Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
onlinegame geht nicht mehr richtig

onlinegame geht nicht mehr richtig


Plagegeister aller Art und deren Bekämpfung: onlinegame geht nicht mehr richtig

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 28.02.2014, 21:32   #1
Mischka
 
onlinegame geht nicht mehr richtig - Standard

onlinegame geht nicht mehr richtig


es gibt massive brobleme mit onlinegames wen ich was rauschicke wird es nicht weitergeleitet
hab den verdacht das da was nicht stimt
ps es sind alle drei rechner betroffen!!!!

meine freundin hat aus panik combofix lauefen gelassen (grrrrrrrrrrrrrrrrr)
Hier der log vom combofix:
code:ComboFix 14-02-24.02 - Michael 01.03.2014 8:54:56.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16379.11231 [GMT 1:00]
ausgeführt von:: C:\Users\milari\Desktop\ComboFix.exe
AV: Norton Internet Security CBE *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security CBE *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security CBE *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt


(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))


C:\LIL1496.tmp
C:\LIL1497.tmp
C:\LIL14A5.tmp
C:\LIL14A6.tmp
C:\LIL14A7.tmp
C:\Users\Michael\AppData\Roaming\352

Infizierte Kopie von C:\Windows\SysWow64\userinit.exe wurde gefunden und desinfiziert
Kopie von - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe wurde wiederhergestellt


((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_DCService.exe


((((((((((((((((((((((( Dateien erstellt von 2014-02-01 bis 2014-03-01 ))))))))))))))))))))))))))))))


2014-03-01 08:02:49 . 2014-03-01 08:45:20 -------- d-----w- C:\Users\Michael\AppData\Local\temp
2014-03-01 08:02:49 . 2014-03-01 08:02:49 -------- d-----w- C:\Users\hedev\AppData\Local\temp
2014-03-01 08:02:49 . 2014-03-01 08:02:49 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-02-28 17:48:24 . 2014-02-28 17:50:32 -------- d-----w- C:\AdwCleaner
2014-02-28 16:50:11 . 2014-02-28 16:48:49 1227465 ----a-w- C:\Windows\unins000.exe
2014-02-28 16:50:00 . 2014-02-28 17:13:11 -------- d-----w- C:\Program Files (x86)\monarimo
2014-02-23 14:07:08 . 2014-02-23 14:07:08 -------- d-----w- C:\ProgramData\Ralink
2014-02-23 14:03:32 . 2014-02-23 14:03:32 -------- d-----w- C:\Users\Michael\AppData\Roaming\InstallShield
2014-02-17 12:41:00 . 2010-02-04 09:01:14 78680 ----a-w- C:\Windows\system32\XAPOFX1_4.dll
2014-02-17 12:41:00 . 2010-02-04 09:01:14 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll
2014-02-17 12:41:00 . 2010-02-04 09:01:14 530776 ----a-w- C:\Windows\system32\XAudio2_6.dll
2014-02-17 12:41:00 . 2010-02-04 09:01:14 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll
2014-02-15 06:46:26 . 2013-12-16 00:54:16 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DD0894C7-1F65-4EC0-BE8E-EEB4E726D92D}\mpengine.dll
2014-02-14 02:01:40 . 2013-12-21 09:53:45 548864 ----a-w- C:\Windows\system32\vbscript.dll
2014-02-14 02:01:40 . 2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-13 06:29:27 . 2013-12-06 02:30:08 2048 ----a-w- C:\Windows\system32\msxml3r.dll
2014-02-08 05:03:11 . 2014-02-08 05:03:11 -------- d-----w- C:\Program Files (x86)\Common Files\Java
2014-02-08 05:01:39 . 2014-02-08 05:01:28 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-08 05:01:25 . 2014-02-08 05:01:25 -------- d-----w- C:\Program Files (x86)\Java
2014-02-08 04:55:43 . 2014-02-08 04:55:44 -------- d-----w- C:\ProgramData\Oracle
.


(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-03-01 08:45:11 . 2013-03-07 07:58:05 16152 ----a-w- C:\Windows\system32\drivers\SWDUMon.sys
2014-02-22 08:16:33 . 2012-12-21 16:19:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-22 08:16:33 . 2012-12-21 16:19:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-18 02:00:40 . 2012-12-21 00:07:51 88567024 ----a-w- C:\Windows\system32\MRT.exe
2014-01-02 10:29:49 . 2013-11-17 08:01:14 893552 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-01-02 10:22:14 . 2013-11-19 12:28:57 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-01-01 04:52:22 . 2013-11-19 12:31:03 893552 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-01-01 04:45:33 . 2013-11-17 07:54:13 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-12-26 10:54:41 . 2013-11-17 07:53:58 1236816 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-12-18 05:13:56 . 2013-01-29 11:50:19 270496 ------w- C:\Windows\system32\MpSigStub.exe
2013-12-12 10:27:58 . 2013-11-19 12:28:50 1236816 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-12-02 17:46:13 . 2013-01-13 21:23:22 2968624 ----a-w- C:\Windows\PE_Rom.dll
2013-12-02 17:43:34 . 2013-01-13 21:37:06 3039152 ----a-w- C:\Windows\PE_File.dll
2013-12-02 11:09:38 . 2013-12-02 11:09:38 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2013-12-02 11:09:38 . 2013-12-02 11:09:37 940032 ----a-w- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 942592 ----a-w- C:\Windows\system32\jsIntl.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 86016 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 86016 ----a-w- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 74240 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 645120 ----a-w- C:\Windows\SysWow64\jsIntl.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 62464 ----a-w- C:\Windows\SysWow64\tdc.ocx
2013-12-02 11:09:29 . 2013-12-02 11:09:29 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 48640 ----a-w- C:\Windows\SysWow64\mshtmler.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 36352 ----a-w- C:\Windows\SysWow64\imgutil.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 34816 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 337408 ----a-w- C:\Windows\SysWow64\html.iec
2013-12-02 11:09:29 . 2013-12-02 11:09:29 247808 ----a-w- C:\Windows\system32\msls31.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 24576 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 235008 ----a-w- C:\Windows\system32\elshyph.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 182272 ----a-w- C:\Windows\SysWow64\msls31.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 151552 ----a-w- C:\Windows\SysWow64\iexpress.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 139264 ----a-w- C:\Windows\SysWow64\wextract.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 13312 ----a-w- C:\Windows\SysWow64\mshta.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 111616 ----a-w- C:\Windows\SysWow64\IEAdvpack.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 1051136 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 90112 ----a-w- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-02 11:09:28 . 2013-12-02 11:09:28 84992 ----a-w- C:\Windows\system32\mshtmled.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 83968 ----a-w- C:\Windows\system32\MshtmlDac.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 81408 ----a-w- C:\Windows\system32\icardie.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 774144 ----a-w- C:\Windows\system32\jscript.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 77312 ----a-w- C:\Windows\system32\tdc.ocx
2013-12-02 11:09:28 . 2013-12-02 11:09:28 62464 ----a-w- C:\Windows\system32\pngfilt.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 616104 ----a-w- C:\Windows\system32\ieapfltr.dat
2013-12-02 11:09:28 . 2013-12-02 11:09:28 52224 ----a-w- C:\Windows\system32\msfeedsbs.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 48640 ----a-w- C:\Windows\system32\mshtmler.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 48128 ----a-w- C:\Windows\system32\imgutil.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 453120 ----a-w- C:\Windows\system32\dxtmsft.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 413696 ----a-w- C:\Windows\system32\html.iec
2013-12-02 11:09:28 . 2013-12-02 11:09:28 40448 ----a-w- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 30208 ----a-w- C:\Windows\system32\licmgr10.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 296960 ----a-w- C:\Windows\system32\dxtrans.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 263376 ----a-w- C:\Windows\system32\iedkcs32.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 243200 ----a-w- C:\Windows\system32\webcheck.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 235520 ----a-w- C:\Windows\system32\url.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 167424 ----a-w- C:\Windows\system32\iexpress.exe
2013-12-02 11:09:28 . 2013-12-02 11:09:28 147968 ----a-w- C:\Windows\system32\occache.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 143872 ----a-w- C:\Windows\system32\wextract.exe
2013-12-02 11:09:28 . 2013-12-02 11:09:28 13824 ----a-w- C:\Windows\system32\mshta.exe
2013-12-02 11:09:28 . 2013-12-02 11:09:28 135680 ----a-w- C:\Windows\system32\iepeers.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 13312 ----a-w- C:\Windows\system32\msfeedssync.exe
2013-12-02 11:09:28 . 2013-12-02 11:09:28 131072 ----a-w- C:\Windows\system32\IEAdvpack.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 1228800 ----a-w- C:\Windows\system32\mshtmlmedia.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 105984 ----a-w- C:\Windows\system32\iesysprep.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 101376 ----a-w- C:\Windows\system32\inseng.dll


hab selber otl ausgeführt hier die beiden logs

OTL
code:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 01.03.2014 09:25:53 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\milari\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

16,00 Gb Total Physical Memory | 12,36 Gb Available Physical Memory | 77,29% Memory free
31,99 Gb Paging File | 28,39 Gb Available in Paging File | 88,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 145,49 Gb Total Space | 13,79 Gb Free Space | 9,48% Space Free | Partition Type: NTFS
Drive D: | 3,54 Gb Total Space | 3,46 Gb Free Space | 97,63% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 21,34 Gb Free Space | 14,32% Space Free | Partition Type: NTFS
Drive F: | 29,30 Gb Total Space | 2,61 Gb Free Space | 8,92% Space Free | Partition Type: NTFS
Drive G: | 268,79 Gb Total Space | 79,65 Gb Free Space | 29,63% Space Free | Partition Type: NTFS
Drive H: | 21,05 Gb Total Space | 6,79 Gb Free Space | 32,24% Space Free | Partition Type: NTFS
Drive I: | 29,29 Gb Total Space | 12,90 Gb Free Space | 44,02% Space Free | Partition Type: NTFS
Drive J: | 52,00 Gb Total Space | 5,04 Gb Free Space | 9,70% Space Free | Partition Type: NTFS
Drive K: | 35,56 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive L: | 46,70 Gb Total Space | 13,36 Gb Free Space | 28,60% Space Free | Partition Type: NTFS
Drive T: | 3,65 Gb Total Space | 1,59 Gb Free Space | 43,48% Space Free | Partition Type: FAT32

Computer Name: MICHAEL-PC | User Name: Michael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.03.01 09:24:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\milari\Desktop\OTL.exe
PRC - [2014.02.22 09:16:33 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
PRC - [2014.02.15 09:07:37 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.11.14 19:38:23 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe
PRC - [2013.10.08 13:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\nis.exe
PRC - [2013.08.20 16:07:58 | 003,455,264 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectifyd.exe
PRC - [2013.08.20 16:07:16 | 000,427,520 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\ConnectifyService.exe
PRC - [2012.09.28 15:23:00 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2012.09.24 13:46:16 | 000,656,480 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2012.08.13 22:15:34 | 001,568,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.03\AsusFanControlService.exe
PRC - [2012.06.01 17:42:18 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012.06.01 17:42:18 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2012.04.24 16:05:14 | 012,660,072 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Ralink\Common\RaUI.exe
PRC - [2012.03.13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012.02.17 14:26:00 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012.01.12 23:00:04 | 000,372,736 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
PRC - [2011.12.01 17:11:48 | 000,743,936 | ---- | M] () -- C:\Program Files (x86)\CPUCooL\CooLSRV.exe
PRC - [2011.05.11 19:47:06 | 001,353,232 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\sp6\LU\LogitechUpdate.exe
PRC - [2011.05.11 19:47:02 | 000,351,248 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\sp6\LU\LULnchr.exe
PRC - [2011.05.05 16:09:56 | 006,696,960 | ---- | M] () -- C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtWLan.exe
PRC - [2011.01.19 09:27:22 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtlService.exe
PRC - [2009.12.31 14:13:52 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\milari\AppData\Roaming\Telekom Internet Manager\ouc.exe
PRC - [2009.01.29 23:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe


========== Modules (No Company Name) ==========

MOD - [2014.02.22 09:16:33 | 016,265,096 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
MOD - [2014.02.15 09:07:37 | 003,578,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.04.24 16:41:14 | 001,087,336 | ---- | M] () -- C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.02.06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.10.08 13:52:58 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.10.08 09:34:38 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007.03.16 01:24:18 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbccoms.exe -- (lxbc_device)
SRV - [2014.02.22 09:16:37 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.02.15 09:07:37 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.01.17 20:01:08 | 000,187,592 | ---- | M] (Sandboxie Holdings, LLC) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.10.08 13:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe -- (NIS)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.08.20 16:07:16 | 000,427,520 | ---- | M] (Connectify) [Auto | Running] -- C:\Program Files (x86)\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2013.07.22 10:29:31 | 000,026,088 | ---- | M] (CyberGhost S.R.L) [Auto | Stopped] -- C:\Programme\CyberGhost VPN\Service.exe -- (CGVPNCliService)
SRV - [2013.02.10 14:55:30 | 000,012,288 | ---- | M] (Chris Pietschmann (hxxp://pietschsoft.com)) [Auto | Running] -- C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe -- (Virtual Router)
SRV - [2012.10.01 08:22:52 | 000,359,224 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012.09.24 13:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012.08.13 22:15:34 | 001,568,640 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.03\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012.06.01 17:42:18 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012.06.01 17:42:18 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2012.02.17 14:26:00 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012.01.12 23:01:12 | 000,447,488 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe -- (RalinkRegistryWriter64)
SRV - [2012.01.12 23:00:04 | 000,372,736 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2011.12.09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011.12.01 17:11:48 | 000,743,936 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CPUCooL\CooLSRV.exe -- (CPUCooLServer)
SRV - [2011.08.18 17:53:38 | 000,625,728 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe -- (RaMediaServer)
SRV - [2011.01.19 09:27:22 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtlService.exe -- (AsusSE)
SRV - [2010.05.20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.29 22:23:28 | 000,071,832 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP5\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.03.16 01:24:02 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxbccoms.exe -- (lxbc_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.02.28 19:59:33 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2013.11.20 15:08:40 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.11.14 19:47:30 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013.10.08 14:58:42 | 012,534,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.10.08 13:27:46 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.09.27 04:18:30 | 001,147,480 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013.09.27 03:26:03 | 000,858,200 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.09.26 04:28:00 | 000,590,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.09.26 03:50:25 | 000,162,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013.09.02 19:39:27 | 000,034,840 | ---- | M] (Connectify) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cnnctfy3.sys -- (cnnctfy3)
DRV:64bit: - [2013.08.01 12:39:46 | 000,633,680 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2013.08.01 12:39:46 | 000,390,352 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uim_vimx64.sys -- (Uim_VIM)
DRV:64bit: - [2013.08.01 12:39:46 | 000,090,960 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2013.08.01 04:19:50 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\symds64.sys -- (SymDS)
DRV:64bit: - [2013.07.31 05:13:30 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013.07.31 04:44:44 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.07.05 09:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.02.12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013.02.08 15:45:38 | 000,036,736 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013.02.07 22:11:25 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.12.20 16:23:42 | 000,014,952 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\iPodDrv.sys -- (iPodDrv)
DRV:64bit: - [2012.09.18 10:32:44 | 000,042,808 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2012.09.18 10:32:32 | 000,075,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2012.09.18 10:32:32 | 000,061,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.05.31 11:06:14 | 000,032,400 | ---- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2012.04.17 10:31:12 | 001,728,064 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.16 15:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2011.09.29 10:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.29 11:55:48 | 001,143,400 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011.03.14 19:28:21 | 000,195,584 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv)
DRV:64bit: - [2011.03.14 19:28:21 | 000,137,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.11 20:12:02 | 000,019,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ntiopnp.sys -- (ntiopnp)
DRV:64bit: - [2010.05.20 15:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2009.12.15 10:46:38 | 000,039,552 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tcpipBM.sys -- (tcpipBM)
DRV:64bit: - [2009.12.15 10:46:30 | 000,016,512 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BMLoad.sys -- (BMLoad)
DRV:64bit: - [2009.12.07 19:53:26 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.10.12 15:23:22 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.06.17 08:22:24 | 000,040,464 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcd10bus.sys -- (vcd10bus)
DRV:64bit: - [2007.07.24 03:53:04 | 000,125,992 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PnP680r.sys -- (Pnp680r)
DRV:64bit: - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2006.11.10 14:08:58 | 000,030,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATITool64.sys -- (ATITool)
DRV:64bit: - [2000.01.01 01:00:00 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2000.01.01 01:00:00 | 000,011,904 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV - [2014.02.27 18:47:06 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140227.009\ex64.sys -- (NAVEX15)
DRV - [2014.02.27 18:47:06 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140227.009\eng64.sys -- (NAVENG)
DRV - [2014.01.22 00:37:39 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20140227.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014.01.17 20:01:06 | 000,202,600 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2013.12.18 01:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20140214.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013.11.23 21:58:56 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.11.23 21:58:56 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013.08.01 12:39:48 | 000,019,792 | ---- | M] (Paragon Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Paragon Software\Festplatten Manager 2013 Kompakt\program\biontdrv.sys -- (BioNTDrv)
DRV - [2012.11.20 13:55:42 | 000,057,512 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2009.08.22 19:25:00 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP5\WNt500x64\sandra.sys -- (SANDRA)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 01 A6 47 0D 1F 15 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013.01.21 14:37:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013.03.07 16:18:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ [2014.03.01 09:16:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013.11.15 18:03:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quick_start@gmail.com: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\extensions\quick_start@gmail.com [2014.02.28 17:55:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.12.20 22:51:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Extensions
[2014.02.28 17:55:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\jqqnzp32.default\extensions
[2014.02.28 17:55:52 | 000,000,000 | ---D | M] ("Quick Start") -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\jqqnzp32.default\extensions\quick_start@gmail.com
[2014.02.26 06:23:14 | 000,008,260 | ---- | M] () (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\firefox\profiles\jqqnzp32.default\extensions\{172bcbe1-7d37-447b-8382-ef306da590c5}.xpi
[2014.02.27 21:31:56 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\firefox\profiles\jqqnzp32.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.11.16 09:40:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.02.15 09:07:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2014.03.01 09:02:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [combofix] C:\ComboFix\CF26397.3XE (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [D3DOverrider] C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderWrapper.exe ()
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DT Empfehlungstool] "C:\Users\Michael\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 1 File not found
O4 - HKCU..\Run: [DT Emphelungstool] "C:\Users\Michael\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 1 File not found
O4 - HKCU..\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O4 - HKCU..\Run: [uTorrent] C:\Users\Michael\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4:64bit: - HKLM..\RunOnce: [combofix] C:\ComboFix\CF26397.3XE (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnceEx: [flags] Reg Error: Invalid data type. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0E7AE781-3A1B-4352-9509-67E8E9E098F8}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - J:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.03.01 09:06:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.03.01 09:02:49 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014.03.01 09:02:49 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\temp
[2014.03.01 08:53:02 | 000,000,000 | --SD | C] -- C:\ComboFix
[2014.02.28 18:48:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.02.28 18:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014.02.28 17:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\monarimo
[2014.02.23 16:20:18 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\GottModus.{ED7BA470-8E54-465E-825C-99712043E01C}
[2014.02.23 15:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2014.02.23 15:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless
[2014.02.23 15:04:41 | 001,728,064 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys
[2014.02.23 15:04:41 | 000,327,008 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2014.02.23 15:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink Driver
[2014.02.23 15:04:07 | 001,115,136 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAIHV.dll
[2014.02.23 15:04:07 | 001,115,136 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAIHV.dll
[2014.02.23 15:04:07 | 000,127,488 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAEXTUI.dll
[2014.02.23 15:04:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RaLanguages
[2014.02.23 15:04:05 | 002,403,392 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RaCertMgr.dll
[2014.02.23 15:04:05 | 001,608,768 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RaCertMgr.dll
[2014.02.23 15:04:05 | 000,127,488 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAEXTUI.dll
[2014.02.23 15:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ralink
[2014.02.23 15:03:32 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\InstallShield
[2014.02.17 13:41:00 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014.02.17 13:41:00 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2014.02.17 13:41:00 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014.02.17 13:41:00 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2014.02.17 13:40:59 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2014.02.17 13:40:59 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014.02.17 13:40:59 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014.02.17 13:40:59 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2014.02.17 13:40:43 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014.02.17 13:40:27 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014.02.17 13:40:27 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2014.02.17 13:40:26 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2014.02.17 13:40:25 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014.02.17 13:40:25 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2014.02.17 13:40:25 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014.02.17 13:40:24 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014.02.17 13:40:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2014.02.17 13:40:23 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014.02.17 13:40:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014.02.17 13:40:22 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014.02.17 13:40:22 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2014.02.17 13:40:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2014.02.17 13:40:20 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014.02.17 13:40:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2014.02.17 13:40:20 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014.02.17 13:40:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2014.02.17 13:40:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2014.02.17 13:40:19 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014.02.17 13:40:17 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014.02.17 13:40:17 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2014.02.17 13:40:10 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014.02.17 13:40:10 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2014.02.17 13:40:10 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014.02.17 13:40:10 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2014.02.17 13:40:04 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2014.02.17 13:40:04 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014.02.17 13:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2014.02.14 03:01:40 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.02.14 03:00:54 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.14 03:00:53 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.14 03:00:53 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.14 03:00:53 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.14 03:00:52 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.14 03:00:52 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.14 03:00:52 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.14 03:00:51 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.14 03:00:51 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.14 03:00:50 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.14 03:00:50 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.14 03:00:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.14 03:00:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.14 03:00:50 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.14 03:00:50 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.14 03:00:49 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.14 03:00:49 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.02.14 03:00:49 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.14 03:00:49 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.14 03:00:48 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.14 03:00:46 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.14 03:00:46 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.14 03:00:43 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.13 07:29:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.02.13 07:29:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.02.13 07:29:17 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014.02.13 07:29:16 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014.02.13 07:29:16 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014.02.13 07:29:16 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014.02.13 07:29:16 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014.02.13 07:29:16 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014.02.13 07:29:16 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014.02.13 07:29:16 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014.02.13 07:29:16 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014.02.13 07:29:16 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014.02.13 07:29:16 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014.02.13 07:29:16 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014.02.13 07:29:16 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014.02.13 07:29:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014.02.13 07:29:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014.02.13 07:29:16 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014.02.13 07:29:16 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014.02.13 07:29:12 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014.02.13 07:29:12 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014.02.08 06:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.02.08 06:02:02 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.02.08 06:01:39 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.02.08 06:01:39 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.02.08 06:01:39 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.02.08 06:01:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.02.08 06:01:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014.02.08 05:55:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013.10.29 23:19:04 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Users\Michael\AppData\Roaming\mfc71.dll
[2013.10.29 23:19:04 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Users\Michael\AppData\Roaming\MFC71u.dll
[2013.10.29 23:19:04 | 001,007,616 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Users\Michael\AppData\Roaming\LiveUpdate.exe
[2013.10.29 23:19:04 | 000,927,504 | ---- | C] (Microsoft Corporation) -- C:\Users\Michael\AppData\Roaming\mfc40u.dll
[2013.10.29 23:19:04 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Users\Michael\AppData\Roaming\msvcp71.dll
[2013.10.29 23:19:04 | 000,401,462 | ---- | C] (Microsoft Corporation) -- C:\Users\Michael\AppData\Roaming\msvcp60.dll
[2013.10.29 23:19:04 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Users\Michael\AppData\Roaming\msvcr71.dll
[2013.10.29 23:19:04 | 000,151,552 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Users\Michael\AppData\Roaming\XMessageBox.dll

========== Files - Modified Within 30 Days ==========

[2014.03.01 09:23:48 | 000,027,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.03.01 09:23:48 | 000,027,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.03.01 09:16:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.03.01 09:13:23 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2014.03.01 09:13:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.03.01 09:13:02 | 4291,416,062 | -HS- | M] () -- C:\hiberfil.sys
[2014.03.01 09:02:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.02.28 19:59:33 | 000,016,152 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2014.02.28 18:58:17 | 000,001,638 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2014.02.28 18:50:28 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.02.28 18:00:17 | 000,001,933 | ---- | M] () -- C:\Users\Michael\Desktop\Sync Folder.lnk
[2014.02.28 17:50:11 | 000,179,449 | ---- | M] () -- C:\Windows\unins000.dat
[2014.02.28 17:50:11 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Video Downloader.lnk
[2014.02.28 17:48:49 | 001,227,465 | ---- | M] () -- C:\Windows\unins000.exe
[2014.02.23 15:09:29 | 000,000,996 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
[2014.02.22 09:16:33 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.02.22 09:16:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.02.17 13:39:03 | 000,000,683 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2014.02.08 18:44:22 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2014.02.08 06:01:28 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.02.08 06:01:27 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.02.08 06:01:27 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.02.08 06:01:27 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.02.06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.06 11:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.02.03 22:51:29 | 013,897,728 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Sandra.mdb
[2014.02.03 22:19:28 | 000,000,064 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Sandra.ldb
[2014.02.02 18:37:48 | 003,737,780 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.02.02 18:37:48 | 001,542,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.02 18:37:48 | 001,092,904 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.02.02 18:37:48 | 000,969,752 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.02 18:37:48 | 000,006,248 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.02 14:15:14 | 000,000,282 | ---- | M] () -- C:\Windows\Lexstat.ini

========== Files Created - No Company Name ==========

[2014.02.28 18:00:16 | 000,001,933 | ---- | C] () -- C:\Users\Michael\Desktop\Sync Folder.lnk
[2014.02.28 17:50:11 | 001,227,465 | ---- | C] () -- C:\Windows\unins000.exe
[2014.02.28 17:50:11 | 000,179,449 | ---- | C] () -- C:\Windows\unins000.dat
[2014.02.28 17:50:10 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Video Downloader.lnk
[2014.02.23 15:05:08 | 000,000,996 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
[2014.02.23 15:04:43 | 000,014,119 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2014.02.23 15:04:41 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2014.02.23 15:04:07 | 000,000,451 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.ini
[2014.02.23 15:04:07 | 000,000,451 | ---- | C] () -- C:\Windows\SysNative\DiagFunc.ini
[2014.02.23 15:04:05 | 000,792,416 | ---- | C] () -- C:\Windows\SysNative\DiagFunc.dll
[2014.02.23 15:04:04 | 000,792,416 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.dll
[2014.02.17 13:39:03 | 000,000,683 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2014.01.17 06:38:04 | 000,000,064 | ---- | C] () -- C:\Users\Michael\AppData\Roaming\Sandra.ldb
[2013.12.26 14:07:51 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.12.22 18:31:42 | 000,000,282 | ---- | C] () -- C:\Windows\Lexstat.ini
[2013.12.21 09:54:38 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcserv.dll
[2013.12.21 09:54:38 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcusb1.dll
[2013.12.21 09:54:38 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbchbn3.dll
[2013.12.21 09:54:38 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccomc.dll
[2013.12.21 09:54:38 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcpmui.dll
[2013.12.21 09:54:38 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbclmpm.dll
[2013.12.21 09:54:38 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccoms.exe
[2013.12.21 09:54:38 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccomm.dll
[2013.12.21 09:54:38 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbcutil.dll
[2013.12.21 09:54:38 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcinpa.dll
[2013.12.21 09:54:38 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbciesc.dll
[2013.12.21 09:54:38 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcih.exe
[2013.12.21 09:54:38 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBCinst.dll
[2013.12.21 09:54:38 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcppls.exe
[2013.12.21 09:54:38 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcprox.dll
[2013.12.21 09:54:38 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcpplc.dll
[2013.12.21 09:54:37 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccfg.exe
[2013.10.29 23:19:04 | 000,000,713 | ---- | C] () -- C:\Users\Michael\AppData\Roaming\LiveUpdate.ini
[2013.10.08 14:39:08 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.10.08 14:39:08 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.10.08 09:45:08 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013.09.08 08:43:46 | 013,897,728 | ---- | C] () -- C:\Users\Michael\AppData\Roaming\Sandra.mdb
[2013.08.16 21:51:32 | 000,003,749 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2013.07.25 20:32:48 | 000,000,680 | RHS- | C] () -- C:\Users\Michael\ntuser.pol
[2013.07.21 15:42:24 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2013.07.21 15:42:24 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2013.07.18 15:44:04 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013.07.14 17:56:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.03.12 14:04:35 | 000,000,020 | ---- | C] () -- C:\Users\Michael\defogger_reenable
[2013.03.10 00:15:07 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.03.10 00:15:07 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.03.10 00:15:07 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.03.10 00:15:07 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.03.10 00:15:07 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.03.04 16:07:07 | 000,001,638 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013.03.03 18:23:52 | 000,000,393 | ---- | C] () -- C:\Users\Michael\AppData\Local\HamsterVideoConverterSettings.cfg
[2013.01.13 22:37:06 | 003,039,152 | ---- | C] () -- C:\Windows\PE_File.dll
[2013.01.13 22:23:22 | 002,968,624 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2013.01.13 16:47:18 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012.12.22 00:30:34 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2012.12.22 00:28:00 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012.12.22 00:27:58 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.12.22 00:27:58 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012.12.20 23:11:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.12.20 22:17:10 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.12.20 22:16:58 | 000,030,057 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.09.28 02:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.09.28 02:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
--- --- ---
 

Themen zu onlinegame geht nicht mehr richtig
.com, application/pdf:, awesomehp, awesomehp entfernen, bonjour, cyberghost, error, keylogger.logixoft, nodrives, pup.optional.awesomehp.a, pup.optional.babylon.a, pup.optional.bandoo, pup.optional.bundleinstaller.a, pup.optional.conduit.a, pup.optional.iepluginservice.a, pup.optional.monarimo.a, pup.optional.opencandy, pup.optional.optimizerpro, pup.optional.softonic, pup.optional.spigot.a, pup.optional.suptab.a, pup.optional.sweetim, pup.optional.sweetpacks, pup.optional.wpmanager, quick_start, riskware.tool.ck, trojan.agent.fkn, trojan.msil


« Windows 7 / Sperrbildschirm / Abgesicherter Modus funktioniert nicht | Vermutung: AppRound.us Virus nach Installation einer Freeware - VBates Funde »


Ähnliche Themen: onlinegame geht nicht mehr richtig


  1. USB Maus geht nicht mehr - neue Maus geht nach 2 Tagen auch nicht mehr!
    Netzwerk und Hardware - 26.10.2015 (4)
  2. systweak nichts geht mehr richtig
    Plagegeister aller Art und deren Bekämpfung - 11.04.2014 (3)
  3. Nach Download, Firefox geht nicht mehr, Explorer läuft nicht richtig
    Log-Analyse und Auswertung - 27.03.2014 (11)
  4. PC läuft nicht mehr richtig, Programme werden nicht gestartet &&
    Plagegeister aller Art und deren Bekämpfung - 03.03.2014 (12)
  5. Internet geht von Zeit zu Zeit nicht mehr richtig
    Plagegeister aller Art und deren Bekämpfung - 13.02.2014 (17)
  6. Pc startet nicht mehr richtig
    Netzwerk und Hardware - 16.05.2013 (1)
  7. Xp bootet nicht mehr richtig
    Alles rund um Windows - 17.07.2012 (3)
  8. Win7 herunterfahren Button reagiert nicht, strg+alt+entf geht nicht mehr & cmd.exe geht nicht auf
    Plagegeister aller Art und deren Bekämpfung - 15.12.2011 (25)
  9. Explorer/XP-Desktop startet nicht richtig, IE poppt zu falschen Seiten, Win-Update geht nicht
    Log-Analyse und Auswertung - 23.10.2010 (8)
  10. DVD-Laufwerk funktioniert nicht mehr richtig
    Netzwerk und Hardware - 19.05.2010 (3)
  11. Antivirus Programme starten nicht mehr//Systemreset geht nicht mehr
    Log-Analyse und Auswertung - 03.01.2010 (1)
  12. Vista funktioniert nicht mehr richtig!
    Alles rund um Windows - 19.08.2009 (3)
  13. Internet geht nicht mehr richtig
    Plagegeister aller Art und deren Bekämpfung - 08.09.2008 (8)
  14. Mein Internet will ab 22 Uhr nicht mehr so richtig
    Plagegeister aller Art und deren Bekämpfung - 11.06.2008 (4)
  15. Internet geht auf einem PC nicht mehr, Laptop (am gleichen Router angeschlossen) geht
    Plagegeister aller Art und deren Bekämpfung - 04.12.2007 (0)
  16. Maus geht nicht mehr java geht nicht mehr...
    Log-Analyse und Auswertung - 05.09.2007 (3)
  17. Netzwerk geht nicht richtig
    Netzwerk und Hardware - 18.01.2005 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema onlinegame geht nicht mehr richtig - es gibt massive brobleme mit onlinegames wen ich was rauschicke wird es nicht weitergeleitet hab den verdacht das da was nicht stimt ps es sind alle drei rechner betroffen!!!! meine - onlinegame geht nicht mehr richtig...
Archiv
Du betrachtest: onlinegame geht nicht mehr richtig auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131