| |
| |||||||
Log-Analyse und Auswertung: Windows 7 - 64bit: PC sehr langsam, Vermutung Malware, Toshiba Service Station ProblemWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.06.2015, 17:52
| #16 |
 |  Windows 7 - 64bit: PC sehr langsam, Vermutung Malware, Toshiba Service Station Problem Fixlog Code:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by Suffian at 2015-06-27 18:17:53 Run:1
Running from C:\Users\Suffian\Desktop\PC Problem
Loaded Profiles: Suffian (Available Profiles: Suffian)
Boot Mode: Normal
==============================================
fixlist content:
*****************
C:\AdwCleaner\Quarantine\C\Users\Suffian\AppData\Local\AnyProtectScannerSetup.exe.vir
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir
C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll.vir
C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe.vir
C:\Qoobox\Quarantine\C\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\64EIPlug.dll.vir
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8W1DGGFQ\rcpsetup_17970[1].exe
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPNCMR09\BlockAndSurf_2222-5510[1].exe
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPNCMR09\sp-standalone-setup[1].exe
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPNCMR09\WIE_2.18.1.12[1].exe
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JXULO4E3\policyname[1].exe
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYOAFIGG\Cloud_Backup_Setup[1].exe
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYOAFIGG\speedupmypc[1].exe
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYOAFIGG\Stub[1].exe
F:\DCIM.exe
F:\4jazzmin.exe
F:\EOSMISC.exe
F:\Workshop Vhs.exe
F:\video2day.exe
F:\rockdaJam Musik 2013.exe
F:\HipHooray Battle 2012.exe
F:\Mahnungen.exe
F:\100CANON.exe
F:\Willkommen.exe
F:\Styles and Elements.exe
F:\Vereinbarungen_Verträge.exe
F:\FotosVideos von Franzi.exe
F:\Rock Da Jam Senior Show+Fotos.exe
F:\Weihnachtsfeier 2012.exe
F:\show xmas 2012.exe
F:\Ironman 2012.exe
F:\Weihnachtsfeiervideos 2012.exe
F:\schneide videos.exe
F:\afropopmusic.exe
F:\Dancehall Musik.exe
F:\Fahrtenbuch 2011.exe
F:\Rock da Jam Senior.exe
F:\Weihnachten '12.exe
F:\Iron Man '13.exe
F:\MUF '12.exe
F:\Rock da jam '12.exe
F:\ROCK DA JAM VIDEOS FOTOS.exe
F:\audi A3 4my babies love u 2 4ever.exe
F:\Chill and Grill '13.exe
F:\MUF '13.exe
F:\Ciara 1 2 Step Videos.exe
F:\Videodreh Kids 2013.exe
F:\Welcome Partyshows.exe
F:\Dienstfahrten 2012.exe
F:\Jonathan Capoeira.exe
F:\aaaausdruck.exe
F:\Klassik_Musik.exe
F:\281014_Music.exe
F:\Series.exe
F:\Pagemaker.exe
F:\Anu_s_wedding.exe
F:\Musik.exe
F:\mixHiphop rnb.exe
F:\oldschoolmix.exe
F:\bboy.exe
F:\Africa music.exe
F:\2006 B&Stylez Grill.exe
F:\Uni.exe
F:\2006 Geb Papa.exe
F:\2006 Geb Suf+Jas.exe
F:\2006 Posen Dul+Suf.exe
F:\2006 WM.exe
F:\2007 Geb Jas+Suf.exe
F:\2007 Jas+Suf Sommer.exe
F:\2007 Xmas.exe
F:\2008 Calpe.exe
F:\2009 Entstehung Dance Studio.exe
F:\2009 Ibiza.exe
F:\2009 Indrani.exe
F:\2009 Geb Suffi Jasmin.exe
F:\2009 Rock da Jam.exe
F:\2009 Xmas.exe
F:\2010 England.exe
F:\2010 Hamburg.exe
F:\Kerala Pics.exe
F:\Noah.exe
F:\Papas 50ster.exe
F:\Urlaub+Reisen.exe
F:\neuer Musikordner.exe
F:\me and you.exe
F:\Amy Winehouse.exe
F:\Onkel.exe
F:\claudia & Lutz.exe
F:\MUF2014.exe
F:\lockingbattle.exe
F:\2012[2009]DvDrip[Eng]-FXG.exe
F:\Freiestraining.exe
F:\bboy1.exe
F:\Poppin music.exe
F:\Funkmusic.exe
F:\hiphop1.exe
F:\modern jazz.exe
F:\latinmusica.exe
F:\Bilder Streetdance Battle 2011.exe
F:\Videos B&S.exe
F:\DivX.exe
F:\HIP HOP HOORAY 2013.exe
F:\New folder.exe
F:\Hesentag -Auftrittsmusik.exe
F:\Sony_VideoCam Restore Juni2011.exe
F:\Warmup.exe
F:\Hip Hop Battle.exe
F:\bboy battle Ko runden2011.exe
F:\Bilder Rock da Jam2011.exe
F:\Bilder Kids Battle - 2011-06-26.exe
F:\Interkult2011.exe
F:\Workshop Hiphop Kidz April.exe
F:\Fotos Ostend.exe
F:\ZUMBA.exe
F:\Neuer Ordner.exe
F:\Pagemaker\PAGEMAKER\_ISDEL.EXE
F:\Pagemaker\PAGEMAKER\SETUP.EXE
F:\$RECYCLE.BIN\$RI6GPQW.exe
F:\$RECYCLE.BIN\$RKQZQNQ.exe
F:\$RECYCLE.BIN\$R71ZIAU.exe
F:\$RECYCLE.BIN\$R38D538.exe
F:\DivX\DivX Converter\DivX Converter.exe
F:\DivX\DivX Player\DivX Player.exe
F:\DivX\DivX Updater\DivXVersionChecker.exe
F:\Brothers&Stylez alte sachen\avm_fritz!wlan_usb_stick_build_080905.exe
Removeproxy:
Emptytemp:
*****************
C:\AdwCleaner\Quarantine\C\Users\Suffian\AppData\Local\AnyProtectScannerSetup.exe.vir => moved successfully.
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir => moved successfully.
C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll.vir => moved successfully.
C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe.vir => moved successfully.
C:\Qoobox\Quarantine\C\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\64EIPlug.dll.vir => moved successfully.
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8W1DGGFQ\rcpsetup_17970[1].exe => moved successfully.
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPNCMR09\BlockAndSurf_2222-5510[1].exe => moved successfully.
"C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPNCMR09\sp-standalone-setup[1].exe" => File/Folder not found.
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPNCMR09\WIE_2.18.1.12[1].exe => moved successfully.
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JXULO4E3\policyname[1].exe => moved successfully.
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYOAFIGG\Cloud_Backup_Setup[1].exe => moved successfully.
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYOAFIGG\speedupmypc[1].exe => moved successfully.
C:\Users\Suffian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYOAFIGG\Stub[1].exe => moved successfully.
"F:\DCIM.exe" => File/Folder not found.
"F:\4jazzmin.exe" => File/Folder not found.
"F:\EOSMISC.exe" => File/Folder not found.
"F:\Workshop Vhs.exe" => File/Folder not found.
"F:\video2day.exe" => File/Folder not found.
"F:\rockdaJam Musik 2013.exe" => File/Folder not found.
"F:\HipHooray Battle 2012.exe" => File/Folder not found.
"F:\Mahnungen.exe" => File/Folder not found.
"F:\100CANON.exe" => File/Folder not found.
"F:\Willkommen.exe" => File/Folder not found.
"F:\Styles and Elements.exe" => File/Folder not found.
"F:\Vereinbarungen_Verträge.exe" => File/Folder not found.
"F:\FotosVideos von Franzi.exe" => File/Folder not found.
"F:\Rock Da Jam Senior Show+Fotos.exe" => File/Folder not found.
"F:\Weihnachtsfeier 2012.exe" => File/Folder not found.
"F:\show xmas 2012.exe" => File/Folder not found.
"F:\Ironman 2012.exe" => File/Folder not found.
"F:\Weihnachtsfeiervideos 2012.exe" => File/Folder not found.
"F:\schneide videos.exe" => File/Folder not found.
"F:\afropopmusic.exe" => File/Folder not found.
"F:\Dancehall Musik.exe" => File/Folder not found.
"F:\Fahrtenbuch 2011.exe" => File/Folder not found.
"F:\Rock da Jam Senior.exe" => File/Folder not found.
"F:\Weihnachten '12.exe" => File/Folder not found.
"F:\Iron Man '13.exe" => File/Folder not found.
"F:\MUF '12.exe" => File/Folder not found.
"F:\Rock da jam '12.exe" => File/Folder not found.
"F:\ROCK DA JAM VIDEOS FOTOS.exe" => File/Folder not found.
"F:\audi A3 4my babies love u 2 4ever.exe" => File/Folder not found.
"F:\Chill and Grill '13.exe" => File/Folder not found.
"F:\MUF '13.exe" => File/Folder not found.
"F:\Ciara 1 2 Step Videos.exe" => File/Folder not found.
"F:\Videodreh Kids 2013.exe" => File/Folder not found.
"F:\Welcome Partyshows.exe" => File/Folder not found.
"F:\Dienstfahrten 2012.exe" => File/Folder not found.
"F:\Jonathan Capoeira.exe" => File/Folder not found.
"F:\aaaausdruck.exe" => File/Folder not found.
"F:\Klassik_Musik.exe" => File/Folder not found.
"F:\281014_Music.exe" => File/Folder not found.
"F:\Series.exe" => File/Folder not found.
"F:\Pagemaker.exe" => File/Folder not found.
"F:\Anu_s_wedding.exe" => File/Folder not found.
"F:\Musik.exe" => File/Folder not found.
"F:\mixHiphop rnb.exe" => File/Folder not found.
"F:\oldschoolmix.exe" => File/Folder not found.
"F:\bboy.exe" => File/Folder not found.
"F:\Africa music.exe" => File/Folder not found.
"F:\2006 B&Stylez Grill.exe" => File/Folder not found.
"F:\Uni.exe" => File/Folder not found.
"F:\2006 Geb Papa.exe" => File/Folder not found.
"F:\2006 Geb Suf+Jas.exe" => File/Folder not found.
"F:\2006 Posen Dul+Suf.exe" => File/Folder not found.
"F:\2006 WM.exe" => File/Folder not found.
"F:\2007 Geb Jas+Suf.exe" => File/Folder not found.
"F:\2007 Jas+Suf Sommer.exe" => File/Folder not found.
"F:\2007 Xmas.exe" => File/Folder not found.
"F:\2008 Calpe.exe" => File/Folder not found.
"F:\2009 Entstehung Dance Studio.exe" => File/Folder not found.
"F:\2009 Ibiza.exe" => File/Folder not found.
"F:\2009 Indrani.exe" => File/Folder not found.
"F:\2009 Geb Suffi Jasmin.exe" => File/Folder not found.
"F:\2009 Rock da Jam.exe" => File/Folder not found.
"F:\2009 Xmas.exe" => File/Folder not found.
"F:\2010 England.exe" => File/Folder not found.
"F:\2010 Hamburg.exe" => File/Folder not found.
"F:\Kerala Pics.exe" => File/Folder not found.
"F:\Noah.exe" => File/Folder not found.
"F:\Papas 50ster.exe" => File/Folder not found.
"F:\Urlaub+Reisen.exe" => File/Folder not found.
"F:\neuer Musikordner.exe" => File/Folder not found.
"F:\me and you.exe" => File/Folder not found.
"F:\Amy Winehouse.exe" => File/Folder not found.
"F:\Onkel.exe" => File/Folder not found.
"F:\claudia & Lutz.exe" => File/Folder not found.
"F:\MUF2014.exe" => File/Folder not found.
"F:\lockingbattle.exe" => File/Folder not found.
"F:\2012[2009]DvDrip[Eng]-FXG.exe" => File/Folder not found.
"F:\Freiestraining.exe" => File/Folder not found.
"F:\bboy1.exe" => File/Folder not found.
"F:\Poppin music.exe" => File/Folder not found.
"F:\Funkmusic.exe" => File/Folder not found.
"F:\hiphop1.exe" => File/Folder not found.
"F:\modern jazz.exe" => File/Folder not found.
"F:\latinmusica.exe" => File/Folder not found.
"F:\Bilder Streetdance Battle 2011.exe" => File/Folder not found.
"F:\Videos B&S.exe" => File/Folder not found.
"F:\DivX.exe" => File/Folder not found.
"F:\HIP HOP HOORAY 2013.exe" => File/Folder not found.
"F:\New folder.exe" => File/Folder not found.
"F:\Hesentag -Auftrittsmusik.exe" => File/Folder not found.
"F:\Sony_VideoCam Restore Juni2011.exe" => File/Folder not found.
"F:\Warmup.exe" => File/Folder not found.
"F:\Hip Hop Battle.exe" => File/Folder not found.
"F:\bboy battle Ko runden2011.exe" => File/Folder not found.
"F:\Bilder Rock da Jam2011.exe" => File/Folder not found.
"F:\Bilder Kids Battle - 2011-06-26.exe" => File/Folder not found.
"F:\Interkult2011.exe" => File/Folder not found.
"F:\Workshop Hiphop Kidz April.exe" => File/Folder not found.
"F:\Fotos Ostend.exe" => File/Folder not found.
"F:\ZUMBA.exe" => File/Folder not found.
"F:\Neuer Ordner.exe" => File/Folder not found.
"F:\Pagemaker\PAGEMAKER\_ISDEL.EXE" => File/Folder not found.
"F:\Pagemaker\PAGEMAKER\SETUP.EXE" => File/Folder not found.
"F:\$RECYCLE.BIN\$RI6GPQW.exe" => File/Folder not found.
"F:\$RECYCLE.BIN\$RKQZQNQ.exe" => File/Folder not found.
"F:\$RECYCLE.BIN\$R71ZIAU.exe" => File/Folder not found.
"F:\$RECYCLE.BIN\$R38D538.exe" => File/Folder not found.
"F:\DivX\DivX Converter\DivX Converter.exe" => File/Folder not found.
"F:\DivX\DivX Player\DivX Player.exe" => File/Folder not found.
"F:\DivX\DivX Updater\DivXVersionChecker.exe" => File/Folder not found.
"F:\Brothers&Stylez alte sachen\avm_fritz!wlan_usb_stick_build_080905.exe" => File/Folder not found.
========= RemoveProxy: =========
"HKU\S-1-5-21-454062802-4211535203-1480594490-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-454062802-4211535203-1480594490-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-454062802-4211535203-1480594490-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
EmptyTemp: => 510.1 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 18:19:08 ====
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015 Ran by Suffian (administrator) on SUFFIAN-TOSH on 27-06-2015 18:50:19 Running from C:\Users\Suffian\Desktop\PC Problem Loaded Profiles: Suffian (Available Profiles: Suffian) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Dropbox, Inc.) C:\Users\Suffian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation) HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-28] (Realtek Semiconductor) HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation) HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation) HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation) HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation) HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-05-30] (Toshiba Europe GmbH) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2967352 2012-11-06] (Synaptics Incorporated) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-01-07] (Nero AG) HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.) HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-12-04] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-454062802-4211535203-1480594490-1001\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [846936 2011-05-16] (TOSHIBA) HKU\S-1-5-21-454062802-4211535203-1480594490-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-23] (Google Inc.) HKU\S-1-5-21-454062802-4211535203-1480594490-1001\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-454062802-4211535203-1480594490-1001\...\Run: [Dropbox Update] => C:\Users\Suffian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.) HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk [2011-05-30] ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-30] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-30] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Suffian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-08-02] ShortcutTarget: Dropbox.lnk -> C:\Users\Suffian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-12-04] (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Suffian\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-454062802-4211535203-1480594490-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-454062802-4211535203-1480594490-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006 HKU\S-1-5-21-454062802-4211535203-1480594490-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/places?touch=4&cat=1 SearchScopes: HKLM -> {A311D5B2-E19C-42D8-9AEE-22F8F27397B7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-454062802-4211535203-1480594490-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-454062802-4211535203-1480594490-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-04] (AVAST Software) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-06-15] (Google Inc.) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-04] (AVAST Software) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-06-15] (Google Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-06-15] (Google Inc.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-06-15] (Google Inc.) Toolbar: HKU\S-1-5-21-454062802-4211535203-1480594490-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-06-15] (Google Inc.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27] (Skype Technologies S.A.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Suffian\AppData\Roaming\Mozilla\Firefox\Profiles\4ipxp9ve.default FF DefaultSearchEngine: Google (avast) FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006 FF SearchEngineOrder.1: Google (avast) FF SelectedSearchEngine: Google (avast) FF Homepage: https://www.google.com/?trackid=sp-006 FF Keyword.URL: https://www.google.com/search/?trackid=sp-006 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-23] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-23] () FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-23] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-15] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Suffian\AppData\Roaming\Mozilla\Firefox\Profiles\4ipxp9ve.default\searchplugins\google-avast.xml [2015-03-01] FF Extension: Avira Browser Safety - C:\Users\Suffian\AppData\Roaming\Mozilla\Firefox\Profiles\4ipxp9ve.default\Extensions\abs@avira.com [2014-11-20] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Suffian\AppData\Roaming\Mozilla\Firefox\Profiles\4ipxp9ve.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-12-06] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-06-03] FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-10-09] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-04] FF HKU\S-1-5-21-454062802-4211535203-1480594490-1001\...\Firefox\Extensions: [{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}] - C:\Program Files (x86)\LyriXeeker\130.xpi FF HKU\S-1-5-21-454062802-4211535203-1480594490-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-06] Chrome: ======= CHR Profile: C:\Users\Suffian\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Suffian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-27] CHR Extension: (Google Docs) - C:\Users\Suffian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-27] CHR Extension: (Google Drive) - C:\Users\Suffian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-27] CHR Extension: (YouTube) - C:\Users\Suffian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-27] CHR Extension: (Google Search) - C:\Users\Suffian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-27] CHR Extension: (Google Sheets) - C:\Users\Suffian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-27] CHR Extension: (Avira Browser Safety) - C:\Users\Suffian\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-06-27] CHR Extension: (Avast Online Security) - C:\Users\Suffian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-27] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Suffian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-27] CHR Extension: (Google Wallet) - C:\Users\Suffian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-27] CHR Extension: (Gmail) - C:\Users\Suffian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-27] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-04] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-04] (AVAST Software) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed] R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-04] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-04] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-04] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-04] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-04] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-04] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-04] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-04] () S3 Impcd; C:\Windows\System32\DRIVERS\Impcd.sys [158976 2010-02-27] (Intel Corporation) [File not signed] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-06-27] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation ) S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-27 18:40 - 2015-06-27 18:40 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-06-27 18:40 - 2015-06-27 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-06-27 18:38 - 2015-06-27 18:39 - 00931408 _____ (Google Inc.) C:\Users\Suffian\Desktop\ChromeSetup.exe 2015-06-27 18:30 - 2015-06-27 18:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Suffian\Desktop\revosetup95.exe 2015-06-23 13:38 - 2015-06-27 18:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-23 13:38 - 2015-06-23 18:36 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-06-23 13:35 - 2015-06-23 13:34 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-06-23 13:34 - 2015-06-23 13:36 - 00000000 ____D C:\ProgramData\Oracle 2015-06-23 13:34 - 2015-06-23 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-06-16 17:07 - 2015-06-16 17:07 - 00000000 ____D C:\Program Files (x86)\ESET 2015-06-16 17:05 - 2015-06-16 10:16 - 02870984 _____ (ESET) C:\Users\Suffian\Desktop\esetsmartinstaller_deu.exe 2015-06-16 17:05 - 2015-06-16 10:14 - 00852639 _____ C:\Users\Suffian\Desktop\SecurityCheck.exe 2015-06-16 14:51 - 2015-06-16 14:51 - 00000000 ____D C:\Users\Suffian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-06-16 14:50 - 2015-06-27 16:55 - 00001232 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-454062802-4211535203-1480594490-1001UA.job 2015-06-16 14:50 - 2015-06-27 14:55 - 00001180 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-454062802-4211535203-1480594490-1001Core.job 2015-06-16 14:50 - 2015-06-16 14:50 - 00004206 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-454062802-4211535203-1480594490-1001UA 2015-06-16 14:50 - 2015-06-16 14:50 - 00003810 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-454062802-4211535203-1480594490-1001Core 2015-06-16 14:50 - 2015-06-16 14:50 - 00000000 ____D C:\Users\Suffian\AppData\Local\Dropbox 2015-06-16 14:50 - 2015-06-16 14:50 - 00000000 ____D C:\ProgramData\Dropbox 2015-06-15 17:58 - 2015-06-15 17:58 - 00000207 _____ C:\Windows\tweaking.com-regbackup-SUFFIAN-TOSH-Windows-7-Home-Premium-(64-bit).dat 2015-06-15 17:58 - 2015-06-15 17:58 - 00000000 ____D C:\RegBackup 2015-06-15 17:30 - 2015-06-15 17:53 - 00000000 ____D C:\AdwCleaner 2015-06-15 15:51 - 2015-06-27 18:47 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-15 15:51 - 2015-06-27 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-06-15 15:51 - 2015-06-27 18:14 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-06-15 15:51 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-06-15 15:51 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-06-15 15:51 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-06-15 15:51 - 2015-06-15 15:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-06-15 06:37 - 2015-06-15 06:47 - 271063435 ____R C:\Users\Suffian\Desktop\Brothers & Stylez.mov 2015-06-15 06:27 - 2015-06-15 06:35 - 167648103 ____R C:\Users\Suffian\Desktop\Brothers & Stylez_Interviews.mov 2015-06-12 17:17 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-06-12 17:17 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-06-12 17:17 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-06-12 17:17 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-06-12 17:17 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-06-12 17:17 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-06-12 17:17 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-06-12 17:17 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-06-12 17:17 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-06-12 17:17 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-06-12 17:17 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-06-12 17:17 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-06-12 17:17 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-06-12 17:17 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-06-12 17:17 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-06-12 17:17 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-06-12 17:17 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-06-12 17:17 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-06-12 17:17 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-06-12 17:17 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-06-12 17:17 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-06-12 17:17 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-06-12 17:17 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2015-06-12 17:17 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2015-06-12 17:17 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-06-12 17:17 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2015-06-12 17:17 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2015-06-12 17:17 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-06-12 17:17 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2015-06-12 17:17 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-06-12 17:17 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-06-12 17:17 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-06-12 17:17 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-12 17:17 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2015-06-12 17:16 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-06-12 17:16 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-06-12 17:16 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-06-12 17:16 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-12 17:16 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-06-12 17:16 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-06-12 17:16 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-06-12 17:16 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-06-12 17:15 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-12 17:15 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-12 17:15 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-12 17:15 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-12 17:15 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-12 17:15 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-06-12 17:15 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-06-12 17:15 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-06-12 17:15 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-06-12 17:15 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-06-12 17:14 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-12 17:14 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-06-12 17:14 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-12 17:14 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-06-12 17:14 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-06-12 17:14 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-06-12 17:14 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-06-12 17:14 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-06-12 17:14 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-06-12 17:14 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-06-12 17:14 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-06-12 17:14 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-06-12 17:14 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-06-12 17:14 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-06-12 17:14 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-06-12 17:14 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-06-12 17:14 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-06-12 17:14 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-06-12 17:14 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-06-12 17:14 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-06-12 17:14 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-06-12 17:14 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-06-12 17:14 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-06-12 17:14 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-06-12 17:14 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-06-12 17:14 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-06-12 17:14 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-06-12 17:14 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-06-12 17:14 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-06-12 17:14 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-06-12 17:14 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-12 17:14 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-12 17:14 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-12 17:14 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-12 17:14 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-12 17:14 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-12 17:14 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-12 17:14 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-12 17:14 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-12 17:14 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-12 17:14 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-12 17:14 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-12 17:14 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-12 17:14 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-12 17:14 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-12 17:14 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-12 17:14 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-06-12 17:14 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-12 17:14 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-12 17:14 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-12 17:14 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-12 17:14 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-12 17:14 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-12 17:14 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-12 17:14 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-12 17:14 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-06-12 17:14 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-12 17:14 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-12 17:14 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-12 17:14 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-11 20:15 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-11 15:53 - 2015-06-11 15:53 - 00035503 _____ C:\ComboFix.txt 2015-06-11 15:38 - 2015-06-11 15:53 - 00000000 ____D C:\Qoobox 2015-06-11 15:38 - 2015-06-11 15:52 - 00000000 ____D C:\Windows\erdnt 2015-06-11 15:38 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2015-06-11 15:38 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2015-06-11 15:38 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-06-11 15:38 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-06-11 15:38 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-06-11 15:38 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2015-06-11 15:38 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2015-06-11 15:38 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2015-06-11 15:01 - 2015-06-27 18:30 - 00001271 _____ C:\Users\Suffian\Desktop\Revo Uninstaller.lnk 2015-06-11 15:01 - 2015-06-11 15:01 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2015-06-10 16:25 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-10 16:24 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-10 16:24 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-10 16:24 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-10 16:24 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-10 16:24 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-10 16:24 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-10 16:24 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-10 15:04 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys 2015-06-09 14:33 - 2015-06-27 18:50 - 00000000 ____D C:\FRST 2015-06-09 14:24 - 2015-06-27 18:19 - 00000000 ____D C:\Users\Suffian\Desktop\PC Problem 2015-06-09 14:24 - 2015-06-09 14:24 - 00000000 _____ C:\Users\Suffian\defogger_reenable 2015-06-03 17:03 - 2015-06-23 13:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-02 07:07 - 2015-06-02 07:13 - 00000000 ____D C:\Users\Suffian\Desktop\Crew Pics 2015-05-31 15:07 - 2015-05-31 15:10 - 00000000 ____D C:\Users\Suffian\Desktop\Kids Bergen Enkheim ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-27 18:42 - 2012-10-05 22:47 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-27 18:41 - 2012-10-05 22:47 - 00000000 ____D C:\Users\Suffian\AppData\Local\Google 2015-06-27 18:40 - 2012-10-05 22:47 - 00000000 ____D C:\Program Files (x86)\Google 2015-06-27 18:30 - 2009-07-14 06:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-27 18:30 - 2009-07-14 06:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-27 18:23 - 2013-08-02 11:06 - 00000000 ___RD C:\Users\Suffian\Dropbox 2015-06-27 18:23 - 2013-08-02 10:59 - 00000000 ____D C:\Users\Suffian\AppData\Roaming\Dropbox 2015-06-27 18:21 - 2013-10-10 12:08 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec5a0aeaa77bc.job 2015-06-27 18:21 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-27 18:20 - 2011-07-18 19:46 - 01898834 _____ C:\Windows\WindowsUpdate.log 2015-06-27 18:20 - 2009-07-14 06:51 - 00181182 _____ C:\Windows\setupact.log 2015-06-27 12:23 - 2010-11-21 08:50 - 00700134 _____ C:\Windows\system32\perfh007.dat 2015-06-27 12:23 - 2010-11-21 08:50 - 00149984 _____ C:\Windows\system32\perfc007.dat 2015-06-27 12:23 - 2009-07-14 07:13 - 01622236 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-26 20:40 - 2014-12-04 17:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-06-26 16:48 - 2013-08-15 15:56 - 00000000 ____D C:\Users\Suffian\Desktop\Freestyle Beats 2015-06-23 18:53 - 2013-08-27 18:42 - 00000000 ____D C:\Users\Suffian\Desktop\Bodylanguage 2015-06-23 18:36 - 2012-05-31 17:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-06-23 18:36 - 2011-11-17 14:48 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-23 13:39 - 2014-11-30 23:49 - 00000000 __SHD C:\Users\Suffian\AppData\Local\EmieBrowserModeList 2015-06-23 13:39 - 2014-04-25 10:20 - 00000000 __SHD C:\Users\Suffian\AppData\Local\EmieUserList 2015-06-23 13:39 - 2014-04-25 10:20 - 00000000 __SHD C:\Users\Suffian\AppData\Local\EmieSiteList 2015-06-23 13:39 - 2012-03-10 20:42 - 00000000 ____D C:\Users\Suffian\AppData\Local\Adobe 2015-06-23 13:36 - 2011-05-30 10:12 - 00000000 ____D C:\Program Files (x86)\Java 2015-06-23 13:08 - 2013-03-29 08:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-06-20 12:32 - 2013-08-15 16:11 - 00000000 ____D C:\Users\Suffian\Desktop\Breakdance 2015-06-19 17:53 - 2015-04-26 00:11 - 00000000 ____D C:\Users\Suffian\Desktop\Bday Workshop Linda 2015-06-19 16:42 - 2014-05-10 20:17 - 00000000 ____D C:\Users\Suffian\Desktop\Musik für MUF 2014 2015-06-18 18:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-06-15 17:54 - 2010-11-21 05:47 - 00687222 _____ C:\Windows\PFRO.log 2015-06-15 17:53 - 2011-09-08 10:48 - 00001006 _____ C:\Users\Suffian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-06-15 17:53 - 2011-09-08 10:40 - 00000000 ____D C:\Users\Suffian 2015-06-15 17:37 - 2013-12-04 16:51 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cec5a0aeaa77bc 2015-06-15 17:37 - 2012-10-05 22:47 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-06-14 00:27 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2015-06-13 12:08 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-06-13 12:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-06-12 16:52 - 2009-07-14 06:45 - 00396928 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-11 15:53 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2015-06-11 15:50 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2015-06-11 12:42 - 2015-04-16 20:50 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-11 12:42 - 2014-05-07 16:11 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-10 19:50 - 2013-08-15 14:50 - 00000000 ____D C:\Windows\system32\MRT 2015-06-10 19:49 - 2012-03-10 21:15 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-06-09 14:21 - 2014-04-30 15:26 - 00000000 ____D C:\Users\Suffian\Desktop\RdJKids 2015-06-08 12:03 - 2014-08-08 10:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-06-02 07:15 - 2013-11-14 17:17 - 00000000 ____D C:\Users\Suffian\Desktop\Lg 2015-05-31 15:08 - 2014-12-10 17:51 - 00000000 ____D C:\Users\Suffian\Desktop\xmas show 2014 noch bearbeiten 2015-05-31 14:08 - 2015-04-28 19:04 - 00154002 _____ C:\Users\Suffian\Desktop\Freestyle Kids 2014 Welcome Party.MMM ==================== Files in the root of some directories ======= 2013-12-19 13:50 - 2014-10-21 19:50 - 0000201 _____ () C:\Users\Suffian\AppData\Roaming\WB.CFG 2013-10-09 19:22 - 2013-10-09 19:22 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-03-10 21:50 - 2012-03-10 21:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Some files in TEMP: ==================== C:\Users\Suffian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphaf_fi.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-24 20:05 ==================== End of log ============================ |
|
27.06.2015, 18:21
| #17 |
| | Windows 7 - 64bit: PC sehr langsam, Vermutung Malware, Toshiba Service Station Problem Hi Schrauber, danke für Deinen Support bis an diese Stelle. Nach dem Neustart werden aktuell die angehängten Meldungen angezeigt. Kann hiermit nicht viel anfangen, hast du einen Tipp? Müsste hier die Toshiba Service Station ggf. neu installiert werden?! Danke vorab + VG Carlos |
|
27.06.2015, 18:29
| #18 |
| | Windows 7 - 64bit: PC sehr langsam, Vermutung Malware, Toshiba Service Station Problem ...weiterhin wurden zahlreiche meiner Dateien von Avast in Quarantäne verschoben, ist es möglich scheinbar infizierte Dateien zu retten? Wenn ja, wie? Teilweise sind es Dateien, die ich noch benötige...
__________________Danke + VG Carlos |
|
28.06.2015, 12:18
| #19 |
| /// the machine /// TB-Ausbilder    | Windows 7 - 64bit: PC sehr langsam, Vermutung Malware, Toshiba Service Station Problem Avast öffnen, es sollte dort ne Option geben die Dateien aus der Quarantäne zu lassen. Kommt die Toshiba Meldung auch nach weiterem Reboot?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.06.2015, 14:02
| #20 |
| | Windows 7 - 64bit: PC sehr langsam, Vermutung Malware, Toshiba Service Station Problem Hallo Schrauber, die Toshiba Meldung kommt bei jedem Neustart wieder. Bzgl. der wiederherzustellenden Dateien, hier habe ich versucht einen Ordner wiederherzustellen. Nach der Wiederherstellung wollte ich diesen Ordner öffnen, dann kam aber eine Virus-Meldung. (siehe Screenshot) Ps. alle in Quarantäne befindlichen Dateien waren Dateien meiner externen Festplatte. VG Carlos |
|
01.07.2015, 05:52
| #21 |
| /// the machine /// TB-Ausbilder | Windows 7 - 64bit: PC sehr langsam, Vermutung Malware, Toshiba Service Station Problem Kommt die Meldung wenn du den Ordner schon aus der Quarantäne rausgelassen hast, oder erst danach? Die Meldung kenne ich so gar nicht. Toshibar Service Station neu isntallieren.
__________________ --> Windows 7 - 64bit: PC sehr langsam, Vermutung Malware, Toshiba Service Station Problem |
|
| Themen zu Windows 7 - 64bit: PC sehr langsam, Vermutung Malware, Toshiba Service Station Problem |
| antivirus, avira, bobrowser, browser, converter, desktop, device driver, failed, firefox, firefox 38.0.5, flash player, google, home, homepage, iexplore.exe, langsam, launch, malware, mozilla, mp3, problem, realtek, registry, scan, security, software, svchost.exe, system, teredo, windows |
Linear-Darstellung
