Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
verschiedene prozesse .exe *32

verschiedene prozesse .exe *32


Log-Analyse und Auswertung: verschiedene prozesse .exe *32

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 2 1 2
Alt 11.07.2013, 23:14   #16
xXBUDDAHXx
 
verschiedene prozesse .exe *32 - Standard

verschiedene prozesse .exe *32


ok sorry ..ich hab vergessen neu zu starten und hab mit hitman gescant

Code:
ATTFilter
HitmanPro 3.7.6.201
www.hitmanpro.com

   Computer name . . . . : SAMSUNG-PC
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : samsung-PC\Toni
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2013-07-11 23:30:00
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 8m 20s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 16

   Objects scanned . . . : 1.509.438
   Files scanned . . . . : 23.311
   Remnants scanned  . . : 387.527 files / 1.098.600 keys

Potential Unwanted Programs _________________________________________________

   HKU\S-1-5-21-1656143743-13120863-1912775482-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)
   HKU\S-1-5-21-1656143743-13120863-1912775482-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} (Claro)
dann hab ich neu gestartet und nochmal gescannt dann ist der laptop abgestürzt bzw blauer hintergrund a problem has been detected oder so

Alt 11.07.2013, 23:19   #17
markusg
/// Malware-holic
 
verschiedene prozesse .exe *32 - Standard

verschiedene prozesse .exe *32


hmm, starte mal neu, und schau ob du die Hitmanpro funde löschen kannst.
poste dann ein neues otl log.
__________________

__________________
Alt 12.07.2013, 19:36   #18
xXBUDDAHXx
 
verschiedene prozesse .exe *32 - Standard

verschiedene prozesse .exe *32


hab sie gelöschtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.07.2013 20:26:19 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Toni\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 2,68 Gb Available Physical Memory | 68,44% Memory free
7,83 Gb Paging File | 6,01 Gb Available in Paging File | 76,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 177,00 Gb Total Space | 56,14 Gb Free Space | 31,72% Space Free | Partition Type: NTFS
Drive D: | 265,39 Gb Total Space | 9,78 Gb Free Space | 3,68% Space Free | Partition Type: NTFS
Drive F: | 27,20 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: SAMSUNG-PC | User Name: Toni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.19 20:51:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Toni\Desktop\OTL.exe
PRC - [2013.03.25 16:56:31 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
PRC - [2013.03.25 16:56:29 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\T-Mobile Internet Manager.exe
PRC - [2012.02.16 15:08:06 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012.01.17 07:01:10 | 002,810,448 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
PRC - [2011.09.28 00:23:10 | 005,458,312 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
PRC - [2011.09.06 09:36:42 | 002,275,408 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
PRC - [2011.09.06 09:35:54 | 001,087,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
PRC - [2011.08.19 05:36:46 | 000,784,976 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
PRC - [2011.07.30 00:47:22 | 003,395,664 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
PRC - [2011.06.24 10:52:30 | 004,403,280 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2011.06.05 01:22:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.05.05 14:44:54 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.05.05 14:44:52 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.04.12 22:53:28 | 003,951,616 | ---- | M] () -- C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe
PRC - [2011.04.12 22:53:28 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr32.exe
PRC - [2009.06.23 17:43:40 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Toni\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.03.25 16:56:29 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\T-Mobile Internet Manager.exe
MOD - [2012.01.16 09:50:06 | 000,755,280 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMFuncDLL.dll
MOD - [2011.04.12 22:53:28 | 003,951,616 | ---- | M] () -- C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe
MOD - [2011.04.12 22:53:28 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr32.exe
MOD - [2011.04.12 22:53:28 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\WinSplit Revolution\WinSplitHook32.dll
MOD - [2011.04.12 22:53:28 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\WinSplit Revolution\WinSplitLib.dll
MOD - [2011.02.16 17:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
MOD - [2010.05.07 16:22:18 | 001,636,864 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
MOD - [2009.07.14 19:20:30 | 000,860,160 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\NDISAPI.dll
MOD - [2009.05.31 18:06:16 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DeviceMgrUIPlugin.dll
MOD - [2009.05.31 16:07:52 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\SMSPlugin.dll
MOD - [2009.05.31 15:57:08 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\NetInfoPlugin.dll
MOD - [2009.05.20 12:41:28 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\SpeedManagerPlugin.dll
MOD - [2009.04.21 18:12:50 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DialUpPlugin.dll
MOD - [2009.04.21 18:11:50 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\ConfigFilePlugin.dll
MOD - [2009.04.21 18:11:28 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DeviceMgrPlugin.dll
MOD - [2009.03.10 21:08:16 | 000,155,648 | R--- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DetectDev.dll
MOD - [2009.03.10 21:08:16 | 000,061,440 | R--- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\XCodec.dll
MOD - [2009.03.10 21:08:16 | 000,061,440 | R--- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DeviceOperate.dll
MOD - [2009.03.10 21:08:14 | 000,561,152 | R--- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\atcomm.dll
MOD - [2009.01.09 12:31:54 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\LocaleMgrPlugin.dll
MOD - [2009.01.09 12:30:38 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\NotifyServicePlugin.dll
MOD - [2008.11.08 11:52:10 | 000,090,112 | R--- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\FileManager.dll
MOD - [2008.11.08 11:52:08 | 000,014,848 | R--- | M] () -- C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\isaputrace.dll
MOD - [2006.08.12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.05.27 11:37:59 | 001,646,792 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV)
SRV:64bit: - [2013.02.26 17:50:29 | 000,068,856 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV)
SRV - [2013.06.26 19:46:38 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.06.12 22:12:50 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.29 12:46:20 | 004,233,088 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2013.02.26 17:22:43 | 000,069,392 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe -- (BdDesktopParental)
SRV - [2012.06.25 18:45:56 | 000,095,184 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Programme\Bitdefender\Bitdefender Safebox\safeboxservice.exe -- (SafeBox)
SRV - [2011.06.05 01:22:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.05.05 14:44:54 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.05.05 14:44:52 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.03.28 14:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.22 11:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.05.28 12:12:19 | 000,382,536 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2013.04.17 14:59:58 | 000,593,144 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2013.04.17 14:59:56 | 000,718,840 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2012.11.12 18:11:19 | 000,082,384 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2012.11.02 14:17:46 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2012.10.04 14:30:19 | 000,147,232 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2012.04.17 14:34:26 | 000,076,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.16 15:08:26 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011.12.12 12:32:22 | 002,797,056 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.12.01 15:51:00 | 011,417,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.07.30 00:47:20 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2011.06.05 01:22:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.04.22 12:17:04 | 000,471,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.11 12:55:24 | 000,007,680 | ---- | M] (Phoenix Technologies Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SGDrv64.sys -- (SGDrv)
DRV:64bit: - [2011.03.24 23:14:12 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.18 01:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.12.16 12:39:08 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.20 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 19:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.12.13 12:28:20 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2013.02.22 19:46:52 | 000,093,600 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV - [2011.11.14 20:16:37 | 000,103,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{7F8FBB22-875E-4267-AAAC-7CD3B6CD9493}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=082C3D5C-33A0-4294-A99B-1B2A7C662278&apn_sauid=8606C267-44C5-4AF5-9504-5A186E6EED48
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.5
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013.06.19 13:15:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.07 13:53:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.06.19 13:15:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.07 13:53:33 | 000,000,000 | ---D | M]
 
[2013.03.25 17:09:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toni\AppData\Roaming\mozilla\Extensions
[2013.07.06 16:28:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toni\AppData\Roaming\mozilla\Firefox\Profiles\6uy3eegp.default\extensions
[2013.06.14 08:33:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Toni\AppData\Roaming\mozilla\Firefox\Profiles\6uy3eegp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.06.19 17:58:55 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Toni\AppData\Roaming\mozilla\Firefox\Profiles\6uy3eegp.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2013.06.17 01:27:29 | 000,117,280 | ---- | M] () (No name found) -- C:\Users\Toni\AppData\Roaming\mozilla\firefox\profiles\6uy3eegp.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.06.17 13:59:02 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Toni\AppData\Roaming\mozilla\firefox\profiles\6uy3eegp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.06.26 19:46:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions
[2013.06.26 19:46:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.06.26 19:46:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013.07.10 21:55:04 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [Winsplit] C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{168D2354-8729-4C0E-A62D-A72983FB679E}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F69A70D-6D74-4BE1-A9DF-D34AAFA5D880}: NameServer = 10.74.210.210 10.74.210.211
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\Windows\SysWOW64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.29 11:48:12 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.06.28 02:43:22 | 000,000,048 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.12 20:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013.07.11 23:53:07 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2013.07.11 23:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013.07.11 23:28:01 | 009,833,328 | ---- | C] (SurfRight B.V.) -- C:\Users\Toni\Desktop\HitmanPro_x64.exe
[2013.07.11 23:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013.07.11 23:02:26 | 001,093,032 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\npDeployJava1.dll
[2013.07.11 23:02:26 | 000,972,712 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\deployJava1.dll
[2013.07.11 23:02:26 | 000,312,232 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe
[2013.07.11 23:02:18 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe
[2013.07.11 23:02:18 | 000,188,840 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\java.exe
[2013.07.11 23:02:18 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2013.07.11 23:02:05 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.07.11 22:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.07.11 22:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.07.11 11:42:47 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.07.11 03:07:12 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013.07.11 03:07:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013.07.11 03:07:11 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013.07.11 03:07:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013.07.11 03:07:11 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013.07.11 03:07:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013.07.11 03:07:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013.07.11 03:07:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013.07.11 03:07:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013.07.11 03:07:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013.07.11 03:07:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013.07.11 03:07:09 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013.07.11 03:07:09 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013.07.11 03:07:09 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013.07.11 03:07:08 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013.07.10 23:06:13 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Malwarebytes
[2013.07.10 23:05:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.10 23:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.07.10 23:05:27 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013.07.10 23:05:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.07.10 22:59:17 | 004,396,440 | ---- | C] (Piriform Ltd) -- C:\Users\Toni\Desktop\ccsetup403.exe
[2013.07.10 21:40:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013.07.10 21:40:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013.07.10 21:40:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013.07.10 21:37:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.07.10 21:36:34 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013.07.10 21:33:07 | 005,087,643 | R--- | C] (Swearware) -- C:\Users\Toni\Desktop\ComboFix.exe
[2013.07.10 20:36:56 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Toni\Desktop\tdsskiller.exe
[2013.07.10 05:24:39 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2013.07.10 05:24:39 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2013.07.10 05:24:37 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2013.07.10 05:24:37 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2013.07.10 05:23:25 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013.07.09 22:11:19 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Toni\Desktop\HiJackThis204.exe
[2013.07.09 06:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013.07.08 11:18:55 | 000,000,000 | ---D | C] -- C:\Users\Toni\Desktop\Camera
[2013.07.08 01:02:23 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\vlc
[2013.07.08 01:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.07.08 01:00:23 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013.07.07 15:58:34 | 002,212,656 | ---- | C] (ELAN Microelectronics Corp.) -- C:\windows\ETDUninst.dll
[2013.07.05 09:34:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2013.06.29 02:03:21 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\CrashRpt
[2013.06.29 02:02:45 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Programs
[2013.06.29 00:05:46 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_7.dll
[2013.06.29 00:05:46 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_7.dll
[2013.06.29 00:05:46 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_7.dll
[2013.06.29 00:05:46 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_7.dll
[2013.06.29 00:05:46 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_5.dll
[2013.06.29 00:05:46 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_5.dll
[2013.06.29 00:05:45 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_43.dll
[2013.06.29 00:05:45 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_43.dll
[2013.06.29 00:05:45 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dcsx_43.dll
[2013.06.29 00:05:45 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dcsx_43.dll
[2013.06.29 00:05:44 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_43.dll
[2013.06.29 00:05:44 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_43.dll
[2013.06.29 00:05:44 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_43.dll
[2013.06.29 00:05:44 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_43.dll
[2013.06.29 00:05:43 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_43.dll
[2013.06.29 00:05:43 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_43.dll
[2013.06.29 00:05:42 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_6.dll
[2013.06.29 00:05:42 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_6.dll
[2013.06.29 00:05:42 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_6.dll
[2013.06.29 00:05:42 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_6.dll
[2013.06.29 00:05:42 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_4.dll
[2013.06.29 00:05:42 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_4.dll
[2013.06.29 00:05:41 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_7.dll
[2013.06.29 00:05:41 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_7.dll
[2013.06.29 00:05:38 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_5.dll
[2013.06.29 00:05:38 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_5.dll
[2013.06.29 00:05:38 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_5.dll
[2013.06.29 00:05:38 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_5.dll
[2013.06.29 00:05:36 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dcsx_42.dll
[2013.06.29 00:05:36 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dcsx_42.dll
[2013.06.29 00:05:36 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_42.dll
[2013.06.29 00:05:36 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_42.dll
[2013.06.29 00:05:35 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_42.dll
[2013.06.29 00:05:35 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_42.dll
[2013.06.29 00:05:34 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_42.dll
[2013.06.29 00:05:34 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_42.dll
[2013.06.29 00:05:33 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_42.dll
[2013.06.29 00:05:33 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_42.dll
[2013.06.29 00:05:32 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_41.dll
[2013.06.29 00:05:32 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_41.dll
[2013.06.29 00:05:31 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_41.dll
[2013.06.29 00:05:31 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_41.dll
[2013.06.29 00:05:30 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_4.dll
[2013.06.29 00:05:30 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_4.dll
[2013.06.29 00:05:30 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_3.dll
[2013.06.29 00:05:30 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_3.dll
[2013.06.29 00:05:29 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_4.dll
[2013.06.29 00:05:29 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_4.dll
[2013.06.29 00:05:29 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_6.dll
[2013.06.29 00:05:29 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_6.dll
[2013.06.29 00:05:28 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_40.dll
[2013.06.29 00:05:28 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_40.dll
[2013.06.29 00:05:28 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_40.dll
[2013.06.29 00:05:28 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_40.dll
[2013.06.29 00:05:27 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_40.dll
[2013.06.29 00:05:27 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_40.dll
[2013.06.29 00:05:26 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_3.dll
[2013.06.29 00:05:26 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_3.dll
[2013.06.29 00:05:26 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_3.dll
[2013.06.29 00:05:26 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_3.dll
[2013.06.29 00:05:26 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_2.dll
[2013.06.29 00:05:26 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_2.dll
[2013.06.29 00:05:24 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_5.dll
[2013.06.29 00:05:24 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_5.dll
[2013.06.29 00:05:23 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_2.dll
[2013.06.29 00:05:23 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_2.dll
[2013.06.29 00:05:23 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_1.dll
[2013.06.29 00:05:23 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_1.dll
[2013.06.29 00:05:22 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_2.dll
[2013.06.29 00:05:22 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_2.dll
[2013.06.29 00:05:20 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_39.dll
[2013.06.29 00:05:20 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_39.dll
[2013.06.29 00:05:20 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_39.dll
[2013.06.29 00:05:20 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_39.dll
[2013.06.29 00:05:19 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_39.dll
[2013.06.29 00:05:19 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_39.dll
[2013.06.29 00:05:18 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_1.dll
[2013.06.29 00:05:18 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_1.dll
[2013.06.29 00:05:18 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_0.dll
[2013.06.29 00:05:18 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_0.dll
[2013.06.29 00:05:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_1.dll
[2013.06.29 00:05:17 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_1.dll
[2013.06.29 00:05:16 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_4.dll
[2013.06.29 00:05:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_4.dll
[2013.06.29 00:05:15 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_38.dll
[2013.06.29 00:05:15 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_38.dll
[2013.06.29 00:05:15 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_38.dll
[2013.06.29 00:05:15 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_38.dll
[2013.06.29 00:05:14 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_38.dll
[2013.06.29 00:05:14 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_38.dll
[2013.06.29 00:05:14 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_0.dll
[2013.06.29 00:05:14 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_0.dll
[2013.06.29 00:05:12 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_0.dll
[2013.06.29 00:05:12 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_0.dll
[2013.06.29 00:05:12 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_3.dll
[2013.06.29 00:05:12 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_3.dll
[2013.06.29 00:05:11 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_37.dll
[2013.06.29 00:05:11 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_37.dll
[2013.06.29 00:05:11 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_37.dll
[2013.06.29 00:05:11 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_37.dll
[2013.06.29 00:05:10 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_37.dll
[2013.06.29 00:05:10 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_37.dll
[2013.06.29 00:05:10 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll
[2013.06.29 00:05:10 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll
[2013.06.29 00:05:08 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll
[2013.06.29 00:05:08 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll
[2013.06.29 00:05:08 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll
[2013.06.29 00:05:08 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll
[2013.06.29 00:05:07 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll
[2013.06.29 00:05:07 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll
[2013.06.29 00:05:06 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll
[2013.06.29 00:05:06 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll
[2013.06.29 00:05:04 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll
[2013.06.29 00:05:04 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll
[2013.06.29 00:05:04 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll
[2013.06.29 00:05:04 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll
[2013.06.29 00:05:03 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll
[2013.06.29 00:05:03 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll
[2013.06.29 00:05:03 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll
[2013.06.29 00:05:03 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll
[2013.06.29 00:05:03 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll
[2013.06.29 00:05:03 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll
[2013.06.29 00:05:02 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll
[2013.06.29 00:05:02 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll
[2013.06.29 00:05:02 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll
[2013.06.29 00:05:02 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll
[2013.06.29 00:05:01 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll
[2013.06.29 00:05:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll
[2013.06.29 00:05:01 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll
[2013.06.29 00:05:01 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll
[2013.06.29 00:05:00 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll
[2013.06.29 00:05:00 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll
[2013.06.29 00:04:59 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll
[2013.06.29 00:04:59 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll
[2013.06.29 00:04:59 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll
[2013.06.29 00:04:59 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll
[2013.06.29 00:04:58 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll
[2013.06.29 00:04:58 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
[2013.06.29 00:04:57 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll
[2013.06.29 00:04:57 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
[2013.06.29 00:04:57 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll
[2013.06.29 00:04:57 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
[2013.06.29 00:04:56 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
[2013.06.29 00:04:56 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
[2013.06.29 00:04:53 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_32.dll
[2013.06.29 00:04:53 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_32.dll
[2013.06.29 00:04:52 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
[2013.06.29 00:04:52 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
[2013.06.29 00:04:52 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll
[2013.06.29 00:04:52 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll
[2013.06.29 00:04:51 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll
[2013.06.29 00:04:51 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll
[2013.06.29 00:04:50 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll
[2013.06.29 00:04:50 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll
[2013.06.29 00:04:49 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll
[2013.06.29 00:04:49 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll
[2013.06.29 00:04:49 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll
[2013.06.29 00:04:49 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll
[2013.06.29 00:04:48 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll
[2013.06.29 00:04:48 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll
[2013.06.29 00:04:47 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll
[2013.06.29 00:04:47 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll
[2013.06.29 00:04:39 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll
[2013.06.29 00:04:39 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll
[2013.06.29 00:04:38 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll
[2013.06.29 00:04:38 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
[2013.06.29 00:04:38 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll
[2013.06.29 00:04:38 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll
[2013.06.29 00:04:38 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll
[2013.06.29 00:04:38 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll
[2013.06.29 00:04:37 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
[2013.06.29 00:04:37 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
[2013.06.29 00:04:36 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
[2013.06.29 00:04:36 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
[2013.06.29 00:04:35 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
[2013.06.29 00:04:35 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
[2013.06.29 00:04:34 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
[2013.06.29 00:04:34 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
[2013.06.29 00:04:32 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
[2013.06.29 00:04:32 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
[2013.06.28 23:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013.06.28 23:50:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2013.06.26 19:46:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.06.23 08:43:41 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Winsplit Revolution
[2013.06.23 08:43:29 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinSplit Revolution
[2013.06.23 08:43:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSplit Revolution
[2013.06.23 08:43:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinSplit Revolution
[2013.06.23 07:25:27 | 000,000,000 | -HSD | C] -- C:\windows\ftpcache
[2013.06.20 16:51:46 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\dvdcss
[2013.06.19 23:31:46 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\{D0E65438-E603-4BED-A1F4-836334F53C78}
[2013.06.19 23:31:45 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\{0DD427DF-99B0-4A95-8D7F-903E10CBD680}
[2013.06.19 20:51:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Toni\Desktop\OTL.exe
[2013.06.19 20:28:46 | 001,071,244 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Toni\Desktop\mbam-setup-1.75.0.1300.exe
[2013.06.19 17:29:03 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\liQeNSoft
[2013.06.19 13:15:19 | 000,076,944 | ---- | C] (BitDefender) -- C:\windows\SysNative\drivers\bdvedisk.sys
[2013.06.19 13:14:46 | 000,093,600 | ---- | C] (BitDefender LLC) -- C:\windows\SysNative\drivers\BdfNdisf6.sys
[2013.06.19 13:14:46 | 000,082,384 | ---- | C] (BitDefender SRL) -- C:\windows\SysNative\drivers\bdsandbox.sys
[2013.06.19 13:14:36 | 000,593,144 | ---- | C] (BitDefender) -- C:\windows\SysNative\drivers\avckf.sys
[2013.06.19 13:14:34 | 000,718,840 | ---- | C] (BitDefender) -- C:\windows\SysNative\drivers\avc3.sys
[2013.06.19 13:06:38 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Bitdefender
[2013.06.19 13:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2013.06.19 13:00:18 | 000,147,232 | ---- | C] (BitDefender LLC) -- C:\windows\SysNative\drivers\gzflt.sys
[2013.06.19 13:00:17 | 000,382,536 | ---- | C] (BitDefender S.R.L.) -- C:\windows\SysNative\drivers\trufos.sys
[2013.06.19 12:49:59 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\liQeNSoft
[2013.06.19 12:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013.06.19 11:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013
[2013.06.19 11:56:09 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2013.06.19 11:49:36 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\windows\capicom.dll
[2013.06.19 11:49:27 | 000,261,056 | ---- | C] (BitDefender) -- C:\windows\SysNative\drivers\avchv.sys
[2013.06.19 10:38:35 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\QuickScan
[2013.06.19 10:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013.06.18 19:06:29 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Diagnostics
[2013.06.18 16:34:19 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Easy File Share
[2013.06.18 14:53:20 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\VirtualStore
[2013.06.17 11:13:53 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\QuickPar
[2013.06.17 11:09:59 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
[2013.06.17 11:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
[2013.06.17 11:09:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickPar
[2013.06.17 09:50:04 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\ElevatedDiagnostics
[2013.06.17 00:49:08 | 000,000,000 | ---D | C] -- C:\Users\Toni\Documents\UseNeXT
[2013.06.17 00:49:05 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\UseNeXT
[2013.06.17 00:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
[2013.06.17 00:48:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UseNeXT
[2013.06.14 08:46:45 | 000,000,000 | ---D | C] -- C:\Users\Toni\dwhelper
[2013.06.13 17:42:13 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2013.06.13 17:42:13 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2013.06.13 17:42:12 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptdlg.dll
[2013.06.13 17:42:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptdlg.dll
[2013.06.13 17:42:09 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013.06.13 17:42:02 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2013.06.13 17:42:02 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certutil.exe
[2013.06.13 17:42:02 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certutil.exe
[2013.06.13 17:42:01 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2013.06.13 17:42:01 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certenc.dll
[2013.06.13 17:42:01 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certenc.dll
[2013.06.13 17:41:57 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2013.06.13 17:41:57 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2013.06.13 13:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2013.06.13 13:18:50 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\BitTorrent
[2013.06.13 12:56:13 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\WinRAR
[2013.06.13 12:56:13 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.06.13 12:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.06.13 12:56:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2013.06.12 22:12:42 | 009,089,416 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.12 20:12:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.07.12 11:55:35 | 000,028,624 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.12 11:55:35 | 000,028,624 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.12 11:48:12 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.07.12 00:05:43 | 570,892,576 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013.07.12 00:05:39 | 4204,314,624 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.11 23:28:03 | 009,833,328 | ---- | M] (SurfRight B.V.) -- C:\Users\Toni\Desktop\HitmanPro_x64.exe
[2013.07.11 23:21:00 | 000,000,101 | ---- | M] () -- C:\windows\DeleteOnReboot.bat
[2013.07.11 23:02:11 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2013.07.11 23:02:09 | 001,093,032 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\npDeployJava1.dll
[2013.07.11 23:02:09 | 000,972,712 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\deployJava1.dll
[2013.07.11 23:02:09 | 000,312,232 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe
[2013.07.11 23:02:09 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe
[2013.07.11 23:02:09 | 000,188,840 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\java.exe
[2013.07.11 23:01:50 | 000,662,345 | ---- | M] () -- C:\Users\Toni\Desktop\adwcleaner.exe
[2013.07.11 22:22:09 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.07.11 22:08:06 | 083,861,564 | ---- | M] () -- C:\Users\Toni\Desktop\993033_anal_fisting_amp_fotzenspanking_passion_girl_german_a.flv
[2013.07.11 03:32:33 | 000,277,648 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.07.11 03:11:58 | 001,519,874 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.07.11 03:11:58 | 000,654,166 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.07.11 03:11:58 | 000,616,008 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.07.11 03:11:58 | 000,130,006 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.07.11 03:11:58 | 000,106,388 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.07.10 23:05:36 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.07.10 22:59:24 | 004,396,440 | ---- | M] (Piriform Ltd) -- C:\Users\Toni\Desktop\ccsetup403.exe
[2013.07.10 21:55:04 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013.07.10 21:33:35 | 005,087,643 | R--- | M] (Swearware) -- C:\Users\Toni\Desktop\ComboFix.exe
[2013.07.10 20:46:06 | 000,023,284 | ---- | M] () -- C:\Users\Toni\Desktop\TDSSKiller.2.8.16.0_10.07.2013_20.38.34_log.rar
[2013.07.10 20:37:17 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Toni\Desktop\tdsskiller.exe
[2013.07.10 01:39:31 | 000,017,464 | ---- | M] () -- C:\Users\Toni\Desktop\OTL.rar
[2013.07.09 22:11:21 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Toni\Desktop\HiJackThis204.exe
[2013.07.08 04:13:51 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll
[2013.07.08 04:13:51 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll
[2013.07.08 01:00:42 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.07.07 23:14:21 | 008,496,000 | ---- | M] () -- C:\Users\Toni\Desktop\Marteria - Verstrahlt feat. Yasha (Offizielles Musikvideo).mp3
[2013.07.07 23:13:37 | 008,747,520 | ---- | M] () -- C:\Users\Toni\Desktop\Marteria - Sekundenschlaf (Offizielles Musikvideo).mp3
[2013.07.07 23:12:14 | 008,413,440 | ---- | M] () -- C:\Users\Toni\Desktop\Marteria - Marteria Girl (Offizielles Musikvideo).mp3
[2013.07.07 13:59:58 | 000,000,494 | ---- | M] () -- C:\Users\Toni\Desktop\Filme.lnk
[2013.06.20 21:01:53 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2013.06.20 21:01:53 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013.06.20 21:01:53 | 000,000,686 | -H-- | M] () -- C:\bdr-cf01
[2013.06.19 20:51:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Toni\Desktop\OTL.exe
[2013.06.19 20:47:37 | 001,071,244 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Toni\Desktop\mbam-setup-1.75.0.1300.exe
[2013.06.19 17:14:11 | 000,000,385 | ---- | M] () -- C:\windows\SysNative\user_gensett.xml
[2013.06.19 16:34:17 | 002,510,608 | -H-- | M] () -- C:\bdr-bz01
[2013.06.19 16:33:59 | 038,516,263 | -H-- | M] () -- C:\bdr-im01.gz
[2013.06.19 13:16:09 | 000,002,122 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2013.lnk
[2013.06.19 11:56:22 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013.06.17 00:48:58 | 000,001,857 | ---- | M] () -- C:\Users\Toni\Desktop\UseNeXT by Tangysoft.lnk
[2013.06.12 22:12:49 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.06.12 22:12:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.12 22:12:42 | 009,089,416 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
 
========== Files Created - No Company Name ==========
 
[2013.07.11 23:52:34 | 570,892,576 | ---- | C] () -- C:\windows\MEMORY.DMP
[2013.07.11 23:20:45 | 000,000,101 | ---- | C] () -- C:\windows\DeleteOnReboot.bat
[2013.07.11 23:01:49 | 000,662,345 | ---- | C] () -- C:\Users\Toni\Desktop\adwcleaner.exe
[2013.07.11 22:22:09 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.07.11 21:51:05 | 083,861,564 | ---- | C] () -- C:\Users\Toni\Desktop\993033_anal_fisting_amp_fotzenspanking_passion_girl_german_a.flv
[2013.07.10 23:05:36 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.07.10 21:40:56 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013.07.10 21:40:56 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013.07.10 21:40:56 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013.07.10 21:40:56 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013.07.10 21:40:56 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013.07.10 20:46:06 | 000,023,284 | ---- | C] () -- C:\Users\Toni\Desktop\TDSSKiller.2.8.16.0_10.07.2013_20.38.34_log.rar
[2013.07.10 01:39:31 | 000,017,464 | ---- | C] () -- C:\Users\Toni\Desktop\OTL.rar
[2013.07.08 01:00:42 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.07.07 23:14:05 | 008,496,000 | ---- | C] () -- C:\Users\Toni\Desktop\Marteria - Verstrahlt feat. Yasha (Offizielles Musikvideo).mp3
[2013.07.07 23:13:20 | 008,747,520 | ---- | C] () -- C:\Users\Toni\Desktop\Marteria - Sekundenschlaf (Offizielles Musikvideo).mp3
[2013.07.07 23:11:56 | 008,413,440 | ---- | C] () -- C:\Users\Toni\Desktop\Marteria - Marteria Girl (Offizielles Musikvideo).mp3
[2013.07.07 13:59:58 | 000,000,494 | ---- | C] () -- C:\Users\Toni\Desktop\Filme.lnk
[2013.06.19 17:14:11 | 000,000,385 | ---- | C] () -- C:\windows\SysNative\user_gensett.xml
[2013.06.19 16:34:59 | 038,516,263 | -H-- | C] () -- C:\bdr-im01.gz
[2013.06.19 16:34:59 | 002,510,608 | -H-- | C] () -- C:\bdr-bz01
[2013.06.19 16:34:59 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2013.06.19 16:34:59 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2013.06.19 13:16:38 | 000,000,686 | -H-- | C] () -- C:\bdr-cf01
[2013.06.19 13:16:09 | 000,002,122 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2013.lnk
[2013.06.19 11:56:22 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013.06.17 00:48:58 | 000,001,857 | ---- | C] () -- C:\Users\Toni\Desktop\UseNeXT by Tangysoft.lnk
[2012.03.08 08:50:41 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2012.03.08 07:55:08 | 000,001,370 | ---- | C] () -- C:\windows\HotFixList.ini
[2011.07.21 07:51:15 | 000,960,940 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011.07.21 07:51:14 | 000,207,376 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2011.07.21 07:51:12 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
--- --- ---
__________________
Alt 15.07.2013, 19:09   #19
markusg
/// Malware-holic
 
verschiedene prozesse .exe *32 - Standard

verschiedene prozesse .exe *32


Hi,


otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
IE - HKCU\..\SearchScopes\{7F8FBB22-875E-4267-AAAC-7CD3B6CD9493}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=082C3D5C-33A0-4294-A99B-1B2A7C662278&apn_sauid=8606C267-44C5-4AF5-9504-5A186E6EED48
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found
:files
:Commands
[emptytemp]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread


bitte teste, ob es im Firefox, internet explorer, und sonstigen
evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt.
Teste wie pc und programme allgemein laufen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.07.2013, 05:32   #20
xXBUDDAHXx
 
verschiedene prozesse .exe *32 - Standard

verschiedene prozesse .exe *32


moin
firefox läuft normal, internet explorer lässt sich öffnen sonst geht nichts aber egal brauch ich eh nicht...


All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F8FBB22-875E-4267-AAAC-7CD3B6CD9493}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F8FBB22-875E-4267-AAAC-7CD3B6CD9493}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: samsung
->Temp folder emptied: 0 bytes

User: Toni
->Temp folder emptied: 16487 bytes
->Temporary Internet Files folder emptied: 676479 bytes
->Java cache emptied: 1182028 bytes
->FireFox cache emptied: 71550651 bytes
->Flash cache emptied: 1025 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 41242890 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50562 bytes
RecycleBin emptied: 1476566266 bytes

Total Files Cleaned = 1.518,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 07172013_061947

Files\Folders moved on Reboot...
C:\Users\Toni\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File\Folder C:\windows\temp\~bdDEB4.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Alt 21.07.2013, 18:37   #21
xXBUDDAHXx
 
verschiedene prozesse .exe *32 - Standard

verschiedene prozesse .exe *32


also hast du auch keine ahnung ?! na toll dann kann ich dass ding ja weg schmeissen ...trotzdem vielen dank für die bemühungen LG Toni

Antwort
Seite 2 von 2 1 2

Themen zu verschiedene prozesse .exe *32
adobe, adobe flash player, bho, browser, defender, desktop, exe, explorer, firefox, flash player, helper, hijack, hijackthis, internet, internet explorer, langsam, mozilla, nvidia, plug-in, programm, prozesse, security, sehr langsam, software, symantec, usenext, virus, windows


« Angezeigte Seite springt auf: Mythings.com | Win7 GVU Trojaner / abges. Modus geht nicht / frst64 scan liegt vor »


Ähnliche Themen: verschiedene prozesse .exe *32


  1. CMD-Fenster öffnet sich bei Systemstart und startet viele verschiedene Prozesse
    Plagegeister aller Art und deren Bekämpfung - 03.09.2015 (14)
  2. SergeLeLama.vbs im autostart und verschiedene nicht zu beendende Prozesse
    Log-Analyse und Auswertung - 29.07.2014 (6)
  3. Verschiedene, unbekannte und nicht zu beendende Prozesse!
    Plagegeister aller Art und deren Bekämpfung - 10.07.2014 (9)
  4. Wie schließt man 2 verschiedene Monitore mit 2 verschiedene Grafikkarten richtig an?
    Netzwerk und Hardware - 11.02.2014 (5)
  5. Verschiedene Probleme
    Plagegeister aller Art und deren Bekämpfung - 06.11.2013 (31)
  6. Verschiedene Trojaner
    Plagegeister aller Art und deren Bekämpfung - 05.01.2013 (15)
  7. Verschiedene Probleme!
    Log-Analyse und Auswertung - 20.01.2010 (3)
  8. Verschiedene Trojaner
    Plagegeister aller Art und deren Bekämpfung - 14.02.2009 (1)
  9. Verschiedene Probleme!
    Plagegeister aller Art und deren Bekämpfung - 06.11.2008 (0)
  10. Verschiedene trojaner
    Log-Analyse und Auswertung - 17.10.2008 (2)
  11. Verschiedene Viren
    Plagegeister aller Art und deren Bekämpfung - 09.07.2008 (9)
  12. Verschiedene W-32 und ICQ Viren
    Plagegeister aller Art und deren Bekämpfung - 02.04.2007 (4)
  13. verschiedene
    Plagegeister aller Art und deren Bekämpfung - 28.11.2005 (5)
  14. Prozesse über prozesse
    Log-Analyse und Auswertung - 15.11.2005 (2)
  15. Verschiedene Trojaner
    Plagegeister aller Art und deren Bekämpfung - 23.02.2005 (0)
  16. verschiedene virenschützer
    Plagegeister aller Art und deren Bekämpfung - 02.03.2003 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema verschiedene prozesse .exe *32 - ok sorry ..ich hab vergessen neu zu starten und hab mit hitman gescant Code: Alles auswählen Aufklappen ATTFilter HitmanPro 3.7.6.201 www.hitmanpro.com Computer name . . . . : SAMSUNG-PC Windows - verschiedene prozesse .exe *32...
Archiv
Du betrachtest: verschiedene prozesse .exe *32 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131