Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   onlinegame geht nicht mehr richtig (https://www.trojaner-board.de/150450-onlinegame-geht-mehr-richtig.html)

Mischka 28.02.2014 21:32
onlinegame geht nicht mehr richtig
 
es gibt massive brobleme mit onlinegames wen ich was rauschicke wird es nicht weitergeleitet
hab den verdacht das da was nicht stimt
ps es sind alle drei rechner betroffen!!!!

meine freundin hat aus panik combofix lauefen gelassen (grrrrrrrrrrrrrrrrr)
Hier der log vom combofix:
code:ComboFix 14-02-24.02 - Michael 01.03.2014 8:54:56.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16379.11231 [GMT 1:00]
ausgeführt von:: C:\Users\milari\Desktop\ComboFix.exe
AV: Norton Internet Security CBE *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security CBE *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security CBE *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt


(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))


C:\LIL1496.tmp
C:\LIL1497.tmp
C:\LIL14A5.tmp
C:\LIL14A6.tmp
C:\LIL14A7.tmp
C:\Users\Michael\AppData\Roaming\352

Infizierte Kopie von C:\Windows\SysWow64\userinit.exe wurde gefunden und desinfiziert
Kopie von - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe wurde wiederhergestellt


((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_DCService.exe


((((((((((((((((((((((( Dateien erstellt von 2014-02-01 bis 2014-03-01 ))))))))))))))))))))))))))))))


2014-03-01 08:02:49 . 2014-03-01 08:45:20 -------- d-----w- C:\Users\Michael\AppData\Local\temp
2014-03-01 08:02:49 . 2014-03-01 08:02:49 -------- d-----w- C:\Users\hedev\AppData\Local\temp
2014-03-01 08:02:49 . 2014-03-01 08:02:49 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-02-28 17:48:24 . 2014-02-28 17:50:32 -------- d-----w- C:\AdwCleaner
2014-02-28 16:50:11 . 2014-02-28 16:48:49 1227465 ----a-w- C:\Windows\unins000.exe
2014-02-28 16:50:00 . 2014-02-28 17:13:11 -------- d-----w- C:\Program Files (x86)\monarimo
2014-02-23 14:07:08 . 2014-02-23 14:07:08 -------- d-----w- C:\ProgramData\Ralink
2014-02-23 14:03:32 . 2014-02-23 14:03:32 -------- d-----w- C:\Users\Michael\AppData\Roaming\InstallShield
2014-02-17 12:41:00 . 2010-02-04 09:01:14 78680 ----a-w- C:\Windows\system32\XAPOFX1_4.dll
2014-02-17 12:41:00 . 2010-02-04 09:01:14 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll
2014-02-17 12:41:00 . 2010-02-04 09:01:14 530776 ----a-w- C:\Windows\system32\XAudio2_6.dll
2014-02-17 12:41:00 . 2010-02-04 09:01:14 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll
2014-02-15 06:46:26 . 2013-12-16 00:54:16 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DD0894C7-1F65-4EC0-BE8E-EEB4E726D92D}\mpengine.dll
2014-02-14 02:01:40 . 2013-12-21 09:53:45 548864 ----a-w- C:\Windows\system32\vbscript.dll
2014-02-14 02:01:40 . 2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-13 06:29:27 . 2013-12-06 02:30:08 2048 ----a-w- C:\Windows\system32\msxml3r.dll
2014-02-08 05:03:11 . 2014-02-08 05:03:11 -------- d-----w- C:\Program Files (x86)\Common Files\Java
2014-02-08 05:01:39 . 2014-02-08 05:01:28 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-08 05:01:25 . 2014-02-08 05:01:25 -------- d-----w- C:\Program Files (x86)\Java
2014-02-08 04:55:43 . 2014-02-08 04:55:44 -------- d-----w- C:\ProgramData\Oracle
.


(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-03-01 08:45:11 . 2013-03-07 07:58:05 16152 ----a-w- C:\Windows\system32\drivers\SWDUMon.sys
2014-02-22 08:16:33 . 2012-12-21 16:19:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-22 08:16:33 . 2012-12-21 16:19:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-18 02:00:40 . 2012-12-21 00:07:51 88567024 ----a-w- C:\Windows\system32\MRT.exe
2014-01-02 10:29:49 . 2013-11-17 08:01:14 893552 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-01-02 10:22:14 . 2013-11-19 12:28:57 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-01-01 04:52:22 . 2013-11-19 12:31:03 893552 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-01-01 04:45:33 . 2013-11-17 07:54:13 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-12-26 10:54:41 . 2013-11-17 07:53:58 1236816 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-12-18 05:13:56 . 2013-01-29 11:50:19 270496 ------w- C:\Windows\system32\MpSigStub.exe
2013-12-12 10:27:58 . 2013-11-19 12:28:50 1236816 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-12-02 17:46:13 . 2013-01-13 21:23:22 2968624 ----a-w- C:\Windows\PE_Rom.dll
2013-12-02 17:43:34 . 2013-01-13 21:37:06 3039152 ----a-w- C:\Windows\PE_File.dll
2013-12-02 11:09:38 . 2013-12-02 11:09:38 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2013-12-02 11:09:38 . 2013-12-02 11:09:37 940032 ----a-w- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 942592 ----a-w- C:\Windows\system32\jsIntl.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 86016 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 86016 ----a-w- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 74240 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 645120 ----a-w- C:\Windows\SysWow64\jsIntl.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 62464 ----a-w- C:\Windows\SysWow64\tdc.ocx
2013-12-02 11:09:29 . 2013-12-02 11:09:29 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 48640 ----a-w- C:\Windows\SysWow64\mshtmler.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 36352 ----a-w- C:\Windows\SysWow64\imgutil.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 34816 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 337408 ----a-w- C:\Windows\SysWow64\html.iec
2013-12-02 11:09:29 . 2013-12-02 11:09:29 247808 ----a-w- C:\Windows\system32\msls31.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 24576 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 235008 ----a-w- C:\Windows\system32\elshyph.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 182272 ----a-w- C:\Windows\SysWow64\msls31.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 151552 ----a-w- C:\Windows\SysWow64\iexpress.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 139264 ----a-w- C:\Windows\SysWow64\wextract.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 13312 ----a-w- C:\Windows\SysWow64\mshta.exe
2013-12-02 11:09:29 . 2013-12-02 11:09:29 111616 ----a-w- C:\Windows\SysWow64\IEAdvpack.dll
2013-12-02 11:09:29 . 2013-12-02 11:09:29 1051136 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 90112 ----a-w- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-02 11:09:28 . 2013-12-02 11:09:28 84992 ----a-w- C:\Windows\system32\mshtmled.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 83968 ----a-w- C:\Windows\system32\MshtmlDac.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 81408 ----a-w- C:\Windows\system32\icardie.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 774144 ----a-w- C:\Windows\system32\jscript.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 77312 ----a-w- C:\Windows\system32\tdc.ocx
2013-12-02 11:09:28 . 2013-12-02 11:09:28 62464 ----a-w- C:\Windows\system32\pngfilt.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 616104 ----a-w- C:\Windows\system32\ieapfltr.dat
2013-12-02 11:09:28 . 2013-12-02 11:09:28 52224 ----a-w- C:\Windows\system32\msfeedsbs.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 48640 ----a-w- C:\Windows\system32\mshtmler.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 48128 ----a-w- C:\Windows\system32\imgutil.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 453120 ----a-w- C:\Windows\system32\dxtmsft.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 413696 ----a-w- C:\Windows\system32\html.iec
2013-12-02 11:09:28 . 2013-12-02 11:09:28 40448 ----a-w- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 30208 ----a-w- C:\Windows\system32\licmgr10.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 296960 ----a-w- C:\Windows\system32\dxtrans.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 263376 ----a-w- C:\Windows\system32\iedkcs32.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 243200 ----a-w- C:\Windows\system32\webcheck.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 235520 ----a-w- C:\Windows\system32\url.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 167424 ----a-w- C:\Windows\system32\iexpress.exe
2013-12-02 11:09:28 . 2013-12-02 11:09:28 147968 ----a-w- C:\Windows\system32\occache.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 143872 ----a-w- C:\Windows\system32\wextract.exe
2013-12-02 11:09:28 . 2013-12-02 11:09:28 13824 ----a-w- C:\Windows\system32\mshta.exe
2013-12-02 11:09:28 . 2013-12-02 11:09:28 135680 ----a-w- C:\Windows\system32\iepeers.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 13312 ----a-w- C:\Windows\system32\msfeedssync.exe
2013-12-02 11:09:28 . 2013-12-02 11:09:28 131072 ----a-w- C:\Windows\system32\IEAdvpack.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 1228800 ----a-w- C:\Windows\system32\mshtmlmedia.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 105984 ----a-w- C:\Windows\system32\iesysprep.dll
2013-12-02 11:09:28 . 2013-12-02 11:09:28 101376 ----a-w- C:\Windows\system32\inseng.dll


hab selber otl ausgeführt hier die beiden logs

OTL
code:OTL Logfile:
Code:
OTL logfile created on: 01.03.2014 09:25:53 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\milari\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

16,00 Gb Total Physical Memory | 12,36 Gb Available Physical Memory | 77,29% Memory free
31,99 Gb Paging File | 28,39 Gb Available in Paging File | 88,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 145,49 Gb Total Space | 13,79 Gb Free Space | 9,48% Space Free | Partition Type: NTFS
Drive D: | 3,54 Gb Total Space | 3,46 Gb Free Space | 97,63% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 21,34 Gb Free Space | 14,32% Space Free | Partition Type: NTFS
Drive F: | 29,30 Gb Total Space | 2,61 Gb Free Space | 8,92% Space Free | Partition Type: NTFS
Drive G: | 268,79 Gb Total Space | 79,65 Gb Free Space | 29,63% Space Free | Partition Type: NTFS
Drive H: | 21,05 Gb Total Space | 6,79 Gb Free Space | 32,24% Space Free | Partition Type: NTFS
Drive I: | 29,29 Gb Total Space | 12,90 Gb Free Space | 44,02% Space Free | Partition Type: NTFS
Drive J: | 52,00 Gb Total Space | 5,04 Gb Free Space | 9,70% Space Free | Partition Type: NTFS
Drive K: | 35,56 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive L: | 46,70 Gb Total Space | 13,36 Gb Free Space | 28,60% Space Free | Partition Type: NTFS
Drive T: | 3,65 Gb Total Space | 1,59 Gb Free Space | 43,48% Space Free | Partition Type: FAT32

Computer Name: MICHAEL-PC | User Name: Michael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.03.01 09:24:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\milari\Desktop\OTL.exe
PRC - [2014.02.22 09:16:33 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
PRC - [2014.02.15 09:07:37 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.11.14 19:38:23 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe
PRC - [2013.10.08 13:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\nis.exe
PRC - [2013.08.20 16:07:58 | 003,455,264 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectifyd.exe
PRC - [2013.08.20 16:07:16 | 000,427,520 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\ConnectifyService.exe
PRC - [2012.09.28 15:23:00 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2012.09.24 13:46:16 | 000,656,480 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2012.08.13 22:15:34 | 001,568,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.03\AsusFanControlService.exe
PRC - [2012.06.01 17:42:18 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012.06.01 17:42:18 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2012.04.24 16:05:14 | 012,660,072 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Ralink\Common\RaUI.exe
PRC - [2012.03.13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012.02.17 14:26:00 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012.01.12 23:00:04 | 000,372,736 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
PRC - [2011.12.01 17:11:48 | 000,743,936 | ---- | M] () -- C:\Program Files (x86)\CPUCooL\CooLSRV.exe
PRC - [2011.05.11 19:47:06 | 001,353,232 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\sp6\LU\LogitechUpdate.exe
PRC - [2011.05.11 19:47:02 | 000,351,248 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\sp6\LU\LULnchr.exe
PRC - [2011.05.05 16:09:56 | 006,696,960 | ---- | M] () -- C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtWLan.exe
PRC - [2011.01.19 09:27:22 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtlService.exe
PRC - [2009.12.31 14:13:52 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\milari\AppData\Roaming\Telekom Internet Manager\ouc.exe
PRC - [2009.01.29 23:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe


========== Modules (No Company Name) ==========

MOD - [2014.02.22 09:16:33 | 016,265,096 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
MOD - [2014.02.15 09:07:37 | 003,578,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.04.24 16:41:14 | 001,087,336 | ---- | M] () -- C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.02.06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.10.08 13:52:58 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.10.08 09:34:38 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007.03.16 01:24:18 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbccoms.exe -- (lxbc_device)
SRV - [2014.02.22 09:16:37 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.02.15 09:07:37 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.01.17 20:01:08 | 000,187,592 | ---- | M] (Sandboxie Holdings, LLC) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.10.08 13:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe -- (NIS)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.08.20 16:07:16 | 000,427,520 | ---- | M] (Connectify) [Auto | Running] -- C:\Program Files (x86)\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2013.07.22 10:29:31 | 000,026,088 | ---- | M] (CyberGhost S.R.L) [Auto | Stopped] -- C:\Programme\CyberGhost VPN\Service.exe -- (CGVPNCliService)
SRV - [2013.02.10 14:55:30 | 000,012,288 | ---- | M] (Chris Pietschmann (hxxp://pietschsoft.com)) [Auto | Running] -- C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe -- (Virtual Router)
SRV - [2012.10.01 08:22:52 | 000,359,224 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012.09.24 13:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012.08.13 22:15:34 | 001,568,640 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.03\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012.06.01 17:42:18 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012.06.01 17:42:18 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2012.02.17 14:26:00 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012.01.12 23:01:12 | 000,447,488 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe -- (RalinkRegistryWriter64)
SRV - [2012.01.12 23:00:04 | 000,372,736 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2011.12.09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011.12.01 17:11:48 | 000,743,936 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CPUCooL\CooLSRV.exe -- (CPUCooLServer)
SRV - [2011.08.18 17:53:38 | 000,625,728 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe -- (RaMediaServer)
SRV - [2011.01.19 09:27:22 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtlService.exe -- (AsusSE)
SRV - [2010.05.20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.29 22:23:28 | 000,071,832 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP5\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.03.16 01:24:02 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxbccoms.exe -- (lxbc_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.02.28 19:59:33 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2013.11.20 15:08:40 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.11.14 19:47:30 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013.10.08 14:58:42 | 012,534,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.10.08 13:27:46 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.09.27 04:18:30 | 001,147,480 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013.09.27 03:26:03 | 000,858,200 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.09.26 04:28:00 | 000,590,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.09.26 03:50:25 | 000,162,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013.09.02 19:39:27 | 000,034,840 | ---- | M] (Connectify) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cnnctfy3.sys -- (cnnctfy3)
DRV:64bit: - [2013.08.01 12:39:46 | 000,633,680 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2013.08.01 12:39:46 | 000,390,352 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uim_vimx64.sys -- (Uim_VIM)
DRV:64bit: - [2013.08.01 12:39:46 | 000,090,960 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2013.08.01 04:19:50 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\symds64.sys -- (SymDS)
DRV:64bit: - [2013.07.31 05:13:30 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013.07.31 04:44:44 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.07.05 09:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.02.12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013.02.08 15:45:38 | 000,036,736 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013.02.07 22:11:25 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.12.20 16:23:42 | 000,014,952 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\iPodDrv.sys -- (iPodDrv)
DRV:64bit: - [2012.09.18 10:32:44 | 000,042,808 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2012.09.18 10:32:32 | 000,075,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2012.09.18 10:32:32 | 000,061,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.05.31 11:06:14 | 000,032,400 | ---- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2012.04.17 10:31:12 | 001,728,064 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.16 15:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2011.09.29 10:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.29 11:55:48 | 001,143,400 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011.03.14 19:28:21 | 000,195,584 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv)
DRV:64bit: - [2011.03.14 19:28:21 | 000,137,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.11 20:12:02 | 000,019,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ntiopnp.sys -- (ntiopnp)
DRV:64bit: - [2010.05.20 15:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2009.12.15 10:46:38 | 000,039,552 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tcpipBM.sys -- (tcpipBM)
DRV:64bit: - [2009.12.15 10:46:30 | 000,016,512 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BMLoad.sys -- (BMLoad)
DRV:64bit: - [2009.12.07 19:53:26 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.10.12 15:23:22 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.06.17 08:22:24 | 000,040,464 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcd10bus.sys -- (vcd10bus)
DRV:64bit: - [2007.07.24 03:53:04 | 000,125,992 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PnP680r.sys -- (Pnp680r)
DRV:64bit: - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2006.11.10 14:08:58 | 000,030,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATITool64.sys -- (ATITool)
DRV:64bit: - [2000.01.01 01:00:00 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2000.01.01 01:00:00 | 000,011,904 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV - [2014.02.27 18:47:06 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140227.009\ex64.sys -- (NAVEX15)
DRV - [2014.02.27 18:47:06 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140227.009\eng64.sys -- (NAVENG)
DRV - [2014.01.22 00:37:39 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20140227.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014.01.17 20:01:06 | 000,202,600 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2013.12.18 01:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20140214.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013.11.23 21:58:56 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.11.23 21:58:56 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013.08.01 12:39:48 | 000,019,792 | ---- | M] (Paragon Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Paragon Software\Festplatten Manager 2013 Kompakt\program\biontdrv.sys -- (BioNTDrv)
DRV - [2012.11.20 13:55:42 | 000,057,512 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2009.08.22 19:25:00 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP5\WNt500x64\sandra.sys -- (SANDRA)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 01 A6 47 0D 1F 15 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013.01.21 14:37:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013.03.07 16:18:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ [2014.03.01 09:16:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013.11.15 18:03:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quick_start@gmail.com: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\extensions\quick_start@gmail.com [2014.02.28 17:55:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.12.20 22:51:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Extensions
[2014.02.28 17:55:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\jqqnzp32.default\extensions
[2014.02.28 17:55:52 | 000,000,000 | ---D | M] ("Quick Start") -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\jqqnzp32.default\extensions\quick_start@gmail.com
[2014.02.26 06:23:14 | 000,008,260 | ---- | M] () (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\firefox\profiles\jqqnzp32.default\extensions\{172bcbe1-7d37-447b-8382-ef306da590c5}.xpi
[2014.02.27 21:31:56 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\firefox\profiles\jqqnzp32.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.11.16 09:40:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.02.15 09:07:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2014.03.01 09:02:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [combofix] C:\ComboFix\CF26397.3XE (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [D3DOverrider] C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderWrapper.exe ()
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DT Empfehlungstool] "C:\Users\Michael\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 1 File not found
O4 - HKCU..\Run: [DT Emphelungstool] "C:\Users\Michael\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 1 File not found
O4 - HKCU..\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O4 - HKCU..\Run: [uTorrent] C:\Users\Michael\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4:64bit: - HKLM..\RunOnce: [combofix] C:\ComboFix\CF26397.3XE (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnceEx: [flags] Reg Error: Invalid data type. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0E7AE781-3A1B-4352-9509-67E8E9E098F8}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - J:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.03.01 09:06:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.03.01 09:02:49 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014.03.01 09:02:49 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\temp
[2014.03.01 08:53:02 | 000,000,000 | --SD | C] -- C:\ComboFix
[2014.02.28 18:48:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.02.28 18:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014.02.28 17:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\monarimo
[2014.02.23 16:20:18 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\GottModus.{ED7BA470-8E54-465E-825C-99712043E01C}
[2014.02.23 15:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2014.02.23 15:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless
[2014.02.23 15:04:41 | 001,728,064 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys
[2014.02.23 15:04:41 | 000,327,008 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2014.02.23 15:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink Driver
[2014.02.23 15:04:07 | 001,115,136 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAIHV.dll
[2014.02.23 15:04:07 | 001,115,136 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAIHV.dll
[2014.02.23 15:04:07 | 000,127,488 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAEXTUI.dll
[2014.02.23 15:04:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RaLanguages
[2014.02.23 15:04:05 | 002,403,392 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RaCertMgr.dll
[2014.02.23 15:04:05 | 001,608,768 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RaCertMgr.dll
[2014.02.23 15:04:05 | 000,127,488 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAEXTUI.dll
[2014.02.23 15:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ralink
[2014.02.23 15:03:32 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\InstallShield
[2014.02.17 13:41:00 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014.02.17 13:41:00 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2014.02.17 13:41:00 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014.02.17 13:41:00 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2014.02.17 13:40:59 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2014.02.17 13:40:59 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014.02.17 13:40:59 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014.02.17 13:40:59 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2014.02.17 13:40:43 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014.02.17 13:40:27 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014.02.17 13:40:27 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2014.02.17 13:40:26 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2014.02.17 13:40:25 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014.02.17 13:40:25 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2014.02.17 13:40:25 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014.02.17 13:40:24 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014.02.17 13:40:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2014.02.17 13:40:23 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014.02.17 13:40:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014.02.17 13:40:22 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014.02.17 13:40:22 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2014.02.17 13:40:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2014.02.17 13:40:20 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014.02.17 13:40:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2014.02.17 13:40:20 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014.02.17 13:40:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2014.02.17 13:40:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2014.02.17 13:40:19 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014.02.17 13:40:17 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014.02.17 13:40:17 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2014.02.17 13:40:10 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014.02.17 13:40:10 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2014.02.17 13:40:10 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014.02.17 13:40:10 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2014.02.17 13:40:04 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2014.02.17 13:40:04 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014.02.17 13:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2014.02.14 03:01:40 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.02.14 03:00:54 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.14 03:00:53 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.14 03:00:53 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.14 03:00:53 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.14 03:00:52 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.14 03:00:52 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.14 03:00:52 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.14 03:00:51 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.14 03:00:51 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.14 03:00:50 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.14 03:00:50 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.14 03:00:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.14 03:00:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.14 03:00:50 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.14 03:00:50 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.14 03:00:49 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.14 03:00:49 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.02.14 03:00:49 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.14 03:00:49 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.14 03:00:48 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.14 03:00:46 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.14 03:00:46 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.14 03:00:43 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.13 07:29:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.02.13 07:29:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.02.13 07:29:17 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014.02.13 07:29:16 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014.02.13 07:29:16 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014.02.13 07:29:16 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014.02.13 07:29:16 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014.02.13 07:29:16 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014.02.13 07:29:16 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014.02.13 07:29:16 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014.02.13 07:29:16 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014.02.13 07:29:16 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014.02.13 07:29:16 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014.02.13 07:29:16 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014.02.13 07:29:16 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014.02.13 07:29:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014.02.13 07:29:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014.02.13 07:29:16 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014.02.13 07:29:16 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014.02.13 07:29:12 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014.02.13 07:29:12 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014.02.08 06:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.02.08 06:02:02 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.02.08 06:01:39 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.02.08 06:01:39 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.02.08 06:01:39 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.02.08 06:01:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.02.08 06:01:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014.02.08 05:55:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013.10.29 23:19:04 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Users\Michael\AppData\Roaming\mfc71.dll
[2013.10.29 23:19:04 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Users\Michael\AppData\Roaming\MFC71u.dll
[2013.10.29 23:19:04 | 001,007,616 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Users\Michael\AppData\Roaming\LiveUpdate.exe
[2013.10.29 23:19:04 | 000,927,504 | ---- | C] (Microsoft Corporation) -- C:\Users\Michael\AppData\Roaming\mfc40u.dll
[2013.10.29 23:19:04 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Users\Michael\AppData\Roaming\msvcp71.dll
[2013.10.29 23:19:04 | 000,401,462 | ---- | C] (Microsoft Corporation) -- C:\Users\Michael\AppData\Roaming\msvcp60.dll
[2013.10.29 23:19:04 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Users\Michael\AppData\Roaming\msvcr71.dll
[2013.10.29 23:19:04 | 000,151,552 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Users\Michael\AppData\Roaming\XMessageBox.dll

========== Files - Modified Within 30 Days ==========

[2014.03.01 09:23:48 | 000,027,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.03.01 09:23:48 | 000,027,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.03.01 09:16:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.03.01 09:13:23 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2014.03.01 09:13:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.03.01 09:13:02 | 4291,416,062 | -HS- | M] () -- C:\hiberfil.sys
[2014.03.01 09:02:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.02.28 19:59:33 | 000,016,152 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2014.02.28 18:58:17 | 000,001,638 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2014.02.28 18:50:28 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.02.28 18:00:17 | 000,001,933 | ---- | M] () -- C:\Users\Michael\Desktop\Sync Folder.lnk
[2014.02.28 17:50:11 | 000,179,449 | ---- | M] () -- C:\Windows\unins000.dat
[2014.02.28 17:50:11 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Video Downloader.lnk
[2014.02.28 17:48:49 | 001,227,465 | ---- | M] () -- C:\Windows\unins000.exe
[2014.02.23 15:09:29 | 000,000,996 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
[2014.02.22 09:16:33 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.02.22 09:16:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.02.17 13:39:03 | 000,000,683 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2014.02.08 18:44:22 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2014.02.08 06:01:28 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.02.08 06:01:27 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.02.08 06:01:27 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.02.08 06:01:27 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.02.06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.06 11:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.02.03 22:51:29 | 013,897,728 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Sandra.mdb
[2014.02.03 22:19:28 | 000,000,064 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Sandra.ldb
[2014.02.02 18:37:48 | 003,737,780 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.02.02 18:37:48 | 001,542,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.02 18:37:48 | 001,092,904 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.02.02 18:37:48 | 000,969,752 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.02 18:37:48 | 000,006,248 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.02 14:15:14 | 000,000,282 | ---- | M] () -- C:\Windows\Lexstat.ini

========== Files Created - No Company Name ==========

[2014.02.28 18:00:16 | 000,001,933 | ---- | C] () -- C:\Users\Michael\Desktop\Sync Folder.lnk
[2014.02.28 17:50:11 | 001,227,465 | ---- | C] () -- C:\Windows\unins000.exe
[2014.02.28 17:50:11 | 000,179,449 | ---- | C] () -- C:\Windows\unins000.dat
[2014.02.28 17:50:10 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Video Downloader.lnk
[2014.02.23 15:05:08 | 000,000,996 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
[2014.02.23 15:04:43 | 000,014,119 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2014.02.23 15:04:41 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2014.02.23 15:04:07 | 000,000,451 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.ini
[2014.02.23 15:04:07 | 000,000,451 | ---- | C] () -- C:\Windows\SysNative\DiagFunc.ini
[2014.02.23 15:04:05 | 000,792,416 | ---- | C] () -- C:\Windows\SysNative\DiagFunc.dll
[2014.02.23 15:04:04 | 000,792,416 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.dll
[2014.02.17 13:39:03 | 000,000,683 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2014.01.17 06:38:04 | 000,000,064 | ---- | C] () -- C:\Users\Michael\AppData\Roaming\Sandra.ldb
[2013.12.26 14:07:51 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.12.22 18:31:42 | 000,000,282 | ---- | C] () -- C:\Windows\Lexstat.ini
[2013.12.21 09:54:38 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcserv.dll
[2013.12.21 09:54:38 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcusb1.dll
[2013.12.21 09:54:38 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbchbn3.dll
[2013.12.21 09:54:38 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccomc.dll
[2013.12.21 09:54:38 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcpmui.dll
[2013.12.21 09:54:38 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbclmpm.dll
[2013.12.21 09:54:38 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccoms.exe
[2013.12.21 09:54:38 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccomm.dll
[2013.12.21 09:54:38 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbcutil.dll
[2013.12.21 09:54:38 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcinpa.dll
[2013.12.21 09:54:38 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbciesc.dll
[2013.12.21 09:54:38 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcih.exe
[2013.12.21 09:54:38 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBCinst.dll
[2013.12.21 09:54:38 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcppls.exe
[2013.12.21 09:54:38 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcprox.dll
[2013.12.21 09:54:38 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcpplc.dll
[2013.12.21 09:54:37 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccfg.exe
[2013.10.29 23:19:04 | 000,000,713 | ---- | C] () -- C:\Users\Michael\AppData\Roaming\LiveUpdate.ini
[2013.10.08 14:39:08 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.10.08 14:39:08 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.10.08 09:45:08 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013.09.08 08:43:46 | 013,897,728 | ---- | C] () -- C:\Users\Michael\AppData\Roaming\Sandra.mdb
[2013.08.16 21:51:32 | 000,003,749 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2013.07.25 20:32:48 | 000,000,680 | RHS- | C] () -- C:\Users\Michael\ntuser.pol
[2013.07.21 15:42:24 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2013.07.21 15:42:24 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2013.07.18 15:44:04 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013.07.14 17:56:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.03.12 14:04:35 | 000,000,020 | ---- | C] () -- C:\Users\Michael\defogger_reenable
[2013.03.10 00:15:07 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.03.10 00:15:07 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.03.10 00:15:07 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.03.10 00:15:07 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.03.10 00:15:07 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.03.04 16:07:07 | 000,001,638 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013.03.03 18:23:52 | 000,000,393 | ---- | C] () -- C:\Users\Michael\AppData\Local\HamsterVideoConverterSettings.cfg
[2013.01.13 22:37:06 | 003,039,152 | ---- | C] () -- C:\Windows\PE_File.dll
[2013.01.13 22:23:22 | 002,968,624 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2013.01.13 16:47:18 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012.12.22 00:30:34 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2012.12.22 00:28:00 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012.12.22 00:27:58 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.12.22 00:27:58 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012.12.20 23:11:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.12.20 22:17:10 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.12.20 22:16:58 | 000,030,057 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.09.28 02:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.09.28 02:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
--- --- ---

schrauber 01.03.2014 09:27
hi,

Zitat:
ps es sind alle drei rechner betroffen!!!!
Aha.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307




Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Mischka 03.03.2014 20:53
hier die frst logfils

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-03-2014 01
Ran by Michael (administrator) on MICHAEL-PC on 04-03-2014 20:50:43
Running from C:\Users\Michael\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.03\AsusFanControlService.exe
(Realtek) C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtlService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
() C:\Program Files (x86)\CPUCooL\CooLSrv.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyD.exe
( ) C:\Windows\system32\lxbccoms.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(BitTorrent Inc.) C:\Users\Michael\AppData\Roaming\uTorrent\uTorrent.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(Huawei Technologies Co., Ltd.) C:\Users\Michael\AppData\Roaming\Telekom Internet Manager\ouc.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Hybrid DIGI+ VRM\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverrider.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Huawei Technologies Co., Ltd.) C:\Users\milari\AppData\Roaming\Telekom Internet Manager\ouc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverrider.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Hybrid DIGI+ VRM\PowerControlHelp.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\sp6\LU\LULnchr.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\sp6\LU\LogitechUpdate.exe
() C:\Program Files (x86)\Telekom\InternetManager_H\Telekom Internet Manager.exe
() C:\Program Files (x86)\Telekom\InternetManager_H\bmsdk.exe
(Bytemobile, Inc.) C:\Program Files (x86)\Telekom\InternetManager_H\bmctl.exe
(Lexmark International Inc.) C:\Windows\system32\spool\drivers\x64\3\LXBCPSWX.EXE
(Lexmark International Inc.) C:\Windows\system32\spool\drivers\x64\3\LXBCJSWX.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtWlan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [D3DOverrider] - C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderWrapper.exe [40960 2009-08-22] ()
HKLM-x32\...\Run: [CloneCDTray] - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [DataCardMonitor] - C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe [253952 2013-11-14] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-09-28] (AMD)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [uTorrent] - C:\Users\Michael\AppData\Roaming\uTorrent\uTorrent.exe [904272 2013-11-16] (BitTorrent Inc.)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] - C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [DT Emphelungstool] - "C:\Users\Michael\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 1
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [DT Empfehlungstool] - "C:\Users\Michael\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 1
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3171436589-2751985768-4002669470-1004\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-09-28] (AMD)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1004\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] - C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3171436589-2751985768-4002669470-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-3171436589-2751985768-4002669470-1006\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01A6470D1F15CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: PodcastBHO Class - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin HKCU: @doubletwist.com/NPPodcast - C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Quick Start - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\Extensions\quick_start@gmail.com [2014-02-28]
FF Extension: monarimo - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\Extensions\{172bcbe1-7d37-447b-8382-ef306da590c5}.xpi [2014-02-26]
FF Extension: Adblock Plus - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-01-21]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\extensions\quick_start@gmail.com [2014-02-28]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-08] (Advanced Micro Devices, Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.03\AsusFanControlService.exe [1568640 2012-08-13] (ASUSTeK Computer Inc.)
R2 AsusSE; C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtlService.exe [36864 2011-01-19] (Realtek)
S2 CGVPNCliService; C:\Program Files\CyberGhost VPN\Service.exe [26088 2013-07-22] (CyberGhost S.R.L)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [427520 2013-08-20] (Connectify)
R2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()
R2 lxbc_device; C:\Windows\system32\lxbccoms.exe [566704 2007-03-16] ( )
R2 lxbc_device; C:\Windows\SysWOW64\lxbccoms.exe [537520 2007-03-16] ( )
R2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [625728 2011-08-18] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP5\RpcAgentSrv.exe [71832 2008-08-29] (SiSoftware)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com))

==================== Drivers (Whitelisted) ====================

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11904 2000-01-01] (Advanced Micro Devices Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-20] (AVG Technologies)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
S3 BioNTDrv; C:\Program Files (x86)\Paragon Software\Festplatten Manager 2013 Kompakt\program\BioNTDrv.SYS [19792 2013-08-01] (Paragon Software GmbH)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [34840 2013-09-02] (Connectify)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-23] (Symantec Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-23] (Symantec Corporation)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20140228.001\IDSvia64.sys [521944 2014-01-22] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140303.001\ENG64.SYS [126040 2014-02-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140303.001\EX64.SYS [2099288 2014-02-27] (Symantec Corporation)
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
R0 Pnp680r; C:\Windows\System32\DRIVERS\pnp680r.sys [125992 2007-07-24] (Silicon Image, Inc)
S3 RivaTuner64; C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [12288 2009-08-22] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP5\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-02-07] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-03-01] ()
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
R1 tcpipBM; C:\Windows\System32\Drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-08-01] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-08-01] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-08-01] (Paragon)
S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [137728 2011-03-14] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [195584 2011-03-14] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-04 20:50 - 2014-03-04 20:51 - 00023665 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-03-04 20:50 - 2014-03-04 20:50 - 00000000 ____D () C:\FRST
2014-03-04 20:48 - 2014-03-04 20:48 - 02156544 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2014-03-02 13:13 - 2014-03-02 13:13 - 00000000 ____D () C:\Users\milari\AppData\Roaming\Wargaming.net
2014-03-01 09:38 - 2014-03-01 09:38 - 00103404 _____ () C:\Users\Michael\Documents\Extras.Txt28.02.txt
2014-03-01 09:37 - 2014-03-01 09:37 - 00130106 _____ () C:\Users\Michael\Documents\OTL.Txt28.02.txt
2014-03-01 09:34 - 2014-03-01 09:34 - 00103404 _____ () C:\Users\milari\Desktop\Extras.Txt
2014-03-01 09:33 - 2014-03-01 09:33 - 00130106 _____ () C:\Users\milari\Desktop\OTL.Txt
2014-03-01 09:24 - 2014-03-01 09:24 - 00602112 _____ (OldTimer Tools) C:\Users\milari\Desktop\OTL.exe
2014-03-01 09:05 - 2014-03-01 09:05 - 00000708 _____ () C:\Windows\PFRO.log
2014-03-01 08:53 - 2014-03-01 09:46 - 00000000 ____D () C:\ComboFix
2014-03-01 08:50 - 2014-03-01 08:51 - 05185084 ____R (Swearware) C:\Users\milari\Desktop\ComboFix.exe
2014-03-01 06:53 - 2014-03-01 09:13 - 00000168 _____ () C:\Windows\setupact.log
2014-03-01 06:53 - 2014-03-01 06:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-28 18:48 - 2014-02-28 18:50 - 00000000 ____D () C:\AdwCleaner
2014-02-28 18:47 - 2014-02-28 18:47 - 01244192 _____ () C:\Users\milari\Downloads\adwcleaner_3.0.2.0.exe
2014-02-28 18:00 - 2014-02-28 18:00 - 00001933 _____ () C:\Users\Michael\Desktop\Sync Folder.lnk
2014-02-28 17:50 - 2014-02-28 18:13 - 00000000 ____D () C:\Program Files (x86)\monarimo
2014-02-28 17:50 - 2014-02-28 17:50 - 00179449 _____ () C:\Windows\unins000.dat
2014-02-28 17:50 - 2014-02-28 17:50 - 00001096 _____ () C:\Users\Public\Desktop\Video Downloader.lnk
2014-02-28 17:50 - 2014-02-28 17:48 - 01227465 _____ () C:\Windows\unins000.exe
2014-02-28 17:48 - 2014-02-28 17:48 - 00196448 _____ () C:\Users\milari\Downloads\setup.exe
2014-02-28 17:48 - 2014-02-28 17:48 - 00196448 _____ () C:\Users\milari\Downloads\setup(1).exe
2014-02-27 16:15 - 2014-02-27 16:15 - 01071000 _____ (Solid State Networks) C:\Users\milari\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-23 16:20 - 2014-02-23 16:20 - 00000000 ____D () C:\Users\Michael\Desktop\GottModus.{ED7BA470-8E54-465E-825C-99712043E01C}
2014-02-23 15:07 - 2014-02-23 15:07 - 00001968 _____ () C:\Windows\system32\RaCoInst.log
2014-02-23 15:07 - 2014-02-23 15:07 - 00000000 ____D () C:\ProgramData\Ralink
2014-02-23 15:04 - 2014-02-23 15:04 - 00000000 ____D () C:\Windows\system32\RaLanguages
2014-02-23 15:04 - 2014-02-23 15:04 - 00000000 ____D () C:\ProgramData\Ralink Driver
2014-02-23 15:04 - 2014-02-23 15:04 - 00000000 ____D () C:\Program Files (x86)\Ralink
2014-02-23 15:04 - 2012-04-17 10:31 - 01728064 _____ (Ralink Technology Corp.) C:\Windows\system32\Drivers\netr28ux.sys
2014-02-23 15:04 - 2012-01-10 11:39 - 00127488 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAEXTUI.dll
2014-02-23 15:04 - 2012-01-10 11:39 - 00127488 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAEXTUI.dll
2014-02-23 15:04 - 2012-01-10 11:02 - 01115136 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAIHV.dll
2014-02-23 15:04 - 2012-01-10 11:02 - 01115136 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAIHV.dll
2014-02-23 15:04 - 2011-12-26 11:01 - 00327008 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2014-02-23 15:04 - 2011-12-26 11:01 - 00014119 _____ () C:\Windows\SysWOW64\RaCoInst.dat
2014-02-23 15:04 - 2011-12-26 11:01 - 00014119 _____ () C:\Windows\system32\RaCoInst.dat
2014-02-23 15:04 - 2011-05-04 13:57 - 02403392 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll
2014-02-23 15:04 - 2011-05-04 13:56 - 01608768 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RaCertMgr.dll
2014-02-23 15:04 - 2010-06-29 10:35 - 00792416 _____ () C:\Windows\SysWOW64\DiagFunc.dll
2014-02-23 15:04 - 2010-06-29 10:35 - 00792416 _____ () C:\Windows\system32\DiagFunc.dll
2014-02-23 15:04 - 2010-01-27 12:47 - 00000451 _____ () C:\Windows\system32\DiagFunc.ini
2014-02-23 15:04 - 2010-01-27 11:54 - 00000451 _____ () C:\Windows\SysWOW64\DiagFunc.ini
2014-02-23 15:03 - 2014-02-23 15:03 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\InstallShield
2014-02-18 09:04 - 2014-02-18 09:04 - 01898464 _____ (Tlapia ) C:\Users\milari\Downloads\internet-explorer-9(2).exe
2014-02-18 09:03 - 2014-02-18 09:03 - 01898464 _____ (Tlapia ) C:\Users\milari\Downloads\internet-explorer-9.exe
2014-02-18 09:03 - 2014-02-18 09:03 - 01898464 _____ (Tlapia ) C:\Users\milari\Downloads\internet-explorer-9(1).exe
2014-02-17 13:41 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-02-17 13:41 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-02-17 13:41 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-02-17 13:41 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-02-17 13:40 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-02-17 13:40 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-02-17 13:40 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-02-17 13:40 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-02-17 13:40 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-02-17 13:40 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-02-17 13:40 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-02-17 13:40 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-02-17 13:40 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-02-17 13:40 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-02-17 13:40 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-02-17 13:40 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-02-17 13:40 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-02-17 13:40 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-02-17 13:40 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-02-17 13:40 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-02-17 13:39 - 2014-02-17 13:39 - 00000683 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-02-17 13:37 - 2014-02-17 13:38 - 09304408 _____ (Wargaming.net ) C:\Users\milari\Downloads\WoT_internet_install_eu.exe
2014-02-15 18:05 - 2014-02-15 18:05 - 00000000 ____D () C:\Users\milari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-02-14 03:01 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 03:01 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 03:00 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 03:00 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 03:00 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 03:00 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 03:00 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 03:00 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 03:00 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 03:00 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 03:00 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 03:00 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 03:00 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 03:00 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 03:00 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 03:00 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 03:00 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 03:00 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 03:00 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 03:00 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 03:00 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-14 03:00 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 03:00 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 03:00 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 03:00 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 03:00 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 03:00 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 03:00 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 03:00 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-14 03:00 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 03:00 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 03:00 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 03:00 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 03:00 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 03:00 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 03:00 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 03:00 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 03:00 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 03:00 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 03:00 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 03:00 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 07:29 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 07:29 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 07:29 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 07:29 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 07:29 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 07:29 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 07:29 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 07:29 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 07:29 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 07:29 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 07:29 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 07:29 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 07:29 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 07:29 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 07:29 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 07:29 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 07:29 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 07:29 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 07:29 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 07:29 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 07:29 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 07:29 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 07:29 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 07:29 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 07:29 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 07:29 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 07:29 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 07:29 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-08 06:02 - 2014-02-08 06:01 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-08 06:01 - 2014-02-08 06:01 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-08 06:01 - 2014-02-08 06:01 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-08 06:01 - 2014-02-08 06:01 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-08 06:01 - 2014-02-08 06:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-08 05:55 - 2014-02-08 05:55 - 00000000 ____D () C:\ProgramData\Oracle

==================== One Month Modified Files and Folders =======

2014-03-04 20:51 - 2014-03-04 20:50 - 00023665 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-03-04 20:50 - 2014-03-04 20:50 - 00000000 ____D () C:\FRST
2014-03-04 20:48 - 2014-03-04 20:48 - 02156544 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2014-03-04 20:48 - 2012-12-20 23:15 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Skype
2014-03-04 20:47 - 2013-07-05 18:41 - 00000000 ____D () C:\Users\milari\AppData\Roaming\Telekom Internet Manager
2014-03-04 20:47 - 2013-02-12 17:38 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Telekom Internet Manager
2014-03-04 20:47 - 2013-02-07 20:26 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\uTorrent
2014-03-04 20:36 - 2012-12-20 22:45 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B9A9199A-7024-4630-B3B5-B8FD672690B5}
2014-03-04 20:16 - 2012-12-21 17:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-04 17:27 - 2012-12-20 22:11 - 01377804 _____ () C:\Windows\WindowsUpdate.log
2014-03-03 17:48 - 2013-09-04 13:52 - 00000000 ____D () C:\Users\milari\Desktop\Fillybilder
2014-03-02 16:38 - 2013-03-07 08:58 - 00000414 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2014-03-02 13:13 - 2014-03-02 13:13 - 00000000 ____D () C:\Users\milari\AppData\Roaming\Wargaming.net
2014-03-01 21:22 - 2013-03-07 08:58 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-03-01 21:22 - 2013-03-07 08:58 - 00002844 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup
2014-03-01 16:55 - 2013-07-31 08:38 - 00000000 ____D () C:\Users\Michael\AppData\Local\Adobe
2014-03-01 16:53 - 2012-12-21 17:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-01 16:53 - 2012-12-21 17:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-01 16:53 - 2012-12-21 17:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-01 09:46 - 2014-03-01 08:53 - 00000000 ____D () C:\ComboFix
2014-03-01 09:46 - 2013-03-10 00:12 - 00000000 ____D () C:\Windows\erdnt
2014-03-01 09:45 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-01 09:38 - 2014-03-01 09:38 - 00103404 _____ () C:\Users\Michael\Documents\Extras.Txt28.02.txt
2014-03-01 09:37 - 2014-03-01 09:37 - 00130106 _____ () C:\Users\Michael\Documents\OTL.Txt28.02.txt
2014-03-01 09:34 - 2014-03-01 09:34 - 00103404 _____ () C:\Users\milari\Desktop\Extras.Txt
2014-03-01 09:33 - 2014-03-01 09:33 - 00130106 _____ () C:\Users\milari\Desktop\OTL.Txt
2014-03-01 09:24 - 2014-03-01 09:24 - 00602112 _____ (OldTimer Tools) C:\Users\milari\Desktop\OTL.exe
2014-03-01 09:23 - 2009-07-14 05:45 - 00027040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-01 09:23 - 2009-07-14 05:45 - 00027040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-01 09:13 - 2014-03-01 06:53 - 00000168 _____ () C:\Windows\setupact.log
2014-03-01 09:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-01 09:05 - 2014-03-01 09:05 - 00000708 _____ () C:\Windows\PFRO.log
2014-03-01 09:03 - 2009-07-14 03:34 - 71565312 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-03-01 09:03 - 2009-07-14 03:34 - 29622272 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-03-01 09:03 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-03-01 09:03 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-03-01 09:03 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-03-01 08:52 - 2013-02-10 23:15 - 00000000 ____D () C:\Users\milari\AppData\Local\CrashDumps
2014-03-01 08:51 - 2014-03-01 08:50 - 05185084 ____R (Swearware) C:\Users\milari\Desktop\ComboFix.exe
2014-03-01 06:53 - 2014-03-01 06:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 06:53 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-28 19:01 - 2013-02-27 16:14 - 00000000 ____D () C:\Windows\Minidump
2014-02-28 19:01 - 2013-02-02 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\CrashDumps
2014-02-28 18:58 - 2013-03-04 16:07 - 00001638 _____ () C:\Windows\Sandboxie.ini
2014-02-28 18:53 - 2013-08-17 10:05 - 00000000 ____D () C:\Users\milari\AppData\Local\AVG SafeGuard toolbar
2014-02-28 18:53 - 2013-08-16 21:52 - 00000000 ____D () C:\Users\Michael\AppData\Local\AVG SafeGuard toolbar
2014-02-28 18:50 - 2014-02-28 18:48 - 00000000 ____D () C:\AdwCleaner
2014-02-28 18:50 - 2012-12-20 22:51 - 00001013 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-28 18:50 - 2012-12-20 22:15 - 00001009 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-28 18:50 - 2012-12-20 22:15 - 00000000 ___RD () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-28 18:47 - 2014-02-28 18:47 - 01244192 _____ () C:\Users\milari\Downloads\adwcleaner_3.0.2.0.exe
2014-02-28 18:13 - 2014-02-28 17:50 - 00000000 ____D () C:\Program Files (x86)\monarimo
2014-02-28 18:00 - 2014-02-28 18:00 - 00001933 _____ () C:\Users\Michael\Desktop\Sync Folder.lnk
2014-02-28 17:50 - 2014-02-28 17:50 - 00179449 _____ () C:\Windows\unins000.dat
2014-02-28 17:50 - 2014-02-28 17:50 - 00001096 _____ () C:\Users\Public\Desktop\Video Downloader.lnk
2014-02-28 17:48 - 2014-02-28 17:50 - 01227465 _____ () C:\Windows\unins000.exe
2014-02-28 17:48 - 2014-02-28 17:48 - 00196448 _____ () C:\Users\milari\Downloads\setup.exe
2014-02-28 17:48 - 2014-02-28 17:48 - 00196448 _____ () C:\Users\milari\Downloads\setup(1).exe
2014-02-27 16:15 - 2014-02-27 16:15 - 01071000 _____ (Solid State Networks) C:\Users\milari\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-25 16:16 - 2014-01-15 14:41 - 00000000 ____D () C:\Users\milari\Desktop\bwerbung
2014-02-23 16:20 - 2014-02-23 16:20 - 00000000 ____D () C:\Users\Michael\Desktop\GottModus.{ED7BA470-8E54-465E-825C-99712043E01C}
2014-02-23 15:07 - 2014-02-23 15:07 - 00001968 _____ () C:\Windows\system32\RaCoInst.log
2014-02-23 15:07 - 2014-02-23 15:07 - 00000000 ____D () C:\ProgramData\Ralink
2014-02-23 15:05 - 2012-12-20 23:47 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-02-23 15:04 - 2014-02-23 15:04 - 00000000 ____D () C:\Windows\system32\RaLanguages
2014-02-23 15:04 - 2014-02-23 15:04 - 00000000 ____D () C:\ProgramData\Ralink Driver
2014-02-23 15:04 - 2014-02-23 15:04 - 00000000 ____D () C:\Program Files (x86)\Ralink
2014-02-23 15:04 - 2012-12-20 22:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-23 15:03 - 2014-02-23 15:03 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\InstallShield
2014-02-20 18:57 - 2013-02-07 17:13 - 00000000 ____D () C:\Users\milari\AppData\Roaming\Skype
2014-02-18 09:04 - 2014-02-18 09:04 - 01898464 _____ (Tlapia ) C:\Users\milari\Downloads\internet-explorer-9(2).exe
2014-02-18 09:03 - 2014-02-18 09:03 - 01898464 _____ (Tlapia ) C:\Users\milari\Downloads\internet-explorer-9.exe
2014-02-18 09:03 - 2014-02-18 09:03 - 01898464 _____ (Tlapia ) C:\Users\milari\Downloads\internet-explorer-9(1).exe
2014-02-18 06:16 - 2012-12-20 22:14 - 00000000 ____D () C:\Users\Michael
2014-02-18 03:05 - 2013-08-06 07:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 03:00 - 2012-12-21 01:07 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-17 13:41 - 2013-07-22 20:35 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-02-17 13:39 - 2014-02-17 13:39 - 00000683 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-02-17 13:38 - 2014-02-17 13:37 - 09304408 _____ (Wargaming.net ) C:\Users\milari\Downloads\WoT_internet_install_eu.exe
2014-02-16 16:50 - 2014-01-16 15:37 - 00000000 ____D () C:\Users\Michael\AppData\Local\DTAG
2014-02-15 19:59 - 2012-12-20 22:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 19:43 - 2013-07-14 17:38 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-15 18:05 - 2014-02-15 18:05 - 00000000 ____D () C:\Users\milari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-02-15 09:07 - 2013-11-16 09:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 09:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-08 18:44 - 2013-08-16 21:51 - 00003749 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-02-08 06:01 - 2014-02-08 06:02 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-08 06:01 - 2014-02-08 06:01 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-08 06:01 - 2014-02-08 06:01 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-08 06:01 - 2014-02-08 06:01 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-08 06:01 - 2014-02-08 06:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-08 05:55 - 2014-02-08 05:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-06 13:16 - 2014-02-14 03:00 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-14 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-14 03:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-14 03:00 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-14 03:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-14 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-14 03:00 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-14 03:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-14 03:00 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-14 03:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-14 03:00 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-14 03:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-14 03:00 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-14 03:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-14 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-14 03:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-14 03:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-14 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-14 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 03:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-14 03:00 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-14 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 03:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-14 03:00 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-14 03:00 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-14 03:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-14 03:00 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-14 03:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-14 03:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-14 03:00 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-14 03:00 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-14 03:00 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 03:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 03:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-14 03:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-14 03:00 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-14 03:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-14 03:00 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-14 03:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 13:42 - 2013-03-09 22:59 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\vlc
2014-02-03 22:51 - 2013-09-08 08:43 - 13897728 _____ () C:\Users\Michael\AppData\Roaming\Sandra.mdb
2014-02-03 22:19 - 2014-01-17 06:38 - 00000064 _____ () C:\Users\Michael\AppData\Roaming\Sandra.ldb
2014-02-02 18:37 - 2009-07-14 18:58 - 03737780 _____ () C:\Windows\system32\perfh007.dat
2014-02-02 18:37 - 2009-07-14 18:58 - 01092904 _____ () C:\Windows\system32\perfc007.dat
2014-02-02 18:37 - 2009-07-14 06:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-02 14:15 - 2013-12-22 18:31 - 00000282 _____ () C:\Windows\Lexstat.ini

Some content of TEMP:
====================
C:\Users\milari\AppData\Local\temp\Foxit Updater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 14:42

==================== End Of Log ============================
--- --- ---



und hier die additionslog
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-03-2014 01
Ran by Michael at 2014-03-04 20:51:21
Running from C:\Users\Michael\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security CBE (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security CBE (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security CBE (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.3 - Futuremark Corporation)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Active@ ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.00.01 - ASUSTeK Computer Inc.)
AIDA64 Extreme Edition v2.80 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.80 - FinalWire Ltd.)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
AMD Accelerated Video Transcoding (Version: 13.15.100.31008 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1008.932.15229 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1008.932.15229 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81008.0920 - Advanced Micro Devices, Inc.) Hidden
Ancient Quest of Saqqarah (HKLM-x32\...\Ancient Quest of Saqqarah/DE-German_is1) (Version:  - City Interactive)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
ASUS 802.11n WLAN Card Utilities & Driver (HKLM-x32\...\{556BEFE2-30FF-4113-98F4-01234396DF2B}) (Version: 1.0.0.5 - )
ATITool Overclocking Utility (HKLM-x32\...\ATITool) (Version: 0.26 - )
Atlantis 3 (HKLM-x32\...\{D4D271B9-EFBF-45B7-ACF8-DC8B1A424756}) (Version: 1.0.0 - JoWood)
awesomehp uninstaller (HKLM-x32\...\awesomehp uninstaller) (Version:  - awesomehp) <==== ATTENTION
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Build-a-lot (HKLM-x32\...\Build-a-lot) (Version: 1.1.0.0 - MumboJumbo)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
CanoScan Toolbox Ver4.1 (HKLM-x32\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Connectify (HKLM\...\Connectify) (Version: 6.0.1.28704 - Connectify)
CPUCooL (remove only) (HKLM-x32\...\CPUCooL) (Version:  - )
CPUID CPU-Z 1.62 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CyberGhost VPN (HKLM\...\CyberGhost VPN_is1) (Version:  - CyberGhost S.R.L.)
doubleTwist (HKLM-x32\...\doubleTwist) (Version: 3.2.2.17028 - doubleTwist Corporation)
DVDFab 9.1.2.5 (22/01/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
Eisenbahn Simulator (HKLM-x32\...\Eisenbahn Simulator_is1) (Version:  - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.4.5.124 - Foxit Corporation)
Free Audio Converter version 5.0.28.827 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.28.827 - DVDVideoSoft Ltd.)
Free AVI Video Converter version 5.0.28.812 (HKLM-x32\...\Free AVI Video Converter_is1) (Version: 5.0.28.812 - DVDVideoSoft Ltd.)
Free DVD Video Burner version 3.2.7.827 (HKLM-x32\...\Free DVD Video Burner_is1) (Version: 3.2.7.827 - DVDVideoSoft Ltd.)
Free Video to DVD Converter version 5.0.28.827 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.28.827 - DVDVideoSoft Ltd.)
Free WebM Video Converter version 5.0.22.128 (HKLM-x32\...\Free WebM Video Converter_is1) (Version: 5.0.22.128 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.6.0 - Futuremark Corporation)
Geeks3D.com FurMark 1.10.6 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D.com)
Hamster Free Video Converter (HKLM-x32\...\{7E350663-86D3-466A-AB79-28156A9ABF6E}_is1) (Version: 2.5.2.33 - Hamster Soft)
HamsterFreeVideoConverter (HKLM-x32\...\Hamster Free Video Converter_is1) (Version:  - HamsterSoft, Inc.)
HydraVision (x32 Version: 4.2.242.0 - Advanced Micro Devices, Inc.) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
King’s Bounty – Gold Edition (HKLM-x32\...\King’s Bounty – Gold Edition_is1) (Version:  - dtp)
K-Lite Codec Pack 9.7.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.7.5 - )
Lexmark Z500-Z600 Series (HKLM\...\Lexmark Z500-Z600 Series) (Version:  - Lexmark International, Inc.)
Logitech SetPoint 6.51 (HKLM\...\sp6) (Version: 6.51.8 - Logitech)
Magic Encyclopedia (HKLM-x32\...\Magic Encyclopedia) (Version:  - )
Magic Encyclopedia 2 (HKLM-x32\...\Magic Encyclopedia 2) (Version:  - )
Malwarebytes Anti-Malware Version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
monarimo (HKLM\...\monarimo) (Version: 2014.02.26.051729 - monarimo)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Norton Internet Security CBE (HKLM-x32\...\NIS) (Version: 21.1.0.18 - Symantec Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
Paragon Festplatten Manager™ 2013 Kompakt (HKLM-x32\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PeaZip 4.8.1 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
Prince of Persia T2T (HKLM-x32\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version: 1.00.999 - Ubisoft)
Prince of Persia The Sands of Time (HKLM-x32\...\{8C453F13-6877-4D34-8816-009ABDE306DB}) (Version: 1.00.181 - )
Prince of Persia The Two Thrones (x32 Version: 1.00.999 - Ubisoft) Hidden
Prince of Persia Warrior Within (HKLM-x32\...\{EE5BC0BB-9EDA-423C-8276-48857B735D68}) (Version: 1.00.999 - )
Project Nomads (HKLM-x32\...\Project Nomads) (Version:  - )
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.19.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition (HKLM-x32\...\RivaTuner) (Version: v2.24 MSI Master Overclocking Arena 2009 edition - Alexey Nicolaychuk)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
Secunia PSI (3.0.0.4001) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.4001 - Secunia)
SiSoftware Sandra Lite 2013.SP5 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.58.2013.9 - SiSoftware)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.0 - Activision)
Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Telekom Internet Manager (HKLM-x32\...\Telekom Internet Manager) (Version: 11.301.05.05.748 - Huawei Technologies Co.,Ltd)
The Godfather (HKCU\...\Pokki_923d0f1d35897f6a6a73ba838623cda94c4ab689) (Version: 1.2.3.54051 - Pokki)
Video Downloader version 1.5 (HKLM-x32\...\Video Downloader_is1) (Version: 1.5 - )
Virtual Router v1.0 (HKLM-x32\...\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}) (Version: 1.0 - Chris Pietschmann)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - )
VueScan x64 (HKLM\...\VueScan x64) (Version:  - )
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Hewlett-Packard Image  (12/27/2006 8.0.0.0) (HKLM\...\A86F74A8853ED6B1102811674C7B366AF1B276BB) (Version: 12/27/2006 8.0.0.0 - Hewlett-Packard)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
Xilisoft DivX Converter (HKLM-x32\...\Xilisoft DivX Converter) (Version: 7.7.2.20130122 - Xilisoft)
YTD Video Downloader 4.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.3 - GreenTree Applications SRL)

==================== Restore Points  =========================

04-03-2014 11:44:48 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-03-01 09:45 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0915428E-8868-4F1A-9101-54CD59C1F57F} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {0A57BC34-5C3E-4EB2-80CC-B4D7EBC2F04A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {27489C8A-5D0F-4702-942E-5523E4D3A9D6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-01] (Adobe Systems Incorporated)
Task: {4C75A57F-C713-4693-8DCD-27FD85E9E545} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {64E97CA2-33AB-4CB3-982F-86E89C4965A1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {7F5FD9F9-0DDC-48CF-9526-715322BB039E} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {8603E674-EE1E-49B1-8A1D-3CA5FF183611} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {8BDBD53D-ACFA-49AD-8686-1908DEF94952} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\Hybrid DIGI+ VRM\PowerControlHelp.exe [2012-09-04] (ASUSTeK Computer Inc.)
Task: {92C519CE-F2C1-40DE-B5BD-091139308A33} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {CF47B603-5313-4B4E-A34F-F879B9F7F75D} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {DF9D4AB8-E1CB-4375-A841-DB1CFAE9D097} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {ECF6E5D5-1E6B-405F-90D6-AE0650951BDE} - \Microsoft\Windows\RVLKL\RVLKL No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Loaded Modules (whitelisted) =============

2013-10-08 09:35 - 2013-10-08 09:35 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 14:41 - 2012-10-22 14:41 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-22 14:42 - 2012-10-22 14:42 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-10-08 09:34 - 2013-10-08 09:34 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-12-22 00:28 - 2012-06-01 17:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2011-12-01 17:11 - 2011-12-01 17:11 - 00743936 _____ () C:\Program Files (x86)\CPUCooL\CooLSrv.exe
2009-08-22 19:25 - 2009-08-22 19:25 - 00102400 _____ () C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverrider.exe
2013-11-14 19:38 - 2013-11-14 19:38 - 00114688 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\Telekom Internet Manager.exe
2013-11-14 19:38 - 2009-12-15 10:46 - 00193664 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\bmsdk.exe
2007-03-08 04:56 - 2007-03-08 04:56 - 01088000 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\LXBClpa.dll
2007-03-08 04:32 - 2007-03-08 04:32 - 00567808 _____ () C:\Windows\system32\spool\drivers\x64\3\lxbcutil.dll
2013-01-13 16:47 - 2011-05-05 16:09 - 06696960 _____ () C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtWlan.exe
2012-12-22 00:28 - 2014-03-01 09:13 - 00020480 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2012-12-22 00:28 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-09-02 19:39 - 2013-08-20 16:07 - 00049440 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2013-09-02 19:39 - 2013-08-20 16:07 - 00964384 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2013-09-02 19:39 - 2013-08-20 16:07 - 00378144 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2013-09-02 19:39 - 2013-08-20 16:07 - 00054048 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
2009-08-22 19:25 - 2009-08-22 19:25 - 00032768 _____ () C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderHooks.dll
2014-02-23 15:05 - 2012-04-24 16:41 - 01087336 _____ () C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
2009-08-22 19:25 - 2009-08-22 19:25 - 00057344 _____ () C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\RTFC.dll
2009-08-22 19:25 - 2009-08-22 19:25 - 00106496 _____ () C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\RTUI.dll
2012-12-22 00:29 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-12-22 00:29 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2012-12-22 00:29 - 2012-03-21 12:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2012-12-22 00:35 - 2012-06-19 12:56 - 01305600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2012-12-22 00:37 - 2012-07-25 09:56 - 01124864 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2012-12-22 00:38 - 2012-02-10 11:29 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2012-12-22 00:29 - 2012-05-25 10:33 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2012-12-22 00:29 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2012-12-22 00:29 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-12-22 00:29 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-12-22 00:29 - 2011-10-14 20:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2012-12-22 00:28 - 2010-08-23 10:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2012-12-22 00:29 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2012-12-22 00:29 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2012-12-22 00:37 - 2012-07-31 15:21 - 00152064 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
2012-12-22 00:37 - 2012-08-08 16:45 - 00786432 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
2012-12-22 00:37 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
2013-11-14 19:38 - 2008-11-08 10:52 - 00014848 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\isaputrace.dll
2013-11-14 19:38 - 2010-07-21 11:53 - 00122880 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\DeviceMgrPlugin.dll
2013-11-14 19:38 - 2009-09-08 12:49 - 00139264 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\NetInfoPlugin.dll
2013-11-14 19:38 - 2010-07-21 11:57 - 00090112 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\DialUpPlugin.dll
2013-11-14 19:38 - 2009-09-08 12:54 - 00065536 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\ConfigFilePlugin.dll
2013-11-14 19:38 - 2010-07-21 11:51 - 01019904 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\NDISAPI.dll
2013-11-14 19:38 - 2010-06-28 15:41 - 00155648 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\DetectDev.dll
2013-11-14 19:38 - 2009-05-23 11:02 - 00557056 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\atcomm.dll
2013-11-14 19:38 - 2009-05-23 11:02 - 00061440 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\XCodec.dll
2013-11-14 19:38 - 2009-05-23 11:02 - 00061440 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\DeviceOperate.dll
2013-11-14 19:38 - 2009-01-09 11:31 - 00139264 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\LocaleMgrPlugin.dll
2013-11-14 19:38 - 2009-01-09 11:30 - 00032768 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\NotifyServicePlugin.dll
2013-11-14 19:38 - 2010-07-21 11:53 - 00237568 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\DeviceMgrUIPlugin.dll
2013-11-14 19:38 - 2008-11-08 10:52 - 00090112 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\FileManager.dll
2013-11-14 19:38 - 2010-08-18 18:02 - 00159744 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\SMSPlugin.dll
2013-11-14 19:38 - 2010-07-31 14:54 - 00065536 _____ () C:\Program Files (x86)\Telekom\InternetManager_H\SpeedManagerPlugin.dll
2013-01-13 16:47 - 2011-01-19 09:27 - 00126976 _____ () C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\EnumDevLib.dll
2013-11-16 09:40 - 2014-02-15 09:07 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk => C:\Windows\pss\Virtual Router Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Michael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CPUCooL.lnk => C:\Windows\pss\CPUCooL.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Michael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Prince of Persia Warrior Within.LNK => C:\Windows\pss\Registration Prince of Persia Warrior Within.LNK.Startup
MSCONFIG\startupreg: Connectify Dispatch => C:\Program Files (x86)\Connectify\DispatchUI.exe autorun
MSCONFIG\startupreg: Connectify Hotspot => C:\Program Files (x86)\Connectify\Connectify.exe autorun
MSCONFIG\startupreg: Pokki => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/04/2014 00:39:02 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/03/2014 04:00:44 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10000

Error: (03/03/2014 04:00:44 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10000

Error: (03/03/2014 04:00:44 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/02/2014 11:31:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (03/02/2014 11:31:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (03/02/2014 11:31:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/02/2014 10:39:44 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (03/02/2014 10:39:44 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (03/02/2014 10:39:44 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/04/2014 08:27:48 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{06622D85-6856-4460-8DE1-A81921B41C4B}{06622D85-6856-4460-8DE1-A81921B41C4B}NT-AUTORITÄTNETZWERKDIENSTS-1-5-20LocalHost (unter Verwendung von LRPC)

Error: (03/04/2014 07:19:32 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{06622D85-6856-4460-8DE1-A81921B41C4B}{06622D85-6856-4460-8DE1-A81921B41C4B}NT-AUTORITÄTNETZWERKDIENSTS-1-5-20LocalHost (unter Verwendung von LRPC)

Error: (03/04/2014 05:52:32 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{06622D85-6856-4460-8DE1-A81921B41C4B}{06622D85-6856-4460-8DE1-A81921B41C4B}NT-AUTORITÄTNETZWERKDIENSTS-1-5-20LocalHost (unter Verwendung von LRPC)

Error: (03/04/2014 04:27:45 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{06622D85-6856-4460-8DE1-A81921B41C4B}{06622D85-6856-4460-8DE1-A81921B41C4B}NT-AUTORITÄTNETZWERKDIENSTS-1-5-20LocalHost (unter Verwendung von LRPC)

Error: (03/04/2014 03:03:14 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{06622D85-6856-4460-8DE1-A81921B41C4B}{06622D85-6856-4460-8DE1-A81921B41C4B}NT-AUTORITÄTNETZWERKDIENSTS-1-5-20LocalHost (unter Verwendung von LRPC)

Error: (03/04/2014 01:52:39 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{06622D85-6856-4460-8DE1-A81921B41C4B}{06622D85-6856-4460-8DE1-A81921B41C4B}NT-AUTORITÄTNETZWERKDIENSTS-1-5-20LocalHost (unter Verwendung von LRPC)

Error: (03/04/2014 00:45:33 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk2\DR2.

Error: (03/04/2014 00:45:32 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk2\DR2.

Error: (03/04/2014 00:42:40 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (03/04/2014 00:41:27 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{06622D85-6856-4460-8DE1-A81921B41C4B}{06622D85-6856-4460-8DE1-A81921B41C4B}NT-AUTORITÄTNETZWERKDIENSTS-1-5-20LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (03/04/2014 00:39:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/03/2014 04:00:44 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10000

Error: (03/03/2014 04:00:44 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10000

Error: (03/03/2014 04:00:44 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/02/2014 11:31:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (03/02/2014 11:31:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (03/02/2014 11:31:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/02/2014 10:39:44 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (03/02/2014 10:39:44 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (03/02/2014 10:39:44 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-03-01 09:12:51.896
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-01 09:12:51.786
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-01 09:05:26.765
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-01 09:05:26.656
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-01 09:02:17.948
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-01 09:02:17.823
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-01 06:53:06.775
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-01 06:53:06.650
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-28 18:52:55.229
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-28 18:52:55.088
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 16379.49 MB
Available physical RAM: 10744.87 MB
Total Pagefile: 32757.16 MB
Available Pagefile: 26360.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:145.49 GB) (Free:12.46 GB) NTFS
Drive d: () (Fixed) (Total:3.54 GB) (Free:3.46 GB) NTFS
Drive e: (Dateienvolume) (Fixed) (Total:149.05 GB) (Free:21.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:29.3 GB) (Free:2.61 GB) NTFS
Drive g: (Volume) (Fixed) (Total:268.79 GB) (Free:79.65 GB) NTFS
Drive h: () (Fixed) (Total:21.05 GB) (Free:6.79 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive i: () (Fixed) (Total:29.29 GB) (Free:12.9 GB) NTFS
Drive j: () (Fixed) (Total:52 GB) (Free:5.04 GB) NTFS
Drive k: (DRIVER) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS
Drive l: () (Fixed) (Total:46.7 GB) (Free:13.36 GB) NTFS
Drive t: (INTENSO) (Removable) (Total:3.65 GB) (Free:1.59 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: BBF6BBF6)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: EE757363)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 298 GB) (Disk ID: B2217F2C)

Partition: GPT Partition Type.

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 46ACFACD)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=128 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=21 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 4 GB) (Disk ID: ECC18C87)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 04.03.2014 17:54
Damit ich das mal verstehe:

Was genau hast Du an Problemen? Auf 3 unterschiedlichen Rechnern? Alle im gleichen Netzwerk?

Mischka 05.03.2014 14:07
gleiches netzwerk
ein pc (dieser) 2 laptops

er braucht recht lange zum hochbooten und die usb anschlüsse spinnen rum
weis ned ob das mit dem fund zu tun hat????????????????????
deshalb die überprüfung

schrauber 06.03.2014 10:41
USB Anschlüsse? Ich denk es geht um ein Onlinegame welches auf allen 3 Rechnern Probleme macht?

Mischka 08.03.2014 17:58
ja geht es hauptsächlich da traten jetzt zuletzt eine anzeige vom antivir auf nämlich
:
Code:
Kategorie: Behobene Sicherheitsrisiken
Datum/Uhrzeit,Risiko,Aktivität,Status,Empfohlene Aktion,Pfad - Dateiname
08.03.2014 20:25:42,Hoch,jw2xkhdx.exe.part (Suspicious.Cloud.9) erkannt von Download-Insight,Isoliert,Behoben - Keine Aktion erforderlich,c:\users\milari\appdata\local\temp\jw2xkhdx.exe.part
die usb anschlüsse sind mehr eine sache da weis
ich ned ob es zusammenhängt mit dem befall

schrauber 09.03.2014 09:01
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Mischka 10.03.2014 17:17
Hier die logfiles:

Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.09.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Michael :: MICHAEL-PC [Administrator]

10.03.2014 19:35:00
MBAM-log-2014-03-11 (05-54-12).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|L:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 1232890
Laufzeit: 5 Stunde(n), 54 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 5
HKCR\TypeLib\{3E7B5135-F87B-4900-BF51-D6DAD0E41BA1} (PUP.Optional.Monarimo.A) -> Keine Aktion durchgeführt.
HKCR\Interface\{06BBCAF3-6B7B-424E-9CE8-E245B46D8760} (PUP.Optional.Monarimo.A) -> Keine Aktion durchgeführt.
HKCU\Software\monarimo (PUP.Optional.Monarimo.A) -> Keine Aktion durchgeführt.
HKLM\Software\awesomehpSoftware (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
HKLM\Software\monarimo (PUP.Optional.Monarimo.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Program Files (x86)\monarimo (PUP.Optional.Monarimo.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 80
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProReminder.exe.vir (PUP.Optional.OptimizerPro) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSchedule.exe.vir (PUP.Optional.OptimizerPro) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir (PUP.Optional.OptimizerPro) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir (PUP.Optional.IePluginService.A) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir (PUP.Optional.IePluginService.A) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir (PUP.Optional.WpManager) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Users\Michael\AppData\Roaming\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Connectify\ConnectifyCLI.exe (Trojan.MSIL) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Connectify\Portal\ConnectifyInstaller.exe (Trojan.MSIL) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\monarimo\monarimoBHO.dll (PUP.Optional.Monarimo.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\monarimo\updatemonarimo.exe (PUP.Optional.Monarimo.A) -> Keine Aktion durchgeführt.
C:\Users\Michael\AppData\Roaming\uTorrent\ism.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Michael\Downloads\RkF2.05.exe (Keylogger.Logixoft) -> Keine Aktion durchgeführt.
C:\Users\Michael\Downloads\usbdeview-x64.zip (Trojan.Agent.FKN) -> Keine Aktion durchgeführt.
C:\Users\Michael\Downloads\USBDeview.exe (Trojan.Agent.FKN) -> Keine Aktion durchgeführt.
C:\Users\milari\Downloads\iLividSetup-r362-n-bf.exe (PUP.Optional.Bandoo) -> Keine Aktion durchgeführt.
C:\Users\milari\Downloads\setup(1).exe (PUP.Optional.BundleInstaller.A) -> Keine Aktion durchgeführt.
C:\Users\milari\Downloads\setup.exe (PUP.Optional.BundleInstaller.A) -> Keine Aktion durchgeführt.
G:\wanbr\daresa\Win ser\WIN_AIO_DE (J)\NTSRV40D_DE\I386\INETSRV\KEYGEN (2).EXE (Riskware.Tool.CK) -> Keine Aktion durchgeführt.
G:\wanbr\daresa\Win ser\WIN_AIO_DE (J)\NTSRV40D_DE\I386\INETSRV\KEYGEN.EXE (Riskware.Tool.CK) -> Keine Aktion durchgeführt.
G:\wanbr\daresa\Win ser\WIN_AIO_DE (J)\NTWKS40D_DE\I386\INETSRV\KEYGEN (2).EXE (Riskware.Tool.CK) -> Keine Aktion durchgeführt.
G:\wanbr\daresa\Win ser\WIN_AIO_DE (J)\NTWKS40D_DE\I386\INETSRV\KEYGEN.EXE (Riskware.Tool.CK) -> Keine Aktion durchgeführt.
H:\ConnectifyInstaller-6.0.1.exe (Trojan.MSIL) -> Keine Aktion durchgeführt.
H:\doubleTwistSetup.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
H:\FreeAudioConverter.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
H:\FreeAVIVideoConverter(1).exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
H:\FreeDVDVideoBurner.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
H:\FreeVideoToDVDConverter.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
H:\SoftonicDownloader_fuer_clonedvd.exe (PUP.Optional.Softonic) -> Keine Aktion durchgeführt.
H:\YTD43Setup(1).exe (PUP.Optional.Spigot.A) -> Keine Aktion durchgeführt.
H:\YTD43Setup.exe (PUP.Optional.Spigot.A) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mghooking.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mglogger.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (PUP.Optional.SweetPacks) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Users\michael\AppData\Local\Temp\toolbar47890687.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
L:\Windows\Installer\37683b.msi (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Windows\Installer\376847.msi (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
L:\Windows\Installer\376853.msi (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\awesomehp.xml (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\monarimo\monarimo.ico (PUP.Optional.Monarimo.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\monarimo\7za.exe (PUP.Optional.Monarimo.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\monarimo\monarimoUninstall.exe (PUP.Optional.Monarimo.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\monarimo\updatemonarimo.InstallState (PUP.Optional.Monarimo.A) -> Keine Aktion durchgeführt.

(Ende)
Code:
# AdwCleaner v3.020 - Bericht erstellt am 11/03/2014 um 06:14:33
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Michael - MICHAEL-PC
# Gestartet von : C:\Users\Michael\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Michael\AppData\Local\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Users\milari\AppData\Local\AVG SafeGuard toolbar

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\prefs.js ]


[ Datei : C:\Users\milari\AppData\Roaming\Mozilla\Firefox\Profiles\jlkbcxxl.default\prefs.js ]


[ Datei : C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\7xaivxv7.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [16321 octets] - [28/02/2014 18:48:32]
AdwCleaner[R1].txt - [1367 octets] - [11/03/2014 06:13:23]
AdwCleaner[S0].txt - [14119 octets] - [28/02/2014 18:49:38]
AdwCleaner[S1].txt - [1292 octets] - [11/03/2014 06:14:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1352 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x64
Ran by Michael on 11.03.2014 at  6:27:50,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Program Files (x86)\monarimo"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"



~~~ FireFox

Emptied folder: C:\Users\Michael\AppData\Roaming\mozilla\firefox\profiles\jqqnzp32.default\minidumps [261 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.03.2014 at  6:35:31,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
wurde einiges gefunden!

schrauber 11.03.2014 12:42

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Mischka 12.03.2014 19:11
hier der eset logfile

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c9cedfbdf6c0c34ba136cc473746db70
# engine=13411
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-03-18 04:08:37
# local_time=2013-03-18 05:08:37 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 83 91 2277069 126219502 0 0
# compatibility_mode=5893 16776574 100 94 4160800 115252767 0 0
# scanned=925480
# found=5
# cleaned=0
# scan_time=33312
sh=BD5767F369EC2A56A8258220F4AD5AB9395E706B ft=1 fh=290812a0319dec2c vn="a variant of Win32/TrojanProxy.DistNet.C trojan" ac=I fn="C:\dnet\dnetc.com"
sh=A82AE20541446A9BB4209C1F1886C2D9B1D7D267 ft=1 fh=823564f0ac18eb86 vn="a variant of Win32/TrojanProxy.DistNet.C trojan" ac=I fn="C:\Users\Michael\Documents\dnet\dnetc.com"
sh=9C0697210D39545E0A15B9B0BE0310C5A663345A ft=0 fh=0000000000000000 vn="a variant of Win32/TrojanProxy.DistNet.C trojan" ac=I fn="C:\Users\Michael\Downloads\dnetc-win32-x86-stream.zip"
sh=BA0C7194B9F721C217E97997B9E3967855B692D8 ft=0 fh=0000000000000000 vn="a variant of Win32/TrojanProxy.DistNet.C trojan" ac=I fn="C:\Users\Michael\Downloads\dnetc519-win32-x86-stream.zip"
sh=7CC6AFD5678A02BBC2E0FA0D2757B7B9A960A844 ft=1 fh=d1658d117b479bd8 vn="Win32/StartPage.OPH trojan" ac=I fn="C:\Users\Michael\Downloads\vlc-2.0.5-win64.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c9cedfbdf6c0c34ba136cc473746db70
# engine=17403
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-13 06:36:06
# local_time=2014-03-13 07:36:06 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 83 88 1528045 157289151 0 0
# compatibility_mode=5893 16776574 100 94 2206351 146322416 0 0
# scanned=970872
# found=4
# cleaned=0
# scan_time=40708
sh=9ABE489AF3684ABB96AB39F112768F69C83D0F8E ft=1 fh=f7fcd12f54d4e5cc vn="a variant of Win32/SpeedingUpMyPC application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir"
sh=2F367F244D08950211E4C05FB8EF8E0959BB773A ft=1 fh=20d3e0bbdedcd685 vn="a variant of Win32/AdWare.SpeedingUpMyPC.D application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProLauncher.exe.vir"
sh=E5DB01AF8C7541396D4C619A55B7B664281A5375 ft=1 fh=97edb4dad52fbf6e vn="a variant of Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir"
sh=7CC6AFD5678A02BBC2E0FA0D2757B7B9A960A844 ft=1 fh=d1658d117b479bd8 vn="Win32/StartPage.OPH trojan" ac=I fn="H:\vlc-2.0.5-win64.exe"
nachtrag securyticheck:
Code:
Results of screen317's Security Check version 0.99.80 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Norton Internet Security CBE 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.4001) 
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java 7 Update 51 
 Adobe Flash Player 12.0.0.77 
 Mozilla Firefox (27.0.1)
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

schrauber 13.03.2014 11:02
Rest fehlt noch inkl Antwort auf meine Frage :)

Mischka 16.03.2014 19:32
hier das logfile von frst

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Michael (administrator) on MICHAEL-PC on 17-03-2014 08:44:05
Running from C:\Users\Michael\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.03\AsusFanControlService.exe
(Realtek) C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtlService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
() C:\Program Files (x86)\CPUCooL\CooLSrv.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyD.exe
( ) C:\Windows\system32\lxbccoms.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost VPN\Service.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Hybrid DIGI+ VRM\PowerControlHelp.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(BitTorrent Inc.) C:\Users\Michael\AppData\Roaming\uTorrent\uTorrent.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Huawei Technologies Co., Ltd.) C:\Users\Michael\AppData\Roaming\Telekom Internet Manager\ouc.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverrider.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
() C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtWlan.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [D3DOverrider] - C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderWrapper.exe [40960 2009-08-22] ()
HKLM-x32\...\Run: [CloneCDTray] - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [DataCardMonitor] - C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe [253952 2013-11-14] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-09-28] (AMD)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [uTorrent] - C:\Users\Michael\AppData\Roaming\uTorrent\uTorrent.exe [904272 2013-11-16] (BitTorrent Inc.)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] - C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [DT Emphelungstool] - "C:\Users\Michael\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 1
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Run: [DT Empfehlungstool] - "C:\Users\Michael\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 1
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3171436589-2751985768-4002669470-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-3171436589-2751985768-4002669470-1006\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01A6470D1F15CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: PodcastBHO Class - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin HKCU: @doubletwist.com/NPPodcast - C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Quick Start - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\Extensions\quick_start@gmail.com [2014-03-07]
FF Extension: monarimo - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\Extensions\{172bcbe1-7d37-447b-8382-ef306da590c5}.xpi [2014-02-26]
FF Extension: Adblock Plus - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-01-21]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jqqnzp32.default\extensions\quick_start@gmail.com [2014-03-07]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-08] (Advanced Micro Devices, Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.03\AsusFanControlService.exe [1568640 2012-08-13] (ASUSTeK Computer Inc.)
R2 AsusSE; C:\Program Files (x86)\ASUS\N15 WLAN Card Utilities\RtlService.exe [36864 2011-01-19] (Realtek)
R2 CGVPNCliService; C:\Program Files\CyberGhost VPN\Service.exe [26088 2013-07-22] (CyberGhost S.R.L)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [427520 2013-08-20] (Connectify)
R2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()
R2 lxbc_device; C:\Windows\system32\lxbccoms.exe [566704 2007-03-16] ( )
R2 lxbc_device; C:\Windows\SysWOW64\lxbccoms.exe [537520 2007-03-16] ( )
R2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [625728 2011-08-18] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP5\RpcAgentSrv.exe [71832 2008-08-29] (SiSoftware)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com))

==================== Drivers (Whitelisted) ====================

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11904 2000-01-01] (Advanced Micro Devices Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-20] (AVG Technologies)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
S3 BioNTDrv; C:\Program Files (x86)\Paragon Software\Festplatten Manager 2013 Kompakt\program\BioNTDrv.SYS [19792 2013-08-01] (Paragon Software GmbH)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [34840 2013-09-02] (Connectify)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-23] (Symantec Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-23] (Symantec Corporation)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20140314.001\IDSvia64.sys [524504 2014-03-07] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140315.009\ENG64.SYS [126040 2014-03-09] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140315.009\EX64.SYS [2099288 2014-03-09] (Symantec Corporation)
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
R0 Pnp680r; C:\Windows\System32\DRIVERS\pnp680r.sys [125992 2007-07-24] (Silicon Image, Inc)
S3 RivaTuner64; C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [12288 2009-08-22] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP5\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-02-07] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-03-16] ()
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
R1 tcpipBM; C:\Windows\System32\Drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-08-01] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-08-01] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-08-01] (Paragon)
S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [137728 2011-03-14] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [195584 2011-03-14] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-17 08:44 - 2014-03-17 08:44 - 00021650 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-03-17 08:43 - 2014-03-17 08:43 - 00000000 ____D () C:\Users\Michael\Desktop\FRST-OlderVersion
2014-03-14 18:27 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 18:27 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 18:27 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 18:27 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 18:27 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 18:27 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 18:27 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 18:27 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 18:27 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 18:27 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 18:27 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 18:27 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 18:27 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 18:27 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 18:27 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 18:27 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 18:27 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 18:27 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 18:27 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 18:27 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 18:27 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 18:27 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 18:27 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 18:27 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 18:27 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 18:27 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 18:27 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 18:27 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 18:27 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 18:27 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 18:27 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 18:27 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 18:27 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 18:27 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 18:27 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 18:26 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 18:26 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 18:26 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 18:26 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 18:26 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 18:26 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 18:26 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 18:26 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 18:26 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 18:26 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 18:26 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 18:25 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 18:25 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 19:06 - 2014-03-13 19:06 - 00987442 _____ () C:\Users\Michael\Downloads\SecurityCheck.exe
2014-03-12 20:12 - 2014-03-12 20:13 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_enu.exe
2014-03-11 06:35 - 2014-03-11 06:35 - 00001153 _____ () C:\Users\Michael\Desktop\JRT.txt
2014-03-11 06:27 - 2014-03-11 06:27 - 00000000 ____D () C:\Windows\ERUNT
2014-03-11 06:12 - 2014-03-11 06:12 - 01244192 _____ () C:\Users\Michael\Downloads\adwcleaner.exe
2014-03-10 20:02 - 2014-03-10 20:02 - 01037734 _____ (Thisisu) C:\Users\Michael\Downloads\JRT.exe
2014-03-10 19:23 - 2014-03-10 19:23 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-10 19:21 - 2014-03-10 19:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Michael\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-09 18:27 - 2014-03-09 18:28 - 00000000 ____D () C:\Users\Michael\Desktop\game
2014-03-08 21:24 - 2014-03-08 21:24 - 01070496 _____ (Unity Technologies ApS) C:\Users\milari\Downloads\UnityWebPlayer.exe
2014-03-06 21:08 - 2014-03-06 21:09 - 02243616 _____ (Megaify Software ) C:\Users\milari\Downloads\driver_setup.exe
2014-03-04 20:50 - 2014-03-17 08:44 - 00000000 ____D () C:\FRST
2014-03-04 20:48 - 2014-03-17 08:43 - 02157056 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2014-03-02 13:13 - 2014-03-02 13:13 - 00000000 ____D () C:\Users\milari\AppData\Roaming\Wargaming.net
2014-03-01 09:38 - 2014-03-01 09:38 - 00103404 _____ () C:\Users\Michael\Documents\Extras.Txt28.02.txt
2014-03-01 09:37 - 2014-03-01 09:37 - 00130106 _____ () C:\Users\Michael\Documents\OTL.Txt28.02.txt
2014-03-01 09:34 - 2014-03-01 09:34 - 00103404 _____ () C:\Users\milari\Desktop\Extras.Txt
2014-03-01 09:33 - 2014-03-01 09:33 - 00130106 _____ () C:\Users\milari\Desktop\OTL.Txt
2014-03-01 09:24 - 2014-03-01 09:24 - 00602112 _____ (OldTimer Tools) C:\Users\milari\Desktop\OTL.exe
2014-03-01 09:05 - 2014-03-11 06:18 - 00002984 _____ () C:\Windows\PFRO.log
2014-03-01 08:53 - 2014-03-01 09:46 - 00000000 ____D () C:\ComboFix
2014-03-01 08:50 - 2014-03-01 08:51 - 05185084 ____R (Swearware) C:\Users\milari\Desktop\ComboFix.exe
2014-03-01 06:53 - 2014-03-16 07:53 - 00000878 _____ () C:\Windows\setupact.log
2014-03-01 06:53 - 2014-03-01 06:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-28 18:48 - 2014-03-11 06:14 - 00000000 ____D () C:\AdwCleaner
2014-02-28 18:47 - 2014-02-28 18:47 - 01244192 _____ () C:\Users\milari\Downloads\adwcleaner_3.0.2.0.exe
2014-02-28 17:50 - 2014-02-28 17:50 - 00179449 _____ () C:\Windows\unins000.dat
2014-02-28 17:50 - 2014-02-28 17:50 - 00001096 _____ () C:\Users\Public\Desktop\Video Downloader.lnk
2014-02-28 17:50 - 2014-02-28 17:48 - 01227465 _____ () C:\Windows\unins000.exe
2014-02-28 17:48 - 2014-02-28 17:48 - 00196448 _____ () C:\Users\milari\Downloads\setup.exe
2014-02-28 17:48 - 2014-02-28 17:48 - 00196448 _____ () C:\Users\milari\Downloads\setup(1).exe
2014-02-27 16:15 - 2014-02-27 16:15 - 01071000 _____ (Solid State Networks) C:\Users\milari\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-23 16:20 - 2014-02-23 16:20 - 00000000 ____D () C:\Users\Michael\Desktop\GottModus.{ED7BA470-8E54-465E-825C-99712043E01C}
2014-02-23 15:07 - 2014-02-23 15:07 - 00001968 _____ () C:\Windows\system32\RaCoInst.log
2014-02-23 15:07 - 2014-02-23 15:07 - 00000000 ____D () C:\ProgramData\Ralink
2014-02-23 15:04 - 2014-02-23 15:04 - 00000000 ____D () C:\Windows\system32\RaLanguages
2014-02-23 15:04 - 2014-02-23 15:04 - 00000000 ____D () C:\ProgramData\Ralink Driver
2014-02-23 15:04 - 2014-02-23 15:04 - 00000000 ____D () C:\Program Files (x86)\Ralink
2014-02-23 15:04 - 2012-04-17 10:31 - 01728064 _____ (Ralink Technology Corp.) C:\Windows\system32\Drivers\netr28ux.sys
2014-02-23 15:04 - 2012-01-10 11:39 - 00127488 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAEXTUI.dll
2014-02-23 15:04 - 2012-01-10 11:39 - 00127488 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAEXTUI.dll
2014-02-23 15:04 - 2012-01-10 11:02 - 01115136 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAIHV.dll
2014-02-23 15:04 - 2012-01-10 11:02 - 01115136 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAIHV.dll
2014-02-23 15:04 - 2011-12-26 11:01 - 00327008 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2014-02-23 15:04 - 2011-12-26 11:01 - 00014119 _____ () C:\Windows\SysWOW64\RaCoInst.dat
2014-02-23 15:04 - 2011-12-26 11:01 - 00014119 _____ () C:\Windows\system32\RaCoInst.dat
2014-02-23 15:04 - 2011-05-04 13:57 - 02403392 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll
2014-02-23 15:04 - 2011-05-04 13:56 - 01608768 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RaCertMgr.dll
2014-02-23 15:04 - 2010-06-29 10:35 - 00792416 _____ () C:\Windows\SysWOW64\DiagFunc.dll
2014-02-23 15:04 - 2010-06-29 10:35 - 00792416 _____ () C:\Windows\system32\DiagFunc.dll
2014-02-23 15:04 - 2010-01-27 12:47 - 00000451 _____ () C:\Windows\system32\DiagFunc.ini
2014-02-23 15:04 - 2010-01-27 11:54 - 00000451 _____ () C:\Windows\SysWOW64\DiagFunc.ini
2014-02-23 15:03 - 2014-02-23 15:03 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\InstallShield
2014-02-18 09:04 - 2014-02-18 09:04 - 01898464 _____ (Tlapia ) C:\Users\milari\Downloads\internet-explorer-9(2).exe
2014-02-18 09:03 - 2014-02-18 09:03 - 01898464 _____ (Tlapia ) C:\Users\milari\Downloads\internet-explorer-9.exe
2014-02-18 09:03 - 2014-02-18 09:03 - 01898464 _____ (Tlapia ) C:\Users\milari\Downloads\internet-explorer-9(1).exe
2014-02-17 13:41 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-02-17 13:41 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-02-17 13:41 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-02-17 13:41 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-02-17 13:40 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-02-17 13:40 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-02-17 13:40 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-02-17 13:40 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-02-17 13:40 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-02-17 13:40 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-02-17 13:40 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-02-17 13:40 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-02-17 13:40 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-02-17 13:40 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-02-17 13:40 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-02-17 13:40 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-02-17 13:40 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-02-17 13:40 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-02-17 13:40 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-02-17 13:40 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-02-17 13:40 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-02-17 13:40 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-02-17 13:39 - 2014-02-17 13:39 - 00000683 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-02-17 13:37 - 2014-02-17 13:38 - 09304408 _____ (Wargaming.net ) C:\Users\milari\Downloads\WoT_internet_install_eu.exe
2014-02-15 18:05 - 2014-02-15 18:05 - 00000000 ____D () C:\Users\milari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

==================== One Month Modified Files and Folders =======

2014-03-17 08:44 - 2014-03-17 08:44 - 00021650 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-03-17 08:44 - 2014-03-04 20:50 - 00000000 ____D () C:\FRST
2014-03-17 08:43 - 2014-03-17 08:43 - 00000000 ____D () C:\Users\Michael\Desktop\FRST-OlderVersion
2014-03-17 08:43 - 2014-03-04 20:48 - 02157056 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2014-03-17 08:42 - 2012-12-20 23:15 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Skype
2014-03-17 08:42 - 2012-12-20 22:45 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B9A9199A-7024-4630-B3B5-B8FD672690B5}
2014-03-17 08:41 - 2013-02-07 20:26 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\uTorrent
2014-03-17 08:16 - 2012-12-21 17:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-17 04:29 - 2012-12-20 22:11 - 02039721 _____ () C:\Windows\WindowsUpdate.log
2014-03-16 22:44 - 2013-07-05 18:41 - 00000000 ____D () C:\Users\milari\AppData\Roaming\Telekom Internet Manager
2014-03-16 22:44 - 2013-02-12 17:38 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Telekom Internet Manager
2014-03-16 17:05 - 2013-03-07 08:58 - 00000414 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2014-03-16 09:50 - 2009-07-14 05:45 - 00027040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-16 09:50 - 2009-07-14 05:45 - 00027040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-16 07:56 - 2013-03-07 08:58 - 00002844 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup
2014-03-16 07:55 - 2013-03-07 08:58 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-03-16 07:53 - 2014-03-01 06:53 - 00000878 _____ () C:\Windows\setupact.log
2014-03-16 07:53 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-14 21:23 - 2009-07-14 05:45 - 00325896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 19:06 - 2014-03-13 19:06 - 00987442 _____ () C:\Users\Michael\Downloads\SecurityCheck.exe
2014-03-12 22:16 - 2012-12-21 17:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 22:16 - 2012-12-21 17:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 22:16 - 2012-12-21 17:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 20:13 - 2014-03-12 20:12 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_enu.exe
2014-03-11 17:38 - 2013-12-22 18:31 - 00000303 _____ () C:\Windows\Lexstat.ini
2014-03-11 06:35 - 2014-03-11 06:35 - 00001153 _____ () C:\Users\Michael\Desktop\JRT.txt
2014-03-11 06:27 - 2014-03-11 06:27 - 00000000 ____D () C:\Windows\ERUNT
2014-03-11 06:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-11 06:18 - 2014-03-01 09:05 - 00002984 _____ () C:\Windows\PFRO.log
2014-03-11 06:14 - 2014-02-28 18:48 - 00000000 ____D () C:\AdwCleaner
2014-03-11 06:12 - 2014-03-11 06:12 - 01244192 _____ () C:\Users\Michael\Downloads\adwcleaner.exe
2014-03-11 05:53 - 2013-02-02 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\CrashDumps
2014-03-10 20:02 - 2014-03-10 20:02 - 01037734 _____ (Thisisu) C:\Users\Michael\Downloads\JRT.exe
2014-03-10 19:37 - 2012-12-20 23:47 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-03-10 19:23 - 2014-03-10 19:23 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-10 19:23 - 2012-12-27 12:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-10 19:22 - 2014-03-10 19:21 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Michael\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-10 19:08 - 2013-03-04 16:07 - 00001636 _____ () C:\Windows\Sandboxie.ini
2014-03-09 18:29 - 2013-03-07 21:55 - 00000000 ___RD () C:\Users\Michael\Desktop\Divers
2014-03-09 18:28 - 2014-03-09 18:27 - 00000000 ____D () C:\Users\Michael\Desktop\game
2014-03-09 18:28 - 2013-03-07 21:54 - 00000000 ___RD () C:\Users\Michael\Desktop\conv
2014-03-08 21:24 - 2014-03-08 21:24 - 01070496 _____ (Unity Technologies ApS) C:\Users\milari\Downloads\UnityWebPlayer.exe
2014-03-08 05:22 - 2013-09-02 19:39 - 00000000 ____D () C:\Program Files (x86)\Connectify
2014-03-06 21:12 - 2009-07-14 18:58 - 03766864 _____ () C:\Windows\system32\perfh007.dat
2014-03-06 21:12 - 2009-07-14 18:58 - 01101940 _____ () C:\Windows\system32\perfc007.dat
2014-03-06 21:12 - 2009-07-14 06:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-06 21:09 - 2014-03-06 21:08 - 02243616 _____ (Megaify Software ) C:\Users\milari\Downloads\driver_setup.exe
2014-03-03 17:48 - 2013-09-04 13:52 - 00000000 ____D () C:\Users\milari\Desktop\Fillybilder
2014-03-02 13:13 - 2014-03-02 13:13 - 00000000 ____D () C:\Users\milari\AppData\Roaming\Wargaming.net
2014-03-01 16:55 - 2013-07-31 08:38 - 00000000 ____D () C:\Users\Michael\AppData\Local\Adobe
2014-03-01 09:46 - 2014-03-01 08:53 - 00000000 ____D () C:\ComboFix
2014-03-01 09:46 - 2013-03-10 00:12 - 00000000 ____D () C:\Windows\erdnt
2014-03-01 09:45 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-01 09:38 - 2014-03-01 09:38 - 00103404 _____ () C:\Users\Michael\Documents\Extras.Txt28.02.txt
2014-03-01 09:37 - 2014-03-01 09:37 - 00130106 _____ () C:\Users\Michael\Documents\OTL.Txt28.02.txt
2014-03-01 09:34 - 2014-03-01 09:34 - 00103404 _____ () C:\Users\milari\Desktop\Extras.Txt
2014-03-01 09:33 - 2014-03-01 09:33 - 00130106 _____ () C:\Users\milari\Desktop\OTL.Txt
2014-03-01 09:24 - 2014-03-01 09:24 - 00602112 _____ (OldTimer Tools) C:\Users\milari\Desktop\OTL.exe
2014-03-01 09:03 - 2009-07-14 03:34 - 71565312 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-03-01 09:03 - 2009-07-14 03:34 - 29622272 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-03-01 09:03 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-03-01 09:03 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-03-01 09:03 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-03-01 08:52 - 2013-02-10 23:15 - 00000000 ____D () C:\Users\milari\AppData\Local\CrashDumps
2014-03-01 08:51 - 2014-03-01 08:50 - 05185084 ____R (Swearware) C:\Users\milari\Desktop\ComboFix.exe
2014-03-01 07:05 - 2014-03-14 18:26 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:53 - 2014-03-01 06:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 06:53 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-01 06:17 - 2014-03-14 18:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-14 18:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-14 18:27 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-14 18:27 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-14 18:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-14 18:27 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-14 18:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-14 18:27 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-14 18:27 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:33 - 2014-03-14 18:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:32 - 2014-03-14 18:26 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-14 18:27 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-14 18:26 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-14 18:27 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-14 18:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-14 18:26 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-14 18:26 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-14 18:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-14 18:27 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-14 18:27 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-14 18:27 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-14 18:27 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-14 18:27 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-14 18:27 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-14 18:27 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-14 18:27 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-14 18:27 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-14 18:26 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-14 18:27 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-14 18:27 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-14 18:26 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-14 18:27 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-14 18:27 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-14 18:27 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-14 18:27 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-14 18:27 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-14 18:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-14 18:27 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-01 03:25 - 2014-03-14 18:26 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 19:01 - 2013-02-27 16:14 - 00000000 ____D () C:\Windows\Minidump
2014-02-28 18:50 - 2012-12-20 22:51 - 00001013 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-28 18:50 - 2012-12-20 22:15 - 00001009 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-28 18:50 - 2012-12-20 22:15 - 00000000 ___RD () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-28 18:47 - 2014-02-28 18:47 - 01244192 _____ () C:\Users\milari\Downloads\adwcleaner_3.0.2.0.exe
2014-02-28 17:50 - 2014-02-28 17:50 - 00179449 _____ () C:\Windows\unins000.dat
2014-02-28 17:50 - 2014-02-28 17:50 - 00001096 _____ () C:\Users\Public\Desktop\Video Downloader.lnk
2014-02-28 17:48 - 2014-02-28 17:50 - 01227465 _____ () C:\Windows\unins000.exe
2014-02-28 17:48 - 2014-02-28 17:48 - 00196448 _____ () C:\Users\milari\Downloads\setup.exe
2014-02-28 17:48 - 2014-02-28 17:48 - 00196448 _____ () C:\Users\milari\Downloads\setup(1).exe
2014-02-27 16:15 - 2014-02-27 16:15 - 01071000 _____ (Solid State Networks) C:\Users\milari\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-25 16:16 - 2014-01-15 14:41 - 00000000 ____D () C:\Users\milari\Desktop\bwerbung
2014-02-23 16:20 - 2014-02-23 16:20 - 00000000 ____D () C:\Users\Michael\Desktop\GottModus.{ED7BA470-8E54-465E-825C-99712043E01C}
2014-02-23 15:07 - 2014-02-23 15:07 - 00001968 _____ () C:\Windows\system32\RaCoInst.log
2014-02-23 15:07 - 2014-02-23 15:07 - 00000000 ____D () C:\ProgramData\Ralink
2014-02-23 15:04 - 2014-02-23 15:04 - 00000000 ____D () C:\Windows\system32\RaLanguages
2014-02-23 15:04 - 2014-02-23 15:04 - 00000000 ____D () C:\ProgramData\Ralink Driver
2014-02-23 15:04 - 2014-02-23 15:04 - 00000000 ____D () C:\Program Files (x86)\Ralink
2014-02-23 15:04 - 2012-12-20 22:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-23 15:03 - 2014-02-23 15:03 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\InstallShield
2014-02-20 18:57 - 2013-02-07 17:13 - 00000000 ____D () C:\Users\milari\AppData\Roaming\Skype
2014-02-18 09:04 - 2014-02-18 09:04 - 01898464 _____ (Tlapia ) C:\Users\milari\Downloads\internet-explorer-9(2).exe
2014-02-18 09:03 - 2014-02-18 09:03 - 01898464 _____ (Tlapia ) C:\Users\milari\Downloads\internet-explorer-9.exe
2014-02-18 09:03 - 2014-02-18 09:03 - 01898464 _____ (Tlapia ) C:\Users\milari\Downloads\internet-explorer-9(1).exe
2014-02-18 06:16 - 2012-12-20 22:14 - 00000000 ____D () C:\Users\Michael
2014-02-18 03:05 - 2013-08-06 07:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 03:00 - 2012-12-21 01:07 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-17 13:41 - 2013-07-22 20:35 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-02-17 13:39 - 2014-02-17 13:39 - 00000683 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-02-17 13:38 - 2014-02-17 13:37 - 09304408 _____ (Wargaming.net ) C:\Users\milari\Downloads\WoT_internet_install_eu.exe
2014-02-16 16:50 - 2014-01-16 15:37 - 00000000 ____D () C:\Users\Michael\AppData\Local\DTAG
2014-02-15 19:59 - 2012-12-20 22:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 19:43 - 2013-07-14 17:38 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-15 18:05 - 2014-02-15 18:05 - 00000000 ____D () C:\Users\milari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-02-15 09:07 - 2013-11-16 09:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\Michael\AppData\Local\temp\Quarantine.exe
C:\Users\Michael\AppData\Local\temp\sfamcc00001.dll
C:\Users\Michael\AppData\Local\temp\sfareca00001.dll
C:\Users\milari\AppData\Local\temp\Foxit Updater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-14 08:27

==================== End Of Log ============================
--- --- ---

--- --- ---
nun er ist soweit da weis ned ob es was miteinander zu tun hat das mit den usb anschlüsse die werden als zu nidrig (1.1 USB) angezeigt wenjn man sticks und ect steckt

schrauber 17.03.2014 10:47
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
GroupPolicyUsers\S-1-5-21-3171436589-2751985768-4002669470-1006\User: Group Policy restriction detected <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



USB Treiber vom Mainboard erneuern.


Downloade dir bitte Windows Repair (All In One) von hier.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:29 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131