Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: "Windows aus Sicherheitsgründen blockiert"!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.02.2012, 15:50   #1
Rejono
 
"Windows aus Sicherheitsgründen blockiert"! - Icon21

"Windows aus Sicherheitsgründen blockiert"!



Hallo Commu.

Habe seit heute auch diesen fiesen Virus. Jedoch ist er bei mir komisch.

Vorerst, ich möchte nicht mein System Platt machen!

Also, habe gestern ein Song gehört, und habe die Lyrics angeschaut. Dan kam aufenmal dieser Virus ( 50 Euro Virus ). Natürlich habe ich ersteinmal den STRG+ALT+ENTF gedrückt und habe auf Neustart geklickt, dabei habe ich den Vorgang abgebrochen damit ich auf meinem Dektop zugreifen konnte. Danach habe ich die AVAST Neustart prüfung gestartet. Er hat unteranderem Firefox als Infizierte Datei angezeigt und auch meinen Keylogger, der aber kein Virus ist.

Was jedoch komisch ist, beim starten des Computers versucht sich eine Datei zu öffnen mit dem Namen "theo" ( mein eigener Name ) Habe den Autostart dann bei TuneUp ausgemacht und komischerweise war der Pfad auch bei Firefox.exe. Firefox habe ich vorerst deinstalliert ( ohne Lesezeichen ). Und die Datei ist irgendwie immernoch da.

Also, ich kann auf meinen Desktop und alles, aber iwas ist da noch da und Malwarebytes und Avast finden nichts mehr!

Grüße

Geändert von Rejono (14.02.2012 um 16:40 Uhr)

Alt 14.02.2012, 16:51   #2
Rejono
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



// Edit

Bleibt der Virus auch aktiv wenn ich mit Google Chrome surfe?..
__________________


Alt 14.02.2012, 16:54   #3
Chris4You
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



Hi,

wenn Du beim Pfad vom Firefox aufgepasst hast, wirst Du feststellen der liegt nicht im "Programmbereich", sondern im Datenbereich... das ist die getarnte Exe...

Und ja, er bleibt auch aktiv wenn der richtige Firefox deinstalliert/gelöscht wird (wird über Run-Key gestartet)... aber eigentlich sollte er ja von Avast erwischt worden sein...

Daher bitte:
OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread

chris
__________________
__________________

Geändert von Chris4You (14.02.2012 um 17:07 Uhr)

Alt 14.02.2012, 17:12   #4
Rejono
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



So habe ich gemacht
Angehängte Dateien
Dateityp: txt OTL.Txt (70,5 KB, 164x aufgerufen)
Dateityp: txt Extras.Txt (42,6 KB, 167x aufgerufen)

Alt 14.02.2012, 18:11   #5
Chris4You
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



Hi,

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

:Commands
[emptytemp]
[Reboot]
         
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
http://filepony.de/download-chameleon/
Danach bitte update der Signaturdateien (Reiter "Aktualisierungen" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

chris

__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 14.02.2012, 19:31   #6
Rejono
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



Hey,

Habe beides gemacht. Leider habe ich jetzt keine LOG dateien, also es besteht kein %systemroot%\_OLT odner!..

Und der Bericht von Malwarebytes, naja er hat nichts gefunden!

Alt 14.02.2012, 19:42   #7
Chris4You
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



Hi,

das OLT-Log findest Du unter C:\_OTL...
Bist Du dir sicher, das Du einen Fullscan hast machen lassen...
Poste trotzdem das Log von MAM...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 14.02.2012, 19:52   #8
Rejono
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



Die datei kann ich hochladen.

Bei der anderen steht hier im fenster ungültiger Dateityp..also hier

Code:
ATTFilter
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Mcx1-THEOHULOK-HP
->Temp folder emptied: 516 bytes
->Temporary Internet Files folder emptied: 192721 bytes
->Flash cache emptied: 41620 bytes
 
User: Public
 
User: Theo Hulok
->Temp folder emptied: 1416749 bytes
->Temporary Internet Files folder emptied: 31693376 bytes
->Java cache emptied: 55826813 bytes
->FireFox cache emptied: 57703719 bytes
->Flash cache emptied: 86973 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1618992 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 195942 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes
RecycleBin emptied: 17309811898 bytes
 
Total Files Cleaned = 16,650.00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 02142012_193109

Files\Folders moved on Reboot...
C:\Users\Theo Hulok\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
         

Der Keylogger ist nicht meiner, der war mal auf einem USB stick und den hatte ich alles nur rübergezogen!
Angehängte Dateien
Dateityp: txt mbam-log-2012-02-14 (20-23-27).txt (2,3 KB, 146x aufgerufen)

Alt 14.02.2012, 20:26   #9
Chris4You
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



Hi,

kein Keylogger sondern ein Keygen...

Noch den TDSS-Killer dann ist Schluß...
TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Nach dem Start erscheint ein Fenster, dort dann "Start Scan".
Wenn der Scan fertig ist bitte "Report" anwählen. Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 14.02.2012, 20:35   #10
Rejono
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



Code:
ATTFilter
21:33:14.0320 4440	TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
21:33:14.0565 4440	============================================================
21:33:14.0565 4440	Current date / time: 2012/02/14 21:33:14.0565
21:33:14.0565 4440	SystemInfo:
21:33:14.0565 4440	
21:33:14.0565 4440	OS Version: 6.1.7601 ServicePack: 1.0
21:33:14.0565 4440	Product type: Workstation
21:33:14.0565 4440	ComputerName: THEOHULOK-HP
21:33:14.0565 4440	UserName: Theo Hulok
21:33:14.0565 4440	Windows directory: C:\Windows
21:33:14.0565 4440	System windows directory: C:\Windows
21:33:14.0565 4440	Running under WOW64
21:33:14.0565 4440	Processor architecture: Intel x64
21:33:14.0565 4440	Number of processors: 8
21:33:14.0565 4440	Page size: 0x1000
21:33:14.0565 4440	Boot type: Normal boot
21:33:14.0565 4440	============================================================
21:33:14.0867 4440	Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:33:14.0871 4440	Drive \Device\Harddisk1\DR1 - Size: 0xF1000000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:33:14.0886 4440	\Device\Harddisk0\DR0:
21:33:14.0886 4440	MBR used
21:33:14.0886 4440	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:33:14.0886 4440	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72B5E800
21:33:14.0886 4440	\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72B91000, BlocksNum 0x1B75000
21:33:14.0886 4440	\Device\Harddisk1\DR1:
21:33:14.0887 4440	MBR used
21:33:14.0888 4440	\Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x7DC1, BlocksNum 0x77DE6A
21:33:14.0958 4440	Initialize success
21:33:14.0958 4440	============================================================
21:33:18.0853 3412	============================================================
21:33:18.0853 3412	Scan started
21:33:18.0853 3412	Mode: Manual; 
21:33:18.0853 3412	============================================================
21:33:19.0350 3412	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:33:19.0353 3412	1394ohci - ok
21:33:19.0396 3412	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:33:19.0399 3412	ACPI - ok
21:33:19.0432 3412	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:33:19.0433 3412	AcpiPmi - ok
21:33:19.0484 3412	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:33:19.0489 3412	adp94xx - ok
21:33:19.0525 3412	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:33:19.0529 3412	adpahci - ok
21:33:19.0572 3412	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:33:19.0574 3412	adpu320 - ok
21:33:19.0638 3412	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:33:19.0642 3412	AFD - ok
21:33:19.0682 3412	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:33:19.0685 3412	agp440 - ok
21:33:19.0720 3412	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:33:19.0720 3412	aliide - ok
21:33:19.0753 3412	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:33:19.0754 3412	amdide - ok
21:33:19.0798 3412	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:33:19.0800 3412	AmdK8 - ok
21:33:19.0955 3412	amdkmdag        (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
21:33:20.0045 3412	amdkmdag - ok
21:33:20.0063 3412	amdkmdap        (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
21:33:20.0064 3412	amdkmdap - ok
21:33:20.0124 3412	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:33:20.0125 3412	AmdPPM - ok
21:33:20.0165 3412	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:33:20.0166 3412	amdsata - ok
21:33:20.0198 3412	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:33:20.0200 3412	amdsbs - ok
21:33:20.0229 3412	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:33:20.0229 3412	amdxata - ok
21:33:20.0276 3412	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:33:20.0277 3412	AppID - ok
21:33:20.0303 3412	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:33:20.0305 3412	arc - ok
21:33:20.0332 3412	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:33:20.0333 3412	arcsas - ok
21:33:20.0413 3412	aswFsBlk        (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
21:33:20.0414 3412	aswFsBlk - ok
21:33:20.0474 3412	aswFW           (78c8f46f4bd5f9dcfe2af5dfea33f334) C:\Windows\system32\drivers\aswFW.sys
21:33:20.0475 3412	aswFW - ok
21:33:20.0507 3412	aswMonFlt       (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
21:33:20.0508 3412	aswMonFlt - ok
21:33:20.0531 3412	aswNdis         (518b8d447a1975ab46da093a2e743256) C:\Windows\system32\DRIVERS\aswNdis.sys
21:33:20.0532 3412	aswNdis - ok
21:33:20.0572 3412	aswNdis2        (a985fa77a3262bc119e6e520cda645b0) C:\Windows\system32\drivers\aswNdis2.sys
21:33:20.0574 3412	aswNdis2 - ok
21:33:20.0611 3412	aswRdr          (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
21:33:20.0612 3412	aswRdr - ok
21:33:20.0677 3412	aswSnx          (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
21:33:20.0679 3412	aswSnx - ok
21:33:20.0713 3412	aswSP           (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
21:33:20.0714 3412	aswSP - ok
21:33:20.0732 3412	aswTdi          (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
21:33:20.0733 3412	aswTdi - ok
21:33:20.0767 3412	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:33:20.0768 3412	AsyncMac - ok
21:33:20.0819 3412	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:33:20.0820 3412	atapi - ok
21:33:20.0858 3412	AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys
21:33:20.0859 3412	AtiHDAudioService - ok
21:33:20.0956 3412	atksgt          (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
21:33:20.0958 3412	atksgt - ok
21:33:21.0022 3412	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:33:21.0026 3412	b06bdrv - ok
21:33:21.0064 3412	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:33:21.0067 3412	b57nd60a - ok
21:33:21.0093 3412	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:33:21.0094 3412	Beep - ok
21:33:21.0151 3412	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:33:21.0152 3412	blbdrive - ok
21:33:21.0201 3412	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:33:21.0202 3412	bowser - ok
21:33:21.0214 3412	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:33:21.0214 3412	BrFiltLo - ok
21:33:21.0230 3412	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:33:21.0230 3412	BrFiltUp - ok
21:33:21.0258 3412	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:33:21.0261 3412	Brserid - ok
21:33:21.0281 3412	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:33:21.0282 3412	BrSerWdm - ok
21:33:21.0293 3412	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:33:21.0294 3412	BrUsbMdm - ok
21:33:21.0301 3412	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:33:21.0302 3412	BrUsbSer - ok
21:33:21.0319 3412	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:33:21.0320 3412	BTHMODEM - ok
21:33:21.0346 3412	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:33:21.0347 3412	cdfs - ok
21:33:21.0397 3412	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:33:21.0399 3412	cdrom - ok
21:33:21.0437 3412	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:33:21.0438 3412	circlass - ok
21:33:21.0465 3412	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:33:21.0469 3412	CLFS - ok
21:33:21.0517 3412	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:33:21.0518 3412	CmBatt - ok
21:33:21.0537 3412	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:33:21.0538 3412	cmdide - ok
21:33:21.0569 3412	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:33:21.0573 3412	CNG - ok
21:33:21.0609 3412	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:33:21.0609 3412	Compbatt - ok
21:33:21.0637 3412	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:33:21.0638 3412	CompositeBus - ok
21:33:21.0676 3412	CpqDfw          (a398ed024f739e7be74ecffa8a713a89) C:\Windows\system32\drivers\CpqDfw.sys
21:33:21.0677 3412	CpqDfw - ok
21:33:21.0695 3412	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:33:21.0696 3412	crcdisk - ok
21:33:21.0738 3412	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:33:21.0739 3412	DfsC - ok
21:33:21.0759 3412	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:33:21.0760 3412	discache - ok
21:33:21.0788 3412	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:33:21.0788 3412	Disk - ok
21:33:21.0807 3412	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:33:21.0807 3412	drmkaud - ok
21:33:21.0836 3412	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:33:21.0840 3412	DXGKrnl - ok
21:33:21.0902 3412	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:33:21.0929 3412	ebdrv - ok
21:33:21.0970 3412	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:33:21.0975 3412	elxstor - ok
21:33:22.0017 3412	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:33:22.0018 3412	ErrDev - ok
21:33:22.0065 3412	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:33:22.0067 3412	exfat - ok
21:33:22.0111 3412	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:33:22.0113 3412	fastfat - ok
21:33:22.0137 3412	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:33:22.0138 3412	fdc - ok
21:33:22.0159 3412	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:33:22.0160 3412	FileInfo - ok
21:33:22.0176 3412	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:33:22.0177 3412	Filetrace - ok
21:33:22.0191 3412	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:33:22.0191 3412	flpydisk - ok
21:33:22.0216 3412	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:33:22.0218 3412	FltMgr - ok
21:33:22.0276 3412	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:33:22.0277 3412	FsDepends - ok
21:33:22.0301 3412	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:33:22.0301 3412	Fs_Rec - ok
21:33:22.0314 3412	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:33:22.0316 3412	fvevol - ok
21:33:22.0333 3412	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:33:22.0334 3412	gagp30kx - ok
21:33:22.0367 3412	hamachi         (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
21:33:22.0368 3412	hamachi - ok
21:33:22.0426 3412	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:33:22.0427 3412	hcw85cir - ok
21:33:22.0460 3412	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:33:22.0463 3412	HdAudAddService - ok
21:33:22.0512 3412	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:33:22.0514 3412	HDAudBus - ok
21:33:22.0554 3412	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:33:22.0555 3412	HidBatt - ok
21:33:22.0579 3412	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:33:22.0580 3412	HidBth - ok
21:33:22.0600 3412	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:33:22.0601 3412	HidIr - ok
21:33:22.0621 3412	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:33:22.0622 3412	HidUsb - ok
21:33:22.0688 3412	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:33:22.0689 3412	HpSAMD - ok
21:33:22.0718 3412	HTCAND64        (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:33:22.0719 3412	HTCAND64 - ok
21:33:22.0771 3412	htcnprot        (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
21:33:22.0773 3412	htcnprot - ok
21:33:22.0802 3412	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:33:22.0809 3412	HTTP - ok
21:33:22.0835 3412	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:33:22.0836 3412	hwpolicy - ok
21:33:22.0865 3412	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:33:22.0866 3412	i8042prt - ok
21:33:22.0899 3412	iaStor          (8180a2392e732e8871589b54fab6991f) C:\Windows\system32\DRIVERS\iaStor.sys
21:33:22.0901 3412	iaStor - ok
21:33:22.0958 3412	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:33:22.0962 3412	iaStorV - ok
21:33:22.0998 3412	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:33:22.0999 3412	iirsp - ok
21:33:23.0052 3412	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:33:23.0053 3412	intelide - ok
21:33:23.0087 3412	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:33:23.0087 3412	intelppm - ok
21:33:23.0144 3412	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:33:23.0148 3412	IpFilterDriver - ok
21:33:23.0191 3412	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:33:23.0192 3412	IPMIDRV - ok
21:33:23.0224 3412	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:33:23.0225 3412	IPNAT - ok
21:33:23.0257 3412	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:33:23.0258 3412	IRENUM - ok
21:33:23.0288 3412	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:33:23.0289 3412	isapnp - ok
21:33:23.0317 3412	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:33:23.0320 3412	iScsiPrt - ok
21:33:23.0376 3412	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:33:23.0376 3412	kbdclass - ok
21:33:23.0397 3412	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:33:23.0398 3412	kbdhid - ok
21:33:23.0431 3412	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:33:23.0432 3412	KSecDD - ok
21:33:23.0456 3412	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:33:23.0458 3412	KSecPkg - ok
21:33:23.0487 3412	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:33:23.0488 3412	ksthunk - ok
21:33:23.0575 3412	lirsgt          (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
21:33:23.0576 3412	lirsgt - ok
21:33:23.0624 3412	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:33:23.0625 3412	lltdio - ok
21:33:23.0671 3412	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:33:23.0672 3412	LSI_FC - ok
21:33:23.0707 3412	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:33:23.0709 3412	LSI_SAS - ok
21:33:23.0738 3412	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:33:23.0739 3412	LSI_SAS2 - ok
21:33:23.0768 3412	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:33:23.0769 3412	LSI_SCSI - ok
21:33:23.0790 3412	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:33:23.0792 3412	luafv - ok
21:33:23.0865 3412	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
21:33:23.0866 3412	MBAMProtector - ok
21:33:23.0909 3412	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:33:23.0910 3412	megasas - ok
21:33:23.0941 3412	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:33:23.0944 3412	MegaSR - ok
21:33:23.0971 3412	MEIx64          (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
21:33:23.0971 3412	MEIx64 - ok
21:33:23.0993 3412	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:33:23.0994 3412	Modem - ok
21:33:24.0012 3412	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:33:24.0013 3412	monitor - ok
21:33:24.0043 3412	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:33:24.0043 3412	mouclass - ok
21:33:24.0056 3412	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:33:24.0057 3412	mouhid - ok
21:33:24.0091 3412	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:33:24.0092 3412	mountmgr - ok
21:33:24.0112 3412	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:33:24.0114 3412	mpio - ok
21:33:24.0146 3412	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:33:24.0147 3412	mpsdrv - ok
21:33:24.0177 3412	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:33:24.0178 3412	MRxDAV - ok
21:33:24.0200 3412	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:33:24.0202 3412	mrxsmb - ok
21:33:24.0221 3412	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:33:24.0224 3412	mrxsmb10 - ok
21:33:24.0232 3412	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:33:24.0233 3412	mrxsmb20 - ok
21:33:24.0255 3412	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:33:24.0256 3412	msahci - ok
21:33:24.0280 3412	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:33:24.0282 3412	msdsm - ok
21:33:24.0304 3412	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:33:24.0304 3412	Msfs - ok
21:33:24.0337 3412	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:33:24.0338 3412	mshidkmdf - ok
21:33:24.0373 3412	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:33:24.0373 3412	msisadrv - ok
21:33:24.0401 3412	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:33:24.0402 3412	MSKSSRV - ok
21:33:24.0414 3412	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:33:24.0415 3412	MSPCLOCK - ok
21:33:24.0424 3412	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:33:24.0425 3412	MSPQM - ok
21:33:24.0454 3412	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:33:24.0458 3412	MsRPC - ok
21:33:24.0475 3412	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:33:24.0476 3412	mssmbios - ok
21:33:24.0491 3412	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:33:24.0492 3412	MSTEE - ok
21:33:24.0503 3412	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:33:24.0503 3412	MTConfig - ok
21:33:24.0521 3412	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:33:24.0521 3412	Mup - ok
21:33:24.0560 3412	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:33:24.0563 3412	NativeWifiP - ok
21:33:24.0635 3412	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:33:24.0643 3412	NDIS - ok
21:33:24.0662 3412	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:33:24.0663 3412	NdisCap - ok
21:33:24.0688 3412	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:33:24.0689 3412	NdisTapi - ok
21:33:24.0715 3412	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:33:24.0716 3412	Ndisuio - ok
21:33:24.0731 3412	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:33:24.0733 3412	NdisWan - ok
21:33:24.0757 3412	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:33:24.0758 3412	NDProxy - ok
21:33:24.0790 3412	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:33:24.0791 3412	NetBIOS - ok
21:33:24.0807 3412	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:33:24.0809 3412	NetBT - ok
21:33:24.0872 3412	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:33:24.0873 3412	nfrd960 - ok
21:33:24.0882 3412	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:33:24.0883 3412	Npfs - ok
21:33:24.0891 3412	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:33:24.0892 3412	nsiproxy - ok
21:33:24.0930 3412	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:33:24.0956 3412	Ntfs - ok
21:33:24.0985 3412	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:33:24.0986 3412	Null - ok
21:33:25.0015 3412	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:33:25.0017 3412	nvraid - ok
21:33:25.0033 3412	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:33:25.0035 3412	nvstor - ok
21:33:25.0088 3412	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:33:25.0090 3412	nv_agp - ok
21:33:25.0108 3412	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:33:25.0110 3412	ohci1394 - ok
21:33:25.0139 3412	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:33:25.0141 3412	Parport - ok
21:33:25.0167 3412	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:33:25.0169 3412	partmgr - ok
21:33:25.0205 3412	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:33:25.0207 3412	pci - ok
21:33:25.0225 3412	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:33:25.0226 3412	pciide - ok
21:33:25.0245 3412	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:33:25.0248 3412	pcmcia - ok
21:33:25.0269 3412	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:33:25.0270 3412	pcw - ok
21:33:25.0305 3412	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:33:25.0311 3412	PEAUTH - ok
21:33:25.0375 3412	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:33:25.0376 3412	PptpMiniport - ok
21:33:25.0406 3412	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:33:25.0407 3412	Processor - ok
21:33:25.0449 3412	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:33:25.0451 3412	Psched - ok
21:33:25.0492 3412	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:33:25.0505 3412	ql2300 - ok
21:33:25.0527 3412	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:33:25.0529 3412	ql40xx - ok
21:33:25.0553 3412	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:33:25.0554 3412	QWAVEdrv - ok
21:33:25.0597 3412	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:33:25.0598 3412	RasAcd - ok
21:33:25.0629 3412	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:33:25.0630 3412	RasAgileVpn - ok
21:33:25.0649 3412	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:33:25.0651 3412	Rasl2tp - ok
21:33:25.0660 3412	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:33:25.0661 3412	RasPppoe - ok
21:33:25.0669 3412	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:33:25.0670 3412	RasSstp - ok
21:33:25.0687 3412	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:33:25.0690 3412	rdbss - ok
21:33:25.0709 3412	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:33:25.0709 3412	rdpbus - ok
21:33:25.0737 3412	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:33:25.0738 3412	RDPCDD - ok
21:33:25.0747 3412	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:33:25.0747 3412	RDPENCDD - ok
21:33:25.0756 3412	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:33:25.0756 3412	RDPREFMP - ok
21:33:25.0774 3412	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:33:25.0776 3412	RDPWD - ok
21:33:25.0805 3412	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:33:25.0808 3412	rdyboost - ok
21:33:25.0895 3412	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:33:25.0896 3412	rspndr - ok
21:33:25.0915 3412	RTCore64        (2e887e52e45bba3c47ccd0e75fc5266f) C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
21:33:25.0915 3412	RTCore64 - ok
21:33:25.0952 3412	RTL8167         (b15c021c2c9bb217a799d9532e8f04d4) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:33:25.0954 3412	RTL8167 - ok
21:33:25.0987 3412	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:33:25.0989 3412	sbp2port - ok
21:33:26.0029 3412	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:33:26.0030 3412	scfilter - ok
21:33:26.0051 3412	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:33:26.0051 3412	secdrv - ok
21:33:26.0111 3412	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:33:26.0112 3412	Serenum - ok
21:33:26.0155 3412	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:33:26.0156 3412	Serial - ok
21:33:26.0176 3412	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:33:26.0177 3412	sermouse - ok
21:33:26.0194 3412	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:33:26.0195 3412	sffdisk - ok
21:33:26.0205 3412	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:33:26.0206 3412	sffp_mmc - ok
21:33:26.0234 3412	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:33:26.0235 3412	sffp_sd - ok
21:33:26.0250 3412	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:33:26.0251 3412	sfloppy - ok
21:33:26.0266 3412	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:33:26.0267 3412	SiSRaid2 - ok
21:33:26.0284 3412	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:33:26.0285 3412	SiSRaid4 - ok
21:33:26.0318 3412	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:33:26.0319 3412	Smb - ok
21:33:26.0352 3412	speedfan - ok
21:33:26.0397 3412	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:33:26.0397 3412	spldr - ok
21:33:26.0418 3412	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:33:26.0422 3412	srv - ok
21:33:26.0433 3412	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:33:26.0437 3412	srv2 - ok
21:33:26.0445 3412	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:33:26.0447 3412	srvnet - ok
21:33:26.0464 3412	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:33:26.0465 3412	stexstor - ok
21:33:26.0500 3412	STHDA           (84311d693857d5ae2e397b43c91f7b41) C:\Windows\system32\DRIVERS\stwrt64.sys
21:33:26.0505 3412	STHDA - ok
21:33:26.0576 3412	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:33:26.0576 3412	swenum - ok
21:33:26.0665 3412	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:33:26.0690 3412	Tcpip - ok
21:33:26.0740 3412	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:33:26.0747 3412	TCPIP6 - ok
21:33:26.0769 3412	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:33:26.0770 3412	tcpipreg - ok
21:33:26.0796 3412	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:33:26.0797 3412	TDPIPE - ok
21:33:26.0816 3412	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:33:26.0817 3412	TDTCP - ok
21:33:26.0847 3412	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:33:26.0849 3412	tdx - ok
21:33:26.0947 3412	TelekomNM6      (4283d7125ba4bd0cb50bb0f78b54257a) C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
21:33:26.0947 3412	TelekomNM6 - ok
21:33:26.0991 3412	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:33:26.0992 3412	TermDD - ok
21:33:27.0031 3412	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:33:27.0032 3412	tssecsrv - ok
21:33:27.0059 3412	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:33:27.0060 3412	TsUsbFlt - ok
21:33:27.0148 3412	TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
21:33:27.0149 3412	TuneUpUtilitiesDrv - ok
21:33:27.0176 3412	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:33:27.0177 3412	tunnel - ok
21:33:27.0211 3412	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:33:27.0212 3412	uagp35 - ok
21:33:27.0274 3412	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:33:27.0277 3412	udfs - ok
21:33:27.0323 3412	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:33:27.0324 3412	uliagpkx - ok
21:33:27.0354 3412	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:33:27.0355 3412	umbus - ok
21:33:27.0380 3412	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:33:27.0381 3412	UmPass - ok
21:33:27.0411 3412	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:33:27.0413 3412	usbccgp - ok
21:33:27.0455 3412	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:33:27.0457 3412	usbcir - ok
21:33:27.0488 3412	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:33:27.0489 3412	usbehci - ok
21:33:27.0506 3412	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:33:27.0509 3412	usbhub - ok
21:33:27.0566 3412	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:33:27.0567 3412	usbohci - ok
21:33:27.0604 3412	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:33:27.0605 3412	usbprint - ok
21:33:27.0631 3412	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:33:27.0633 3412	USBSTOR - ok
21:33:27.0657 3412	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:33:27.0658 3412	usbuhci - ok
21:33:27.0694 3412	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:33:27.0695 3412	vdrvroot - ok
21:33:27.0720 3412	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:33:27.0721 3412	vga - ok
21:33:27.0743 3412	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:33:27.0744 3412	VgaSave - ok
21:33:27.0776 3412	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:33:27.0779 3412	vhdmp - ok
21:33:27.0845 3412	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:33:27.0846 3412	viaide - ok
21:33:27.0862 3412	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:33:27.0863 3412	volmgr - ok
21:33:27.0898 3412	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:33:27.0906 3412	volmgrx - ok
21:33:27.0928 3412	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:33:27.0930 3412	volsnap - ok
21:33:27.0957 3412	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:33:27.0959 3412	vsmraid - ok
21:33:27.0982 3412	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
21:33:27.0983 3412	vwifibus - ok
21:33:28.0007 3412	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:33:28.0008 3412	WacomPen - ok
21:33:28.0024 3412	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:33:28.0025 3412	WANARP - ok
21:33:28.0028 3412	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:33:28.0028 3412	Wanarpv6 - ok
21:33:28.0044 3412	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:33:28.0045 3412	Wd - ok
21:33:28.0076 3412	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:33:28.0082 3412	Wdf01000 - ok
21:33:28.0095 3412	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:33:28.0096 3412	WfpLwf - ok
21:33:28.0112 3412	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:33:28.0113 3412	WIMMount - ok
21:33:28.0134 3412	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:33:28.0135 3412	WmiAcpi - ok
21:33:28.0176 3412	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:33:28.0177 3412	ws2ifsl - ok
21:33:28.0203 3412	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:33:28.0205 3412	WudfPf - ok
21:33:28.0235 3412	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:33:28.0237 3412	WUDFRd - ok
21:33:28.0278 3412	xusb21          (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
21:33:28.0279 3412	xusb21 - ok
21:33:28.0300 3412	MBR (0x1B8)     (bc669f027047c32c69b6fbb2d8465732) \Device\Harddisk0\DR0
21:33:28.0519 3412	\Device\Harddisk0\DR0 - ok
21:33:28.0521 3412	MBR (0x1B8)     (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
21:33:28.0524 3412	\Device\Harddisk1\DR1 - ok
21:33:28.0525 3412	Boot (0x1200)   (8af0f085c791597c223787bbce53f63d) \Device\Harddisk0\DR0\Partition0
21:33:28.0526 3412	\Device\Harddisk0\DR0\Partition0 - ok
21:33:28.0531 3412	Boot (0x1200)   (921fceb1585ec59705ed48d12ed79b7c) \Device\Harddisk0\DR0\Partition1
21:33:28.0532 3412	\Device\Harddisk0\DR0\Partition1 - ok
21:33:28.0564 3412	Boot (0x1200)   (30af39d2297bb131742fc24f11bb3300) \Device\Harddisk0\DR0\Partition2
21:33:28.0565 3412	\Device\Harddisk0\DR0\Partition2 - ok
21:33:28.0567 3412	Boot (0x1200)   (26a1bf9f1cd32419ce13dd95dc36ac3e) \Device\Harddisk1\DR1\Partition0
21:33:28.0567 3412	\Device\Harddisk1\DR1\Partition0 - ok
21:33:28.0567 3412	============================================================
21:33:28.0567 3412	Scan finished
21:33:28.0567 3412	============================================================
21:33:28.0572 5380	Detected object count: 0
21:33:28.0572 5380	Actual detected object count: 0
         

So, bitte.

Wollte halt noch sagen das die Datei, "theo" immernoch bei TuneUp angezeigt wird.

Grüße

Alt 14.02.2012, 20:59   #11
Chris4You
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



Hi,

was genau zeigt Dir tuneup an?

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 14.02.2012, 21:02   #12
Rejono
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



Hab dir mal nen Screenshot gemacht!

Und danke für alles!
Miniaturansicht angehängter Grafiken
-5555.jpg  

Alt 14.02.2012, 21:05   #13
Chris4You
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



Hi,

schlecht, das ist wieder der "falsche" Firefox...

Poste nochmal ein neues OTL-Log...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 14.02.2012, 21:13   #14
Rejono
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



Code:
ATTFilter
OTL logfile created on: 2/14/2012 10:09:47 PM - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Theo Hulok\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5.98 Gb Total Physical Memory | 3.81 Gb Available Physical Memory | 63.75% Memory free
11.96 Gb Paging File | 9.40 Gb Available in Paging File | 78.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.68 Gb Total Space | 630.92 Gb Free Space | 68.75% Space Free | Partition Type: NTFS
Drive D: | 13.73 Gb Total Space | 1.69 Gb Free Space | 12.33% Space Free | Partition Type: NTFS
Drive J: | 3.74 Gb Total Space | 3.73 Gb Free Space | 99.59% Space Free | Partition Type: FAT32
 
Computer Name: THEOHULOK-HP | User Name: Theo Hulok | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/02/14 18:01:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Theo Hulok\Desktop\OTL.exe
PRC - [2012/02/08 21:31:09 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/02/07 13:18:30 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/01/17 20:18:44 | 000,232,616 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/02 21:05:49 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/12/30 11:27:34 | 000,074,752 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2011/11/28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/10/17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/10/17 15:12:48 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/08/02 10:21:01 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\steam\Steam.exe
PRC - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/01/17 17:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 17:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/10/05 15:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 15:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/09/28 16:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010/04/23 20:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2009/05/09 00:39:48 | 002,068,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
PRC - [2009/05/09 00:11:00 | 002,068,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
PRC - [2009/02/28 03:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
PRC - [2008/11/20 18:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/02/14 16:27:14 | 014,415,144 | ---- | M] () -- C:\steam\bin\libcef.dll
MOD - [2012/02/14 16:27:12 | 000,914,216 | ---- | M] () -- C:\steam\bin\avcodec-52.dll
MOD - [2012/02/14 16:27:12 | 000,857,896 | ---- | M] () -- C:\steam\bin\chromehtml.dll
MOD - [2012/02/14 16:27:12 | 000,155,432 | ---- | M] () -- C:\steam\bin\avformat-52.dll
MOD - [2012/02/14 16:27:12 | 000,091,432 | ---- | M] () -- C:\steam\bin\avutil-50.dll
MOD - [2012/02/08 21:31:09 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/01/12 16:06:31 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll
MOD - [2011/12/26 13:19:50 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\f14466471a19a329eccf40839aa72cc4\IAStorUtil.ni.dll
MOD - [2011/12/26 13:19:50 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\056e417666352c7a702530d8a2770e30\IAStorCommon.ni.dll
MOD - [2011/11/11 19:04:41 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/10/14 11:41:13 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/10/14 11:41:09 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/10/14 11:41:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/14 11:40:59 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/10/14 11:40:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/10/14 11:40:56 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/14 11:40:52 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/08/02 22:14:19 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/08/02 22:14:19 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
MOD - [2011/04/24 13:05:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/11/13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/02/28 03:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
MOD - [2009/02/20 01:22:50 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/12/14 12:23:22 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011/12/06 04:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/11/28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/03/24 15:48:52 | 002,404,864 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe -- (Netzmanager Service)
SRV:64bit: - [2010/09/27 21:10:00 | 000,270,336 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV)
SRV:64bit: - [2010/08/06 03:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/01 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/02/07 13:18:30 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/02 21:05:49 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/12/30 11:27:34 | 000,074,752 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2011/12/14 12:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/12/14 12:23:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/10/17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011/06/21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/05 15:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/10/05 15:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/09/28 16:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010/06/01 23:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/12/24 21:24:40 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/12/24 21:24:40 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/12/06 04:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/12/06 03:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/11/28 18:54:44 | 000,140,120 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2011/11/28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/11/28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/11/28 18:53:28 | 000,258,392 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2011/11/28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/11/28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/11/28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/11/28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/10/17 18:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/10/17 14:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/09/06 21:10:01 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/27 21:10:00 | 000,517,120 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/09/21 03:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/09/16 16:02:59 | 000,045,664 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys -- (TelekomNM6)
DRV:64bit: - [2010/09/03 07:59:26 | 000,349,800 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/06/25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010/03/01 23:59:50 | 000,024,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cpqdfw.sys -- (CpqDfw)
DRV:64bit: - [2009/11/01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2011/11/08 12:47:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2011/03/18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2010/05/27 01:43:00 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/04 15:19:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/14 18:53:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/07/28 21:00:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Theo Hulok\AppData\Roaming\mozilla\Extensions
[2012/02/08 18:52:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Theo Hulok\AppData\Roaming\mozilla\Firefox\Profiles\xrewpnjf.default\extensions
[2012/02/07 21:00:03 | 000,000,000 | ---D | M] (Spam Free Search Bar) -- C:\Users\Theo Hulok\AppData\Roaming\mozilla\Firefox\Profiles\xrewpnjf.default\extensions\{00f12770-e60e-4dc6-9105-425bface7c73}
[2012/02/08 18:52:42 | 000,000,000 | ---D | M] (Better Battlelog (BBLog)) -- C:\Users\Theo Hulok\AppData\Roaming\mozilla\Firefox\Profiles\xrewpnjf.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack
[2012/02/14 18:53:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/08 21:31:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/08 18:36:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/02/08 18:21:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/08 18:36:16 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/02/08 18:36:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/02/08 18:36:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/02/08 18:36:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Updater For Spam Free Search Bar) - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll (Visicom Media)
O2 - BHO: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Steam] C:\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Theo Hulok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A009DB9D-AD45-4A89-A873-CD05A71ED2A9}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\MPK\mpk.exe) -  File not found
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/02/14 21:31:39 | 000,000,000 | ---D | C] -- C:\tdsskiller
[2012/02/14 19:31:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/14 18:53:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/02/14 18:52:59 | 015,640,448 | ---- | C] (Mozilla) -- C:\Users\Theo Hulok\Desktop\Firefox_Setup_10.0.1.exe
[2012/02/14 18:03:23 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Theo Hulok\Desktop\OTL.exe
[2012/02/13 23:21:17 | 000,000,000 | ---D | C] -- C:\Users\Theo Hulok\AppData\Roaming\Malwarebytes
[2012/02/13 23:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/13 23:21:12 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/02/13 23:21:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/02/13 23:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/13 23:19:17 | 009,502,424 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Theo Hulok\Desktop\mbam-setup-1.60.1.1000.exe
[2012/02/09 16:04:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/02/09 16:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/02/07 21:00:08 | 000,000,000 | ---D | C] -- C:\Users\Theo Hulok\AppData\Local\blekkotb
[2012/02/07 21:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Anti-phishing Domain Advisor
[2012/02/07 21:00:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\blekkotb
[2012/02/06 17:04:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/02/06 17:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/02/06 17:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/02/06 17:02:41 | 000,000,000 | ---D | C] -- C:\AMD
[2012/02/03 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ace of Spades
[2012/02/03 16:14:21 | 000,000,000 | ---D | C] -- C:\Ace of Spades
[2012/01/31 16:27:33 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/31 16:27:33 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/01/31 16:27:33 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/01/31 16:27:33 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/01/31 16:27:33 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/01/31 16:27:33 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/01/30 19:12:43 | 000,000,000 | ---D | C] -- C:\Users\Theo Hulok\Desktop\Minecraft Server
[2012/01/26 20:23:05 | 000,000,000 | ---D | C] -- C:\Users\Theo Hulok\Documents\GUILD WARS
[2012/01/26 20:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GUILD WARS
[2012/01/26 20:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GUILD WARS
[2012/01/26 19:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/01/26 19:43:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Bridge CS5.1
[2012/01/26 19:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Encoder CS5.5
[2012/01/26 19:42:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Device Central CS5.5
[2012/01/26 19:42:37 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/01/26 19:42:16 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe After Effects CS5.5
[2012/01/26 19:41:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/01/26 19:41:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Extension Manager CS5.5
[2012/01/26 19:40:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/01/26 16:35:31 | 000,000,000 | ---D | C] -- C:\Users\Theo Hulok\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/01/26 16:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2012/01/19 18:58:08 | 000,000,000 | ---D | C] -- C:\Users\Theo Hulok\AppData\Roaming\Sony Creative Software Inc
[2012/01/17 20:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012/01/17 20:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2012/01/17 20:27:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2012/01/17 18:31:37 | 219,499,888 | ---- | C] (Sony Creative Software Inc.) -- C:\Users\Theo Hulok\Desktop\vegaspro11.0.511_64bit.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012/02/14 22:01:19 | 000,057,177 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\5555.JPG
[2012/02/14 21:30:13 | 002,042,462 | ---- | M] () -- C:\tdsskiller.zip
[2012/02/14 20:33:39 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/14 20:33:39 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/14 20:24:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/14 20:24:50 | 523,132,927 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/14 19:00:56 | 002,340,875 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\IMG_5131.JPG
[2012/02/14 18:53:38 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/14 18:06:09 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/14 18:06:09 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/02/14 18:06:09 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/14 18:06:09 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/02/14 18:06:09 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/14 18:01:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Theo Hulok\Desktop\OTL.exe
[2012/02/14 16:32:58 | 015,640,448 | ---- | M] (Mozilla) -- C:\Users\Theo Hulok\Desktop\Firefox_Setup_10.0.1.exe
[2012/02/13 23:21:13 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/02/13 23:20:28 | 009,502,424 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Theo Hulok\Desktop\mbam-setup-1.60.1.1000.exe
[2012/02/12 13:49:43 | 000,758,236 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\michi.jpg
[2012/02/11 19:44:28 | 000,003,372 | ---- | M] () -- C:\Users\Theo Hulok\.recently-used.xbel
[2012/02/11 14:02:09 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/02/11 14:02:09 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/02/11 14:01:41 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/02/10 16:33:56 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTheo Hulok.job
[2012/02/09 22:36:00 | 000,234,990 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\175604_100905299989245_100002093251996_6070_6316198_o.jpg
[2012/02/09 16:04:45 | 000,000,888 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012/02/08 21:10:57 | 000,646,255 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\Bild010 (1).jpg
[2012/02/07 21:11:18 | 000,000,858 | ---- | M] () -- C:\Windows\SysWow64\runrefog.lnk
[2012/02/06 22:02:53 | 000,018,400 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\Unbenannt 2.odt
[2012/02/05 12:14:50 | 000,078,144 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\Unbenannt.JPG
[2012/02/03 18:21:39 | 000,091,541 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\1290.jpg
[2012/02/02 20:49:13 | 003,870,904 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\battlelog-web-plugins-1.110.0-retail-prod.exe
[2012/01/28 12:16:55 | 000,090,254 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\anti acta.jpg
[2012/01/28 12:13:55 | 001,038,701 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\logostoppacta.pdf
[2012/01/27 12:09:00 | 004,868,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/01/25 22:05:16 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTHEOHULOK-HP$.job
[2012/01/19 18:57:57 | 000,029,136 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\Ohne Titel.veg
[2012/01/18 21:47:11 | 003,844,545 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\CityRoutineByPapafiotmusicInFlStudio_5481.mp3
[2012/01/17 19:00:28 | 219,499,888 | ---- | M] (Sony Creative Software Inc.) -- C:\Users\Theo Hulok\Desktop\vegaspro11.0.511_64bit.exe
 
========== Files Created - No Company Name ==========
 
[2012/02/14 22:01:19 | 000,057,177 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\5555.JPG
[2012/02/14 21:30:11 | 002,042,462 | ---- | C] () -- C:\tdsskiller.zip
[2012/02/14 19:00:42 | 002,340,875 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\IMG_5131.JPG
[2012/02/14 18:53:38 | 000,001,027 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/14 18:53:38 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/13 23:21:13 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/02/12 13:49:43 | 000,758,236 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\michi.jpg
[2012/02/11 19:44:28 | 000,003,372 | ---- | C] () -- C:\Users\Theo Hulok\.recently-used.xbel
[2012/02/09 22:35:58 | 000,234,990 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\175604_100905299989245_100002093251996_6070_6316198_o.jpg
[2012/02/08 21:10:39 | 000,646,255 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\Bild010 (1).jpg
[2012/02/07 21:11:18 | 000,000,858 | ---- | C] () -- C:\Windows\SysWow64\runrefog.lnk
[2012/02/06 21:30:40 | 007,134,943 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\Film.wmv
[2012/02/06 19:13:49 | 000,018,400 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\Unbenannt 2.odt
[2012/02/05 12:14:49 | 000,078,144 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\Unbenannt.JPG
[2012/02/03 18:21:39 | 000,091,541 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\1290.jpg
[2012/02/02 20:47:51 | 003,870,904 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\battlelog-web-plugins-1.110.0-retail-prod.exe
[2012/01/28 12:16:55 | 000,090,254 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\anti acta.jpg
[2012/01/28 12:13:54 | 001,038,701 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\logostoppacta.pdf
[2012/01/26 19:44:22 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS5.5.lnk
[2012/01/26 19:43:33 | 000,001,045 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
[2012/01/26 19:43:23 | 000,001,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS5.5.lnk
[2012/01/26 19:42:52 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2012/01/26 19:42:43 | 000,001,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit 2.6.lnk
[2012/01/26 19:41:58 | 000,001,239 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
[2012/01/26 19:41:54 | 000,001,517 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2012/01/26 16:35:30 | 000,001,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/01/19 18:57:57 | 000,029,136 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\Ohne Titel.veg
[2012/01/18 21:45:11 | 003,844,545 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\CityRoutineByPapafiotmusicInFlStudio_5481.mp3
[2011/12/05 22:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/12/05 22:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/11/17 19:49:40 | 000,000,054 | ---- | C] () -- C:\Users\Theo Hulok\AppData\Roaming\updater.cfg
[2011/11/10 03:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011/11/10 03:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/09/30 18:45:19 | 000,001,854 | ---- | C] () -- C:\Users\Theo Hulok\AppData\Roaming\GhostObjGAFix.xml
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/25 15:30:56 | 004,131,328 | ---- | C] () -- C:\Windows\SysWow64\LS3Renderer.dll
[2011/09/21 07:01:46 | 004,070,912 | ---- | C] () -- C:\Windows\SysWow64\PhotoLooksRenderer.dll
[2011/09/12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/08 12:18:32 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/08/30 19:29:46 | 000,282,864 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/08/30 19:29:44 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/08/30 19:29:44 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/08/07 11:09:44 | 000,000,025 | ---- | C] () -- C:\Windows\CDE D78DEFGIPS.ini
[2011/08/01 13:47:44 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/07/28 19:38:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/04/24 12:36:54 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011/04/24 12:26:14 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/04/24 12:21:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/21 18:30:44 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2005/09/30 01:00:00 | 000,043,873 | R--- | C] () -- C:\Windows\SysWow64\EPSUI64W_000.dat

< End of report >
         

Die Datei war aber schon die ganze Zeit da :/

Alt 14.02.2012, 21:26   #15
Chris4You
 
"Windows aus Sicherheitsgründen blockiert"! - Standard

"Windows aus Sicherheitsgründen blockiert"!



Hi,

OTL zeigt nur die richtige EXE an...Sie müsste im Run-Block stehen, tut sie aber nicht...

Prüf das bitte mal mit autoruns nach...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Antwort

Themen zu "Windows aus Sicherheitsgründen blockiert"!
abgebrochen, angezeigt, autostart, avast, beim starten, blockiert, datei, desktop, eigener, fiese, firefox, heute, infizierte, infizierte datei, keylogger, lesezeichen, malwarebytes, namen, natürlich, neustart, nichts, prüfung, starten, strg, system, windows, öffnen



Ähnliche Themen: "Windows aus Sicherheitsgründen blockiert"!


  1. Winlock-Trojaner "Aus Sicherheitsgründen muss Windows blockiert werden"
    Log-Analyse und Auswertung - 23.05.2012 (1)
  2. Virus - "Windows aus Sicherheitsgründen blockiert, bezahlen und runterladen"
    Log-Analyse und Auswertung - 27.03.2012 (16)
  3. "windows wurde aus sicherheitsgründen blockiert" Trojaner - HILFE!
    Log-Analyse und Auswertung - 12.03.2012 (1)
  4. Windows aus "Sicherheitsgründen" blockiert-ich Thor habe den 50€ Virus
    Log-Analyse und Auswertung - 04.03.2012 (5)
  5. "Windows wurde aus Sicherheitsgründen blockiert" - Ukash-Trojaner?
    Log-Analyse und Auswertung - 29.02.2012 (5)
  6. Windows 7: "bezahlen und runterladen"-virus _ aus sicherheitsgründen wird...blockiert.etc
    Plagegeister aller Art und deren Bekämpfung - 16.02.2012 (1)
  7. "Achtung! Aus Sicherheitsgründen wurde Windows System blockiert"
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (8)
  8. "Achtung! Aus Sicherheitsgründen wurde Windows System blockiert"
    Log-Analyse und Auswertung - 14.02.2012 (1)
  9. Problem bei der Meldung "Aus sicherheitsgründen wurde ihr windows system blockiert!"
    Log-Analyse und Auswertung - 14.02.2012 (17)
  10. "Achtung - Aus Sicherheitsgründen wurde Windows blockiert" OTL LOG bereits vorhanden
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (17)
  11. Windows 7 blockiert! Achtung! "Aus Sicherheitsgründen wurde ihr windowssystem blockiert"
    Log-Analyse und Auswertung - 17.01.2012 (8)
  12. "Ihr Windows-System wurde aus Sicherheitsgründen blockiert"-Trojaner
    Log-Analyse und Auswertung - 07.01.2012 (10)
  13. Verspätetes "Xmas-geschenk": 50€-Virus mit Text "System wird aus sicherheitsgründen blockiert"
    Log-Analyse und Auswertung - 02.01.2012 (5)
  14. "Windows wird aus Sicherheitsgründen blockiert"Virus blockiert System
    Log-Analyse und Auswertung - 22.12.2011 (4)
  15. "Achtung aus Sicherheitsgründen wurde ihr Windows System blockiert..."
    Plagegeister aller Art und deren Bekämpfung - 05.12.2011 (10)
  16. "Aus Sicherheitsgründen wurde ihr Windows System blockiert..." - HILFE
    Plagegeister aller Art und deren Bekämpfung - 04.12.2011 (1)
  17. habe auch "Roter Bildschirm: "Ihr System wurde aus Sicherheitsgründen blockiert" "
    Plagegeister aller Art und deren Bekämpfung - 26.08.2011 (3)

Zum Thema "Windows aus Sicherheitsgründen blockiert"! - Hallo Commu. Habe seit heute auch diesen fiesen Virus. Jedoch ist er bei mir komisch. Vorerst, ich möchte nicht mein System Platt machen! Also, habe gestern ein Song gehört, und - "Windows aus Sicherheitsgründen blockiert"!...
Archiv
Du betrachtest: "Windows aus Sicherheitsgründen blockiert"! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.