update ( Windows Service Pack ) installieren. Ich installiere es dann, aber wenn ich dann nach neuen Updates such findet er wieder nur Diesen Service Pack 1. Hab ihn jetzt mittlerweile schon 6 mal installiert.
"Yahoo Community Smartbar Engine" lässt sich nicht entfernen Lade dir das Servicepack als Offline Installer und installiere es dann.
gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!
"Yahoo Community Smartbar Engine" lässt sich nicht entfernen Beide Packs sollten jetzt installiert sein. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014 (ATTENTION: ====> FRST version is 9 days old and could be outdated) Ran by Ich (administrator) on ICH-PC on 16-09-2014 17:25:41 Running from C:\Users\Ich\Desktop Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 Boot Mode: Normal KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe () C:\Program Files\Acer\Acer Bio Protection\BASVC.exe (hxxp://libusb-win32.sourceforge.net) C:\Windows\System32\libusbd-nt.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe (Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe (Microsoft Corporation) C:\Windows\System32\userinit.exe (Microsoft Corporation) C:\Windows\System32\mcbuilder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE (Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe () C:\Users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe (CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [817672 2008-06-04] (Dritek System Inc.) HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3673600 2012-10-05] (Arachnoid Biometrics Identification Group Corp.) HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-02-26] (Nero AG) HKLM\...\Run: [Smart File Advisor] => C:\Program Files\Smart File Advisor\sfa.exe [280824 2011-04-04] (Filefacts.net) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.) HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation) HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [smoother] => C:\Users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe [489603 2014-08-12] () HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [404080 2014-06-12] (CyberGhost S.R.L.) HKU\S-1-5-21-3325081473-2881869368-4166051970-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: http=;ftp=;https=; HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default FF NewTab: www.google.de FF Homepage: https://www.google.de/?gfe_rd=cr&ei=NPsFVOX3HqiF8QfCtYCgDQ&gws_rd=ssl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: YouTube Unblocker - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\youtubeunblocker@unblocker.yt [2014-09-15] FF Extension: ProxTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\ich@maltegoetz.de.xpi [2014-09-10] FF Extension: Smoother Web - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-08-28] FF Extension: Tab Converter - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{40f3666d-0746-451b-893f-6be81e8d1e33}.xpi [2014-07-12] FF Extension: {519dc759-96fc-494f-8786-1ada2fcc4f8f} - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{519dc759-96fc-494f-8786-1ada2fcc4f8f}.xpi [2014-07-06] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-22] FF Extension: Adblock Plus - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-28] FF HKCU\...\Firefox\Extensions: [{60525b7e-56a2-4031-a4f4-35eb2c9dd4d8}] - C:\Program Files\LyriXeeker\130.xpi FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L) R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-08-19] () [File not signed] R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3521024 2012-10-05] () [File not signed] R2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2012-10-05] (Alfa Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG) R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed] S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48640 2007-05-09] (JMicron Technology Corp.) R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.) R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed] S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-21] (Avira GmbH) R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation) U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-18] (Microsoft Corporation) S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-16 17:25 - 2014-09-16 17:25 - 00014430 _____ () C:\Users\Ich\Desktop\FRST.txt 2014-09-16 17:05 - 2014-09-16 17:06 - 00000000 ____D () C:\Windows\system32\eu-ES 2014-09-16 17:05 - 2014-09-16 17:06 - 00000000 ____D () C:\Windows\system32\ca-ES 2014-09-16 17:05 - 2014-09-16 17:05 - 00000000 ____D () C:\Windows\system32\vi-VN 2014-09-16 17:04 - 2014-09-16 17:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_00_00.Wdf 2014-09-16 17:03 - 2014-09-16 17:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2014-09-16 16:59 - 2014-09-16 16:59 - 00000000 ____D () C:\Windows\system32\SPReview 2014-09-16 16:49 - 2009-04-10 23:28 - 00928768 _____ (Microsoft Corporation) C:\Windows\system32\scavenge.dll 2014-09-16 16:49 - 2009-04-10 23:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe 2014-09-16 16:48 - 2009-04-10 23:33 - 00614376 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2014-09-16 16:48 - 2009-04-10 23:32 - 01083880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00245736 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-09-16 16:48 - 2009-04-10 23:32 - 00054248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00050664 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL 2014-09-16 16:48 - 2009-04-10 23:32 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00027112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys 2014-09-16 16:48 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys 2014-09-16 16:48 - 2009-04-10 23:28 - 11584000 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 06103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 02515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 02153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 02134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01856512 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01823744 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01788416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\chsbrkr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01591296 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01502720 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01459200 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01342464 _____ (Microsoft Corporation) C:\Windows\system32\brcpl.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01324032 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe 2014-09-16 16:48 - 2009-04-10 23:28 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01107968 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe 2014-09-16 16:48 - 2009-04-10 23:28 - 00612864 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2014-09-16 16:48 - 2009-04-10 23:28 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00550400 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\IasMigReader.exe 2014-09-16 16:48 - 2009-04-10 23:28 - 00454144 _____ (Microsoft) C:\Windows\system32\IasMigPlugin.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2014-09-16 16:48 - 2009-04-10 23:28 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\devmgr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\RelMon.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2014-09-16 16:48 - 2009-04-10 23:28 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL 2014-09-16 16:48 - 2009-04-10 23:28 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2014-09-16 16:48 - 2009-04-10 23:28 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\adsldpc.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\offfilt.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2014-09-16 16:48 - 2009-04-10 23:28 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\pnpsetup.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\fundisc.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\nlhtml.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00117248 _____ () C:\Windows\system32\EhStorAuthn.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayDriverLib.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\EhStorShell.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2014-09-16 16:48 - 2009-04-10 23:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\EhStorPwdMgr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll 2014-09-16 16:48 - 2009-04-10 23:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll 2014-09-16 16:48 - 2009-04-10 23:27 - 02926592 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 02092544 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 01202168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-09-16 16:48 - 2009-04-10 23:27 - 01122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2014-09-16 16:48 - 2009-04-10 23:27 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl 2014-09-16 16:48 - 2009-04-10 23:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2014-09-16 16:48 - 2009-04-10 23:27 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl 2014-09-16 16:48 - 2009-04-10 23:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll 2014-09-16 16:48 - 2009-04-10 23:27 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax 2014-09-16 16:48 - 2009-04-10 23:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax 2014-09-16 16:48 - 2009-04-10 23:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll 2014-09-16 16:48 - 2009-04-10 23:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingWizard.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe 2014-09-16 16:48 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe 2014-09-16 16:48 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime 2014-09-16 16:48 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime 2014-09-16 16:48 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime 2014-09-16 16:48 - 2009-04-10 23:23 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime 2014-09-16 16:48 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime 2014-09-16 16:48 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime 2014-09-16 16:48 - 2009-04-10 23:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll 2014-09-16 16:48 - 2009-04-10 23:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2014-09-16 16:48 - 2009-04-10 22:42 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2014-09-16 16:48 - 2009-04-10 22:03 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll 2014-09-16 16:48 - 2009-04-10 22:03 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll 2014-09-16 16:48 - 2009-04-10 21:51 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-09-16 16:48 - 2009-04-10 21:48 - 00344698 _____ () C:\Windows\system32\eaphost.tmf 2014-09-16 16:48 - 2009-04-10 21:47 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-09-16 16:48 - 2009-04-10 21:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys 2014-09-16 16:48 - 2009-04-10 21:46 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys 2014-09-16 16:48 - 2009-04-10 21:46 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2014-09-16 16:48 - 2009-04-10 21:45 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2014-09-16 16:48 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys 2014-09-16 16:48 - 2009-04-10 21:43 - 00442788 _____ () C:\Windows\system32\dot3.tmf 2014-09-16 16:48 - 2009-04-10 21:43 - 00392170 _____ () C:\Windows\system32\onex.tmf 2014-09-16 16:48 - 2009-04-10 21:43 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2014-09-16 16:48 - 2009-04-10 21:43 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2014-09-16 16:48 - 2009-04-10 21:42 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys 2014-09-16 16:48 - 2009-04-10 21:42 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2014-09-16 16:48 - 2009-04-10 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2014-09-16 16:48 - 2009-04-10 21:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2014-09-16 16:48 - 2009-04-10 21:39 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys 2014-09-16 16:48 - 2009-04-10 21:39 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-09-16 16:48 - 2009-04-10 21:27 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2014-09-16 16:48 - 2009-04-10 21:23 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-09-16 16:48 - 2009-04-10 21:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys 2014-09-16 16:48 - 2009-04-10 21:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2014-09-16 16:48 - 2009-04-10 21:14 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2014-09-16 16:48 - 2009-04-10 21:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2014-09-16 16:48 - 2009-04-10 21:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2014-09-16 16:48 - 2009-04-10 21:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2014-09-16 16:48 - 2009-04-10 21:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-09-16 16:48 - 2009-03-29 21:42 - 00155456 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-09-16 16:48 - 2009-03-29 21:42 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-09-16 16:48 - 2009-02-19 17:20 - 00009212 _____ () C:\Windows\system32\RacUR.xml 2014-09-16 16:48 - 2009-02-18 11:43 - 00000153 _____ () C:\Windows\system32\RacUREx.xml 2014-09-16 16:48 - 2009-02-18 11:39 - 00779136 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2014-09-16 16:48 - 2009-02-18 11:39 - 00102816 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-09-16 16:47 - 2009-04-10 23:33 - 00986600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2014-09-16 16:47 - 2009-04-10 23:33 - 00926184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2014-09-16 16:47 - 2009-04-10 23:33 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys 2014-09-16 16:47 - 2009-04-10 23:32 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2014-09-16 16:47 - 2009-04-10 23:32 - 00438744 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2014-09-16 16:47 - 2009-04-10 23:32 - 00226280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2014-09-16 16:47 - 2009-04-10 23:32 - 00223208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-09-16 16:47 - 2009-04-10 23:32 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-09-16 16:47 - 2009-04-10 23:32 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2014-09-16 16:47 - 2009-04-10 23:32 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys 2014-09-16 16:47 - 2009-04-10 23:32 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys 2014-09-16 16:47 - 2009-04-10 23:32 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys 2014-09-16 16:47 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll 2014-09-16 16:47 - 2009-04-10 23:32 - 00017896 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll 2014-09-16 16:47 - 2009-04-10 23:32 - 00017384 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe 2014-09-16 16:47 - 2009-04-10 23:28 - 03174400 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 03072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 02225664 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 02205184 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 02167808 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 02012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01695232 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01580544 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2014-09-16 16:47 - 2009-04-10 23:28 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01533440 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01524736 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01480704 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01382912 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2014-09-16 16:47 - 2009-04-10 23:28 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\wercon.exe 2014-09-16 16:47 - 2009-04-10 23:28 - 01135104 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01086464 _____ (Microsoft Corporation) C:\Windows\system32\NetProjW.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01081344 _____ (Microsoft Corporation) C:\Windows\system32\SLCExt.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01055232 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe 2014-09-16 16:47 - 2009-04-10 23:28 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00968192 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz2.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2014-09-16 16:47 - 2009-04-10 23:28 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00852992 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-09-16 16:47 - 2009-04-10 23:28 - 00712704 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00679936 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00670720 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00657408 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2014-09-16 16:47 - 2009-04-10 23:28 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe 2014-09-16 16:47 - 2009-04-10 23:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL 2014-09-16 16:47 - 2009-04-10 23:28 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00532992 _____ (Microsoft Corporation) C:\Windows\system32\wpcao.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00507904 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-09-16 16:47 - 2009-04-10 23:28 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2014-09-16 16:47 - 2009-04-10 23:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll 2014-09-16 16:47 - 2009-04-10 23:28 - ![]() | #25 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() "Yahoo Community Smartbar Engine" lässt sich nicht entfernen Fertig ![]() Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun ![]() Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #26 |
![]() | ![]() "Yahoo Community Smartbar Engine" lässt sich nicht entfernen Gibt es hier jemand der wirklich helfen kann? |
![]() | #27 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() "Yahoo Community Smartbar Engine" lässt sich nicht entfernen Anstatt so Fragen zu stellen wäre es vllt angebrachter einfach mal zu sagen was du noch an Problemen hast.....
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #28 |
![]() | ![]() "Yahoo Community Smartbar Engine" lässt sich nicht entfernen Alles bereits in den beiträgen geschrieben. Pc ist jetzt sehr langsam. Plugincontainer funktioniert dauernd nicht mehr. |
![]() | #29 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() "Yahoo Community Smartbar Engine" lässt sich nicht entfernen Kein Malwareproblem.
![]() Wenn das nicht tut brauchen wir die Windows-Scheibe.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() |
Themen zu "Yahoo Community Smartbar Engine" lässt sich nicht entfernen |
community, deinstalliere, deinstallieren, entferne, entfernen, explorer, geholfen, interne, internet, internet explorer, lässt sich nicht entfernen, maleware, msil/toolbar.linkury.g, smartbar, spyhunter, spyhunter entfernen, virus, win32/smartfileadvisor.a, win32/toolbar.conduit, win32/winloadsda.e, yahoo, yahoo community smartbar |