Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Win 7: istartsurf eingefangen/updates gehen nirgends mehr

Win 7: istartsurf eingefangen/updates gehen nirgends mehr


Log-Analyse und Auswertung: Win 7: istartsurf eingefangen/updates gehen nirgends mehr

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 06.06.2015, 12:07   #1
LeBlubb
 
Win 7: istartsurf eingefangen/updates gehen nirgends mehr - Standard

Win 7: istartsurf eingefangen/updates gehen nirgends mehr


Moinsen.
ich hab mir dieses lästige Programm istatsurf irgendwie eingefangen. mitsamt ner ganzen anhängerschaft adwares etc.
die sind aber schon entfernt, nur das istartsurf selber habe ich noch nich gefunden und ich bin mir nicht sicher ob es ganz weg ist, zumal seitdem keinerleid updates mehr machen machen, bei allen programmen die automatische updates machen und dort mit ihren jeweiligen server verbinden wollen, melden, dass der host nicht erreichbar ist.
spybots hat nichts gefunden, ausser ein paar tracking cookies, google & co.
avast hat istartsurf als browsererweiterung (tollbarschutz) erkannt, ich habe die option gewählt dieses add-on zu entfernen.
wahrscheinlich wurde es auch entfernt (bin mir nich so ganz sicher), aber die einstellungen die dieses programm geändert hat nicht.
was habe ich sonst bisher gemacht:
ich habe firefox deinstalliert, sämtliche gespeicherten daten unter /benutzer/... manuell gelöscht und neuinstalliert. da läuft jetzt auch wieder alles.
danach im internet explorer istartsurf aus den einstellungen gelöscht (suche und startseite)
das problem mit dem avast updates habe ich versucht zu korrigieren, indem ich avast neuinstalliert hab. hat aber leider nichts gebracht, ausser dass die definitionsdatei jetzt noch n paar tage älter ist.
wär super wenn ihr mir da weiterhelfen könntet.

defogger_disable
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:33 on 06/06/2015 (Dolge)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...


-=E.O.F=-
FRST
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by Dolge (administrator) on DOLGE-PC on 06-06-2015 11:35:16
Running from C:\Users\Dolge\Downloads
Loaded Profiles: Dolge (Available Profiles: Dolge)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\Dolge\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Dolge\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\RunLegacyCPLElevated.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\OSD.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-08-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Realtek Camera Manager] => C:\Windows\system32\RunLegacyCPLElevated.exe shell32.dll,Control_RunDLL "C:\Windows\system32\Realtek Camera Manager.cpl"
HKLM-x32\...\Run: [SL-6481 Gaming Keyboard] => C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.exe [1976832 2014-06-21] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-06] (Avast Software s.r.o.)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\b6dd1e85-e546-4a26-a272-a775eb0bf15c.exe [183232 2015-06-06] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-11-07] ()
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Dolge\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\...\RunOnce: [Adobe Speed Launcher] => 1433580674
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\...\Policies\Explorer: [Run] "C:\Users\Dolge\AppData\Roaming\Microsoft\Windows\IEUpdate\LocationNotifications.exe"
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\...\MountPoints2: E - E:\Setup.exe
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\...\MountPoints2: {32209ca5-2757-11e2-bd8c-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\...\MountPoints2: {a07a7555-5441-11e4-a78f-bc5ff45ec1c4} - H:\setup.exe
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\...\MountPoints2: {bce7935f-2900-11e2-a70d-bc5ff4326929} - E:\setup.exe
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-06] (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{6551de96-3d84-4073-9481-a02f40452d9d} <======= ATTENTION (Policy restriction on IP)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4011178475-394731722-3904193916-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4011178475-394731722-3904193916-1000 -> DefaultScope {86BC90EB-D1D5-40D4-9ED7-76A3617F0109} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4011178475-394731722-3904193916-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-4011178475-394731722-3904193916-1000 -> {86BC90EB-D1D5-40D4-9ED7-76A3617F0109} URL = https://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-06] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-06] (Avast Software s.r.o.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-22] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1433445722&z=03b255d955116348128458eg8zccac3z3zdw8mbg8o&from=smt&uid=HitachiXHDS721050DLE630_MSE423RP1WHEPK1WHEPKX

FireFox:
========
FF ProfilePath: C:\Users\Dolge\AppData\Roaming\Mozilla\Firefox\Profiles\14bcrzmf.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-19] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nexon.co.jp/NxGame -> C:\ProgramData\NexonJP\NGM\npNxGameJP.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2013-12-11] (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-11-07] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4011178475-394731722-3904193916-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dolge\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-06] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4011178475-394731722-3904193916-1000: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\Dolge\AppData\Roaming\Mozilla\Plugins\NpFv530.dll No File
FF Plugin HKU\S-1-5-21-4011178475-394731722-3904193916-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-11-07] (Pando Networks)
FF Plugin HKU\S-1-5-21-4011178475-394731722-3904193916-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-09-01] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Dolge\AppData\Roaming\Mozilla\Firefox\Profiles\14bcrzmf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-06]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-06] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-06-06] (Avast Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-08-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-08-07] (BlueStack Systems, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-19] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 BRSptSvc; "C:\ProgramData\BitRaider\BRSptSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-06] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-06] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-06] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-06] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-08-07] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-14] (Disc Soft Ltd)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8228240 2012-09-19] (Realtek Semiconductor Corp.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-01] (Anchorfree Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-06-06] (Avast Software)
S3 BRDriver64; \??\C:\programdata\bitraider\BRDriver64.sys [X]
S3 BRDriver64_1_3_3_7ECFDFEA; \??\C:\ProgramData\BitRaider\support\1.3.3\7ECFDFEA\BRDriver64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-06 11:35 - 2015-06-06 11:35 - 00022822 _____ C:\Users\Dolge\Downloads\FRST.txt
2015-06-06 11:35 - 2015-06-06 11:35 - 00000000 ____D C:\FRST
2015-06-06 11:34 - 2015-06-06 11:34 - 02108928 _____ (Farbar) C:\Users\Dolge\Downloads\FRST64.exe
2015-06-06 11:33 - 2015-06-06 11:33 - 00000542 _____ C:\Users\Dolge\Downloads\defogger_disable.log
2015-06-06 11:33 - 2015-06-06 11:33 - 00000168 _____ C:\Users\Dolge\defogger_reenable
2015-06-06 11:32 - 2015-06-06 11:32 - 00050477 _____ C:\Users\Dolge\Downloads\Defogger.exe
2015-06-06 11:00 - 2015-06-06 11:00 - 00000000 ____D C:\Users\Dolge\AppData\Roaming\AVAST Software
2015-06-06 10:59 - 2015-06-06 10:59 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-06 10:59 - 2015-06-06 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-06 10:58 - 2015-06-06 10:58 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-06 10:58 - 2015-06-06 10:57 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-06-06 10:58 - 2015-06-06 10:57 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-06-06 10:58 - 2015-06-06 10:57 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-06-06 10:58 - 2015-06-06 10:57 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-06-06 10:58 - 2015-06-06 10:57 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-06-06 10:58 - 2015-06-06 10:57 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-06-06 10:58 - 2015-06-06 10:57 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-06-06 10:58 - 2015-06-06 10:57 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-06-06 10:57 - 2015-06-06 10:57 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-06-06 10:57 - 2015-06-06 10:57 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-06-06 10:57 - 2015-06-06 10:57 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-06 10:55 - 2015-06-06 10:55 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\rnporqmj.sys
2015-06-06 10:51 - 2015-06-06 10:51 - 00000000 ____D C:\Users\Dolge\AppData\Local\LogMeIn
2015-06-06 10:41 - 2015-06-06 10:42 - 152923328 _____ (Avast Software s.r.o.) C:\Users\Dolge\Downloads\avast_free_antivirus_setup.exe
2015-06-06 02:48 - 2015-06-06 02:48 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-06 02:48 - 2015-06-06 02:48 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-06 02:48 - 2015-06-06 02:48 - 00000000 ____D C:\ProgramData\Mozilla
2015-06-06 02:47 - 2015-06-06 02:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-05 15:41 - 2015-06-05 15:41 - 00002112 _____ C:\Users\Dolge\Desktop\Firefox - CHIP Downloader.lnk
2015-06-05 01:32 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150605-013234.backup
2015-06-05 00:31 - 2015-06-05 01:24 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-06-05 00:31 - 2015-06-05 00:33 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-05 00:31 - 2015-06-05 00:31 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-06-05 00:31 - 2015-06-05 00:31 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-06-05 00:31 - 2015-06-05 00:31 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-06-05 00:31 - 2015-06-05 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-06-05 00:31 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-06-05 00:29 - 2015-06-05 00:29 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Dolge\Downloads\spybot-2.4.exe
2015-06-05 00:17 - 2015-06-05 00:17 - 00000000 _____ C:\autoexec.bat
2015-06-05 00:14 - 2015-06-05 00:15 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Dolge\Downloads\SpyHunter-Installer.exe
2015-06-04 21:53 - 2015-06-04 21:54 - 00000000 ____D C:\Users\Dolge\Zomboid
2015-06-04 21:50 - 2015-06-04 21:50 - 00000000 ____D C:\Users\Dolge\Downloads\Project.Zomboid.Build.32.3
2015-06-04 21:30 - 2015-06-04 21:44 - 562744975 ____R C:\Users\Dolge\Downloads\Project.Zomboid.Build.32.3.zip
2015-06-04 20:29 - 2015-06-04 20:29 - 00000000 ____D C:\Users\Dolge\Downloads\TownCraft.v2.1.6
2015-06-04 20:29 - 2015-06-04 20:29 - 00000000 ____D C:\Users\Dolge\AppData\Local\TownCraft
2015-06-04 20:25 - 2015-06-04 20:29 - 102086988 ____R C:\Users\Dolge\Downloads\TownCraft.v2.1.6.zip
2015-06-02 18:27 - 2015-06-06 02:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-29 00:33 - 2015-05-29 00:33 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-05-19 17:12 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-19 17:12 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-16 00:09 - 2015-05-16 00:10 - 04545280 _____ (Microsoft Corporation ) C:\Users\Dolge\Downloads\setup.exe
2015-05-15 23:22 - 2015-05-15 23:22 - 00000000 ____D C:\ProgramData\Stardock
2015-05-15 23:20 - 2015-05-15 23:20 - 00000831 _____ C:\Users\Dolge\Desktop\Galactic Civilizations III.lnk
2015-05-15 23:20 - 2015-05-15 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Galactic Civilizations III
2015-05-15 19:43 - 2015-05-15 19:43 - 00001612 _____ C:\Users\Public\Desktop\Not A Hero.lnk
2015-05-15 18:44 - 2015-05-15 21:41 - 00000000 ____D C:\Users\Dolge\Documents\Windward
2015-05-15 18:41 - 2015-06-05 11:14 - 00000000 ____D C:\Program Files (x86)\Windward
2015-05-15 18:39 - 2015-05-15 20:01 - 00000000 ____D C:\Users\Dolge\Downloads\Galactic.Civilizations.III-CODEX
2015-05-15 18:36 - 2015-05-15 18:36 - 00000000 ____D C:\Users\Dolge\Downloads\Not a hero
2015-05-15 18:34 - 2015-06-05 12:27 - 00000000 ____D C:\Users\Dolge\Downloads\Windward
2015-05-13 04:39 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 04:39 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 04:39 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 04:39 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 04:39 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 04:39 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 04:39 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 04:39 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 04:39 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 04:39 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 04:39 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 04:39 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 04:39 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 04:39 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 04:39 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 04:39 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 04:39 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 04:39 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 04:39 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 04:39 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 04:39 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 04:39 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 04:39 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 04:39 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 04:39 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 04:39 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 04:39 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 04:39 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 04:39 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 04:39 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 04:39 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 04:39 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 04:39 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 04:39 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 04:39 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 04:39 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 04:39 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 04:39 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 04:39 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 04:39 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 04:39 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 04:39 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 04:39 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 04:39 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 04:39 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 04:39 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 04:39 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 04:39 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 04:39 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 04:39 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 04:39 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 04:39 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 04:39 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 04:38 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 04:38 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 04:38 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 04:38 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 04:38 - 2015-04-10 18:54 - 17881088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 04:38 - 2015-04-10 18:44 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 04:38 - 2015-04-10 18:43 - 10935808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 04:38 - 2015-04-10 18:43 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 04:38 - 2015-04-10 18:39 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 04:38 - 2015-04-10 18:39 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 04:38 - 2015-04-10 18:38 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 04:38 - 2015-04-10 18:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 04:38 - 2015-04-10 18:37 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 04:38 - 2015-04-10 18:37 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 04:38 - 2015-04-10 18:37 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 04:38 - 2015-04-10 18:37 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 04:38 - 2015-04-10 18:37 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 04:38 - 2015-04-10 18:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 04:38 - 2015-04-10 18:37 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 04:38 - 2015-04-10 18:37 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-13 04:38 - 2015-04-10 18:37 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 04:38 - 2015-04-10 18:37 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 04:38 - 2015-04-10 18:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 04:38 - 2015-04-10 18:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-13 04:38 - 2015-04-10 18:37 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-13 04:38 - 2015-04-10 18:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-13 04:38 - 2015-04-10 17:30 - 12379136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 04:38 - 2015-04-10 17:25 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 04:38 - 2015-04-10 17:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 04:38 - 2015-04-10 17:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 04:38 - 2015-04-10 17:21 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 04:38 - 2015-04-10 17:20 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 04:38 - 2015-04-10 17:20 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 04:38 - 2015-04-10 17:19 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 04:38 - 2015-04-10 17:19 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 04:38 - 2015-04-10 17:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 04:38 - 2015-04-10 17:19 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 04:38 - 2015-04-10 17:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 04:38 - 2015-04-10 17:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-05-13 04:38 - 2015-04-10 17:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 04:38 - 2015-04-10 17:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 04:38 - 2015-04-10 17:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 04:38 - 2015-04-10 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 04:38 - 2015-04-10 17:18 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 04:38 - 2015-04-10 17:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 04:38 - 2015-04-10 17:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-05-13 04:38 - 2015-04-10 17:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-05-13 04:38 - 2015-04-10 17:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-05-13 04:37 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 04:37 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 04:37 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-06 11:33 - 2012-11-05 16:51 - 00000000 ____D C:\Users\Dolge
2015-06-06 11:31 - 2013-09-24 16:23 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-06 11:23 - 2012-11-07 20:52 - 00000000 ____D C:\Users\Dolge\AppData\Local\PMB Files
2015-06-06 11:22 - 2013-04-06 14:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-06 11:02 - 2009-07-14 06:45 - 00014816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-06 11:02 - 2009-07-14 06:45 - 00014816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-06 10:59 - 2012-11-05 16:46 - 01229595 _____ C:\Windows\WindowsUpdate.log
2015-06-06 10:55 - 2015-02-06 17:22 - 00000000 ____D C:\Users\Dolge\AppData\Roaming\Raptr
2015-06-06 10:55 - 2012-11-07 19:01 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-06 10:52 - 2013-08-27 15:50 - 00000000 ____D C:\Users\Dolge\AppData\Local\LogMeIn Hamachi
2015-06-06 10:52 - 2012-11-08 20:01 - 00000000 ____D C:\Users\Dolge\AppData\Roaming\Skype
2015-06-06 10:51 - 2015-03-23 19:26 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-06 10:50 - 2013-09-24 16:23 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-06 10:50 - 2012-11-07 19:29 - 01012680 _____ C:\Windows\PFRO.log
2015-06-06 10:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-06 10:50 - 2009-07-14 06:51 - 00035658 _____ C:\Windows\setupact.log
2015-06-06 10:49 - 2014-03-28 01:25 - 00000000 ____D C:\Program Files\GO2Bot
2015-06-06 10:27 - 2014-11-03 20:45 - 00000000 ____D C:\Users\Dolge\AppData\Local\Battle.net
2015-06-06 02:48 - 2012-11-07 18:34 - 00000000 ____D C:\Users\Dolge\AppData\Roaming\Mozilla
2015-06-06 02:48 - 2012-11-07 18:34 - 00000000 ____D C:\Users\Dolge\AppData\Local\Mozilla
2015-06-05 21:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-05 15:09 - 2014-08-23 17:31 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-05 15:08 - 2013-02-20 16:56 - 00000000 ____D C:\Windows\SysWOW64\SupportAppCB
2015-06-05 15:08 - 2012-11-05 17:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-05 15:06 - 2015-02-27 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wolfman's missions
2015-06-05 14:52 - 2009-07-14 19:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-06-05 14:52 - 2009-07-14 19:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-06-05 14:52 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-05 14:41 - 2009-07-14 06:45 - 00274240 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-05 14:40 - 2012-11-09 12:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-05 14:40 - 2012-11-09 12:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-05 00:14 - 2012-11-08 20:01 - 00000000 ____D C:\ProgramData\Skype
2015-06-05 00:07 - 2015-02-25 03:36 - 00000000 ____D C:\Users\Dolge\AppData\Roaming\BitTorrent
2015-06-04 23:45 - 2013-04-06 14:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-04 23:45 - 2012-11-07 20:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-04 23:45 - 2012-11-07 20:14 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-04 23:39 - 2014-03-18 17:01 - 00000000 ____D C:\Program Files (x86)\GO2Bot
2015-06-04 21:24 - 2012-11-07 19:12 - 00000000 ____D C:\Games
2015-06-04 21:22 - 2014-12-06 15:46 - 00001053 _____ C:\Users\Dolge\Desktop\ Star Conflict Launcher.lnk
2015-06-04 21:22 - 2014-02-27 03:29 - 00001878 _____ C:\Users\Public\Desktop\WarThunder.lnk
2015-06-04 21:22 - 2012-11-05 16:51 - 00001745 _____ C:\Users\Dolge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-04 21:22 - 2012-11-05 16:51 - 00001723 _____ C:\Users\Dolge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-06-04 17:33 - 2014-06-29 13:04 - 00000000 ____D C:\Users\Dolge\AppData\Roaming\Winamp
2015-06-04 01:58 - 2014-03-30 16:18 - 00000223 _____ C:\Users\Dolge\Desktop\Neues Textdokument.txt
2015-06-02 21:41 - 2014-01-08 01:54 - 00005736 _____ C:\Users\Dolge\Desktop\GO2 Aufträge.txt
2015-05-29 00:33 - 2012-11-07 19:02 - 00000000 ____D C:\Program Files (x86)\Google
2015-05-19 17:32 - 2013-08-04 13:14 - 00000000 ____D C:\Windows\system32\MRT
2015-05-19 17:32 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-19 17:24 - 2012-11-09 13:09 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-19 17:12 - 2012-11-09 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-19 17:06 - 2014-08-22 15:45 - 00000000 ____D C:\Users\Dolge\AppData\Local\Adobe
2015-05-19 17:03 - 2015-02-06 17:22 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-05-17 22:31 - 2012-11-07 20:21 - 00000000 ____D C:\Users\Dolge\AppData\Roaming\vlc
2015-05-16 14:28 - 2012-11-05 17:01 - 00061128 _____ C:\Users\Dolge\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-16 02:26 - 2013-09-24 16:23 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 02:26 - 2013-09-24 16:23 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 23:23 - 2013-05-12 22:34 - 00000000 ____D C:\Users\Dolge\AppData\Local\Stardock
2015-05-15 23:20 - 2012-11-09 14:17 - 00000000 ____D C:\Users\Dolge\Documents\My Games
2015-05-15 19:43 - 2013-12-17 04:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-05-15 19:43 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

==================== Files in the root of some directories =======

2012-11-07 20:40 - 2014-03-16 22:35 - 0007600 _____ () C:\Users\Dolge\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-05 21:25

==================== End of log ============================

 

Themen zu Win 7: istartsurf eingefangen/updates gehen nirgends mehr
akamai, antivirus, bluestacks, bonjour, desktop, downloader, firefox, flash player, google, homepage, iexplore.exe, installation, internet explorer, mozilla, problem, programm, realtek, registry, safer networking, scan, security, server, software, super, svchost.exe, system, updates, windows


« Zufälliger PC-Neustart + Zufälliger Bluescreen (2 versch. Probleme) | Trojaner "c:\windows\system32\svchost.exe "Avast - Infektion geblockt" »


Ähnliche Themen: Win 7: istartsurf eingefangen/updates gehen nirgends mehr


  1. OurSurfing.com Istartsurf und andere Infektionen eingefangen
    Plagegeister aller Art und deren Bekämpfung - 05.05.2015 (35)
  2. Webseiten werden umgeleitet - iStartSurf und mehr
    Log-Analyse und Auswertung - 07.04.2015 (20)
  3. iStartSurf / Goobzo eingefangen...
    Log-Analyse und Auswertung - 02.10.2014 (27)
  4. iStartSurf.com (iStartSurf) entfernen
    Anleitungen, FAQs & Links - 23.07.2014 (2)
  5. Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)
    Log-Analyse und Auswertung - 31.03.2014 (15)
  6. Updates gehen nicht mehr
    Alles rund um Windows - 16.12.2013 (14)
  7. Programme gehen nicht mehr, kein Antivirenprogramm mehr
    Log-Analyse und Auswertung - 26.10.2012 (11)
  8. Hab ich mir was eingefangen? rechner lahmt seiten gehen auf otl log anbei
    Plagegeister aller Art und deren Bekämpfung - 23.07.2012 (4)
  9. Firefox 4: kann nirgends mehr einloggen und erhalte ständig Meldung 302
    Plagegeister aller Art und deren Bekämpfung - 15.04.2011 (5)
  10. Updates funktionieren nicht mehr. hab ich mir was eingefangen?
    Log-Analyse und Auswertung - 28.05.2010 (6)
  11. usb ports gehen nicht mehr
    Log-Analyse und Auswertung - 11.01.2010 (2)
  12. Updates gehen nicht mehr, Hijackthis, Spybot etc gehen nicht
    Log-Analyse und Auswertung - 16.09.2009 (16)
  13. Avira updates gehen nicht mehr
    Antiviren-, Firewall- und andere Schutzprogramme - 11.08.2009 (7)
  14. Automatische Updates bei Win XP gehen net
    Log-Analyse und Auswertung - 26.01.2009 (9)
  15. .exe und .com gehen nicht mehr - Virus ?
    Plagegeister aller Art und deren Bekämpfung - 19.11.2008 (5)
  16. .exe dateien gehen nich mehr
    Plagegeister aller Art und deren Bekämpfung - 28.03.2006 (4)
  17. Spybot 1.4 - Updates gehen nicht
    Antiviren-, Firewall- und andere Schutzprogramme - 17.12.2005 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Win 7: istartsurf eingefangen/updates gehen nirgends mehr - Moinsen. ich hab mir dieses lästige Programm istatsurf irgendwie eingefangen. mitsamt ner ganzen anhängerschaft adwares etc. die sind aber schon entfernt, nur das istartsurf selber habe ich noch nich gefunden - Win 7: istartsurf eingefangen/updates gehen nirgends mehr...
Archiv
Du betrachtest: Win 7: istartsurf eingefangen/updates gehen nirgends mehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131