Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Aus Sicherheitsgründen wurde Ihr Windows System blockiert.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 13.08.2011, 07:48   #1
Djokovic
 
Aus Sicherheitsgründen wurde Ihr Windows System blockiert. - Standard

Aus Sicherheitsgründen wurde Ihr Windows System blockiert.



Hallo Ihr Lieben,

seit heute morgen springt nach dem Login meines Benutzerkontos ein rotes Fenster auf mit der Warnung:

Achtung aus Sicherheitsgründen wurde ihr Windows System blockiert
Durch das Besuchen von seiten mit infizierten und pornografischen Inhalten
ist das Computersystem an eine kritische Grenze angekommen
nach der das System zusammenbrechen und die ganzen Daten verloren gehen könnten.
Um das System wieder herstellen zu können, müssen sie ein zusätzliches Sicherheitsupdate herunterladen.
dieses Update ist ein kostenpflichtiges Upgrade für besonders infizierte Sindows Systeme.
Es schützt das System vollständig von Viren und Schadprogrammen, stabilisiert ihr Computer System und verhindert den datenverlust.

Ich werde dazu auch aufgefordet 25€ per uKash oder PayCashCard zu zahlen.
Nach einiger recherche auf Google wurde den meisten Leuten mit dem tool OTLPE erfolgreich geholfen.

Ich habe mir die Software bei Oldtimer runtergeladen, auf eine CD gebrannt und den besagten check ausgeführt.
Leider verstehe ich als Computer-Laie nicht viiel davon, hier einmal der Log.






OTL logfile created on: 8/13/2011 8:36:15 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Professional (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.86 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive D: | 297.99 Gb Total Space | 28.78 Gb Free Space | 9.66% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 13:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/01/21 08:03:00 | 000,016,896 | ---- | M] (Agere Systems) [Auto] -- D:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2011/08/13 00:15:20 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand] -- D:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/07/06 13:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/03/31 10:08:14 | 000,080,896 | ---- | M] () [Auto] -- D:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011/03/14 10:26:58 | 000,075,064 | ---- | M] () [Auto] -- D:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/02/28 13:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand] -- D:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 05:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/09/06 13:56:38 | 000,247,096 | ---- | M] () [Auto] -- D:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- D:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/02/15 07:08:56 | 000,675,840 | ---- | M] (RapidSolution Software AG) [Auto] -- D:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe -- (ScrambyServer)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/06 13:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/03/12 11:26:19 | 000,310,728 | ---- | M] () [Kernel | Auto] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/03/12 11:20:37 | 000,042,696 | ---- | M] () [Kernel | Auto] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/03/10 12:07:34 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System] -- D:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010/09/22 19:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/07 16:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/07/01 08:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010/06/25 10:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand] -- D:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2009/11/01 13:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/04/07 23:04:00 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009/01/21 08:03:00 | 001,253,376 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- D:\Windows\System32\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2007/08/08 02:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- D:\Windows\System32\drivers\scramby_out.sys -- (scramby_out)
DRV:64bit: - [2007/03/28 02:50:18 | 000,046,592 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV:64bit: - [2007/02/13 11:41:26 | 000,029,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- D:\Windows\System32\drivers\scramby.sys -- (scramby)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\Mirsad_ON_D\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.facemoods.com/?a=ddr [binary data]
IE - HKU\Mirsad_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Mirsad_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Mirsad_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1A 24 C6 80 9C 1B CC 01 [binary data]
IE - HKU\Mirsad_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Mirsad-Administrator_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: D:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.6: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/01/19 19:39:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/01/19 19:39:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/27 13:19:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/21 20:06:12 | 000,000,000 | ---D | M]

[2011/07/18 10:23:40 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions
[2011/07/13 13:04:40 | 000,000,000 | ---D | M] (Skype extension) -- D:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/01/26 17:45:47 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/09 14:02:26 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/12 13:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/12/03 14:14:08 | 000,001,392 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/12/03 14:14:08 | 000,002,344 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/12/13 08:36:54 | 000,002,035 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2010/12/03 14:14:08 | 000,006,805 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/12/03 14:14:08 | 000,001,178 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/12/03 14:14:08 | 000,001,105 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

Hosts file not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - D:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - D:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - D:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - D:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - D:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3:64bit: - HKU\Mirsad_ON_D\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\Mirsad_ON_D\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [amd_dc_opt] D:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Mirsad_ON_D..\Run: [{3D4040EF-1FD9-11E0-BF3C-806E6F6E6963}] D:\Users\Mirsad\AppData\Roaming\Identities\{3D4040EF-1FD9-11E0-BF3C-806E6F6E6963}\svghost.exe ()
O4 - HKU\Mirsad_ON_D..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\Mirsad_ON_D..\Run: [PlayNC Launcher] File not found
O4 - HKU\Mirsad_ON_D..\Run: [Steam] D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/13 01:00:08 | 000,000,000 | ---D | C] -- D:\Users\Mirsad-Administrator\AppData\Roaming\Malwarebytes
[2011/08/13 00:59:57 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/08/13 00:59:57 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/13 00:59:56 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes
[2011/08/13 00:59:53 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys
[2011/08/13 00:59:53 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/08/13 00:28:05 | 001,162,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\kernel32.dll
[2011/08/13 00:28:05 | 000,422,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KernelBase.dll
[2011/08/13 00:28:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wow64win.dll
[2011/08/13 00:28:05 | 000,338,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\conhost.exe
[2011/08/13 00:28:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wow64.dll
[2011/08/13 00:28:05 | 000,214,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winsrv.dll
[2011/08/13 00:28:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\setup16.exe
[2011/08/13 00:28:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntvdm64.dll
[2011/08/13 00:28:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntvdm64.dll
[2011/08/13 00:28:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wow64cpu.dll
[2011/08/13 00:28:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\instnm.exe
[2011/08/13 00:28:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wow32.dll
[2011/08/13 00:28:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/13 00:28:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/13 00:28:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011/08/13 00:28:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011/08/13 00:28:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011/08/13 00:28:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011/08/13 00:28:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011/08/13 00:28:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011/08/13 00:28:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\user.exe
[2011/08/13 00:26:37 | 000,599,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2011/08/13 00:26:36 | 000,703,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2011/08/13 00:26:36 | 000,185,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2011/08/13 00:26:36 | 000,134,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2011/08/13 00:26:36 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2011/08/13 00:26:35 | 000,386,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2011/08/13 00:26:35 | 000,256,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2011/08/13 00:26:35 | 000,247,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2011/08/13 00:26:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2011/08/13 00:26:35 | 000,132,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2011/08/13 00:26:35 | 000,097,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2011/08/13 00:26:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2011/08/13 00:26:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2011/08/13 00:26:35 | 000,012,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2011/08/13 00:26:34 | 000,482,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2011/08/13 00:26:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2011/08/13 00:25:41 | 005,507,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntoskrnl.exe
[2011/08/13 00:25:39 | 003,957,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntkrnlpa.exe
[2011/08/13 00:25:37 | 003,902,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntoskrnl.exe
[2011/08/13 00:25:23 | 000,252,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\drvinst.exe
[2011/08/13 00:25:23 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\devrtl.dll
[2011/08/13 00:24:51 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{BDEFB042-C055-4378-B339-BB01451DC7B9}
[2011/08/13 00:23:50 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1.dll
[2011/08/13 00:23:50 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1.dll
[2011/08/13 00:22:47 | 000,861,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\oleaut32.dll
[2011/08/13 00:18:58 | 000,000,000 | ---D | C] -- D:\Users\Mirsad-Administrator\AppData\Roaming\Macromedia
[2011/08/13 00:18:58 | 000,000,000 | ---D | C] -- D:\Users\Mirsad-Administrator\AppData\Roaming\Adobe
[2011/08/13 00:15:28 | 000,000,000 | ---D | C] -- D:\Users\Mirsad-Administrator\AppData\Roaming\Mozilla
[2011/08/13 00:15:28 | 000,000,000 | ---D | C] -- D:\Users\Mirsad-Administrator\AppData\Local\Mozilla
[2011/08/13 00:14:29 | 000,000,000 | R--D | C] -- D:\Users\Mirsad-Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/08/13 00:14:29 | 000,000,000 | R--D | C] -- D:\Users\Mirsad-Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/08/13 00:14:13 | 000,000,000 | ---D | C] -- D:\Users\Mirsad-Administrator\AppData\Roaming\Identities
[2011/08/13 00:14:07 | 000,000,000 | ---D | C] -- D:\Users\Mirsad-Administrator\AppData\Local\VirtualStore
[2011/08/13 00:11:22 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Steam
[2011/08/13 00:11:11 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/08/13 00:11:10 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Steam
[2011/08/12 12:02:16 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{6E4797D6-475A-4F60-912E-8E7C19658BB2}
[2011/08/12 12:02:02 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{9A34F085-51CD-4679-943B-BC276E8FE6CD}
[2011/08/11 20:45:21 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{17448116-6AAD-443E-A07D-19D9282EE21D}
[2011/08/11 20:45:08 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{94E49476-780A-47D7-B035-A4B7573F4E01}
[2011/08/11 15:40:34 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{92884F94-5842-4540-9403-17FA6758CD88}
[2011/08/11 15:40:02 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{30D4C220-45B2-4ED6-9BE8-0B944A00A4DC}
[2011/08/11 14:52:17 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{74508C17-9E5B-4A6C-8834-D763B8381512}
[2011/08/11 14:51:47 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{F17ED2F6-6237-4B37-B8B6-A1F64778D03A}
[2011/08/11 13:44:12 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\Desktop\desktop ss
[2011/08/11 00:22:43 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{66B9AAE3-95C1-402F-9577-0FFECE37AF2E}
[2011/08/11 00:22:22 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{E2A38199-FD50-473A-A6A4-8061AFAC8711}
[2011/08/10 12:49:57 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{CEA30B61-89C7-4BE4-BB7A-FBEBCA6513F8}
[2011/08/10 12:49:22 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{509A9224-A2FE-4912-9846-A3900469788C}
[2011/08/10 09:02:52 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{F2CA6AF2-2FDD-40D9-8BCB-3E936195B610}
[2011/08/10 09:02:40 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{FF89D920-1009-4016-89A2-DA43EFF7DEF3}
[2011/08/09 21:56:14 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{99FE7492-DDDC-4A24-AACC-D8908ACE7FA6}
[2011/08/09 21:55:37 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{96B3541A-F0ED-4F8A-9935-AF453FB9B3AA}
[2011/08/09 12:46:00 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{1C18DA5F-4F24-40A0-958C-0C0E8C32260D}
[2011/08/09 12:45:37 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{5C926168-C3CB-42C9-B82F-F2FDCBAB2BAA}
[2011/08/08 12:22:55 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{DCDE4266-C6FB-46AB-A811-8E1F45313D6C}
[2011/08/08 12:22:42 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{6169D19A-9AAD-452E-8FD8-415E717B6A82}
[2011/08/08 11:37:59 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{E91B17DD-6178-4F28-96AC-2385ADE02B4D}
[2011/08/08 11:37:46 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{FEC3BA38-4B51-45F0-ABE5-C9F580D712D0}
[2011/08/07 23:00:08 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{80BAC580-08DC-4E38-A9AA-106ED5EA0F81}
[2011/08/07 22:59:54 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{748F313F-AB09-41EB-9AF4-7F0D45B25B48}
[2011/08/07 11:25:33 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{DE7E50A1-65F7-4934-95FE-04A9B8031649}
[2011/08/07 11:25:16 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{B0B0CF33-7A23-4775-8915-4011B73F5714}
[2011/08/06 12:30:43 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{4D3E8CD1-BC69-4CFF-A92C-1EBDC88BD857}
[2011/08/06 12:30:17 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{D3C19CCA-AF84-4FC3-B3A8-DAC74D1FEEB0}
[2011/08/06 01:29:15 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{C01133F0-408F-4210-A904-0E383CA3A857}
[2011/08/06 01:28:38 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{F6B42B02-0A28-4CB3-946E-3A4547FB0492}
[2011/08/05 21:40:37 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{BC92B578-7989-4D11-80D9-64427C7705AA}
[2011/08/05 21:40:24 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{E39B1A20-2026-4FEB-9368-3EB5E73CF013}
[2011/08/05 13:09:46 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{C4149D14-021C-424D-AE1F-EF9C15B43DB7}
[2011/08/05 13:09:34 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{07F2BC3C-59A0-42C6-8142-88E3478F97BD}
[2011/08/05 09:33:30 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{8FB41DDE-7B48-4B1B-8DA0-AB3FA1EF48FA}
[2011/08/05 09:33:06 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{7651CAC9-4FE7-4773-A96F-BF76D0490B59}
[2011/08/04 21:43:24 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{3D18EC78-1FA9-46AA-9495-935C88205593}
[2011/08/04 09:43:02 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{307717C7-578C-4953-8497-943F9BB67181}
[2011/08/03 21:42:14 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{4AFD956C-244E-42D3-9685-F798380999AE}
[2011/08/03 13:29:07 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garena
[2011/08/03 13:29:07 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
[2011/08/03 13:29:02 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Garena
[2011/08/03 09:42:01 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{91298587-50D5-4269-B979-2FBCB52E235B}
[2011/08/02 21:41:14 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{F91A7A09-F233-4B99-B361-EA02E70D6DA8}
[2011/08/02 15:31:13 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- D:\Windows\War3Unin.exe
[2011/08/02 15:31:13 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2011/08/02 15:31:13 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2011/08/02 15:26:05 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Warcraft III
[2011/08/02 09:40:56 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{4E1B0B6F-23ED-4767-AF97-37FD026AAE5D}
[2011/08/01 20:47:30 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{45DD17F7-BDE4-411D-9FB1-687D87169780}
[2011/08/01 08:47:07 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{1AF015F9-4CDD-48C1-A78D-270D530E0F84}
[2011/07/31 20:46:18 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{2E2CB23D-71C2-4613-95BF-208FF0C3BBAC}
[2011/07/31 08:45:40 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{7BBC8B77-A45A-482F-B850-CBAD9E9951E5}
[2011/07/30 20:45:05 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{0D8AA025-432F-4216-B7D8-5C71DCD6E837}
[2011/07/30 08:44:30 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{175D02EF-D852-40C6-834F-120B7432D238}
[2011/07/29 20:43:42 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{6F993ACA-1F16-465D-8BEA-1C9F949D4EAB}
[2011/07/29 13:45:46 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\Documents\Yu-Gi-Oh! ONLINE 3
[2011/07/29 13:09:46 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\konami
[2011/07/29 13:05:49 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Konami
[2011/07/29 08:43:20 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{71C4B30B-DB2F-4710-B3DB-E3D0FF6CD39F}
[2011/07/28 20:43:04 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{B3D99889-6007-4366-8D40-92D4A1DA7C87}
[2011/07/28 08:42:43 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{00DD02DB-D949-413B-B94E-CD9276DFB10A}
[2011/07/27 20:05:38 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{F1B2876F-6F9C-4136-92C1-D730494FFE36}
[2011/07/27 08:05:15 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{C1FA7266-A71F-4341-BD7F-C684368B8191}
[2011/07/26 20:04:27 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{E50AB3F6-5533-4D80-9950-B11C180D6AE8}
[2011/07/26 17:54:19 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\Desktop\test123456
[2011/07/26 08:04:15 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{305CF80D-D8EC-47E6-97C8-6E6F9B5F91D7}
[2011/07/25 17:18:09 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{6FE3EB9B-97C3-40DF-A04C-21DEDEF68C69}
[2011/07/25 05:17:46 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{DE57FA8B-3DCE-4B89-8DCF-B9AF4D24C694}
[2011/07/24 17:17:11 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{140698E2-0BD5-4301-A915-BCEF9AD30A36}
[2011/07/24 05:16:46 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{0AA35202-A077-4A8B-9B2F-5AD987B89303}
[2011/07/23 15:49:39 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{07CEC425-BD65-4BDF-B8F8-B388BF3B0650}
[2011/07/23 03:49:02 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{F2F5DCE1-08B4-4837-A62F-BD23B3A9E147}
[2011/07/22 15:48:38 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{D3AA1620-9BE9-490A-B5A2-59BCDEF67D85}
[2011/07/22 03:48:15 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{DC7BEF8D-6891-42AA-81E7-110AF4348103}
[2011/07/21 15:47:51 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{BEF1BA4D-E3BD-4B65-9755-6BA30114FB2E}
[2011/07/21 03:47:10 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{433DA26A-996C-4B16-98A5-DFEAF86AE224}
[2011/07/20 15:46:07 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{65D85CB5-AB46-42A4-8D3C-93BCD1EE6984}
[2011/07/20 15:32:36 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\Desktop\DATA
[2011/07/20 03:45:28 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{3A65D0E5-83F4-4782-8E55-FF3B7002B9EB}
[2011/07/19 15:44:39 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{0FAAEB45-FC98-44E7-B67A-D4AF027BA37F}
[2011/07/19 03:44:16 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{EB94F903-D648-46C1-AF03-003548D02D23}
[2011/07/18 11:46:49 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{318520E5-99E7-41B3-A24A-C11068417241}
[2011/07/17 23:46:08 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{E1878881-07C7-4D95-AF42-B9C1252DB61D}
[2011/07/17 11:45:19 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{D46F8AF8-AEE0-4936-9E6B-7BE8EE44FB12}
[2011/07/16 23:44:44 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{D241E1A6-87C5-4D69-8C37-8CA16F0CE87C}
[2011/07/16 11:44:10 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{60DA6946-5928-4500-9D59-40430B390509}
[2011/07/15 23:43:43 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{AE25125E-D138-4BFF-8649-FF760D7B381A}
[2011/07/15 01:48:08 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{177714B4-0CDF-48FC-8E1A-683283CA4701}
[2011/07/14 13:47:56 | 000,000,000 | ---D | C] -- D:\Users\Mirsad\AppData\Local\{82BE3DEC-267B-40C1-8A32-A5808F440168}
[1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/13 01:27:23 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2011/08/13 01:02:06 | 000,718,352 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2011/08/13 01:02:06 | 000,146,374 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2011/08/13 00:59:57 | 000,001,109 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/13 00:59:57 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/13 00:59:41 | 000,851,658 | ---- | M] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/13 00:19:00 | 000,001,437 | ---- | M] () -- D:\Users\Mirsad-Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/08/13 00:11:30 | 000,000,917 | ---- | M] () -- D:\Users\Public\Desktop\Steam.lnk
[2011/08/13 00:11:30 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/08/11 20:53:56 | 000,013,424 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/11 20:53:56 | 000,013,424 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/11 20:44:08 | 3193,643,008 | -HS- | M] () -- D:\hiberfil.sys
[2011/08/09 22:23:13 | 000,420,143 | ---- | M] () -- D:\Users\Mirsad\Desktop\boredshit.jpg
[2011/08/03 14:32:28 | 000,051,222 | ---- | M] () -- D:\Users\Mirsad\AppData\Roaming\room_v3.dat
[2011/08/03 13:29:07 | 000,000,979 | ---- | M] () -- D:\Users\Mirsad-Administrator\Desktop\Garena.lnk
[2011/08/03 13:29:07 | 000,000,979 | ---- | M] () -- D:\Users\Mirsad\Desktop\Garena.lnk
[2011/08/03 13:29:07 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
[2011/08/03 13:14:09 | 000,059,585 | ---- | M] () -- D:\Windows\War3Unin.dat
[2011/08/03 13:14:09 | 000,001,956 | ---- | M] () -- D:\Users\Mirsad-Administrator\Desktop\Frozen Throne.lnk
[2011/08/03 13:14:09 | 000,001,956 | ---- | M] () -- D:\Users\Mirsad\Desktop\Frozen Throne.lnk
[2011/08/03 13:14:05 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- D:\Windows\War3Unin.exe
[2011/08/03 13:14:05 | 000,002,829 | ---- | M] () -- D:\Windows\War3Unin.pif
[2011/08/03 13:14:05 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2011/07/30 08:39:09 | 000,034,660 | ---- | M] () -- D:\Users\Mirsad\Desktop\mirsad1.jpg
[2011/07/29 13:09:46 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\konami
[2011/07/16 01:26:54 | 000,362,496 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\wow64win.dll
[2011/07/16 01:26:53 | 000,243,200 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\wow64.dll
[2011/07/16 01:26:53 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\wow64cpu.dll
[2011/07/16 01:26:18 | 000,214,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\winsrv.dll
[2011/07/16 01:24:09 | 000,016,384 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ntvdm64.dll
[2011/07/16 01:21:32 | 001,162,240 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\kernel32.dll
[2011/07/16 01:21:32 | 000,422,400 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\KernelBase.dll
[2011/07/16 01:17:46 | 000,338,432 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\conhost.exe
[2011/07/16 01:04:54 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011/07/16 01:04:54 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011/07/16 00:36:09 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ntvdm64.dll
[2011/07/16 00:31:50 | 000,025,600 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\setup16.exe
[2011/07/16 00:30:29 | 000,005,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\wow32.dll
[2011/07/16 00:19:58 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011/07/16 00:19:58 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/16 00:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/16 00:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011/07/16 00:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011/07/16 00:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/16 00:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011/07/15 22:26:12 | 000,007,680 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\instnm.exe
[2011/07/15 22:26:11 | 000,002,048 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\user.exe
[2011/07/15 22:21:47 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011/07/15 22:21:47 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/15 22:21:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/15 22:21:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/13 00:59:57 | 000,001,109 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/13 00:19:00 | 000,001,437 | ---- | C] () -- D:\Users\Mirsad-Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/08/13 00:14:59 | 000,001,409 | ---- | C] () -- D:\Users\Mirsad-Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/08/13 00:14:33 | 000,001,443 | ---- | C] () -- D:\Users\Mirsad-Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/08/13 00:11:30 | 000,000,917 | ---- | C] () -- D:\Users\Public\Desktop\Steam.lnk
[2011/08/09 22:23:12 | 000,420,143 | ---- | C] () -- D:\Users\Mirsad\Desktop\boredshit.jpg
[2011/08/03 14:32:28 | 000,051,222 | ---- | C] () -- D:\Users\Mirsad\AppData\Roaming\room_v3.dat
[2011/08/03 13:29:07 | 000,000,979 | ---- | C] () -- D:\Users\Mirsad-Administrator\Desktop\Garena.lnk
[2011/08/03 13:29:07 | 000,000,979 | ---- | C] () -- D:\Users\Mirsad\Desktop\Garena.lnk
[2011/08/03 13:14:09 | 000,001,956 | ---- | C] () -- D:\Users\Mirsad-Administrator\Desktop\Frozen Throne.lnk
[2011/08/03 13:14:09 | 000,001,956 | ---- | C] () -- D:\Users\Mirsad\Desktop\Frozen Throne.lnk
[2011/08/02 15:31:14 | 000,059,585 | ---- | C] () -- D:\Windows\War3Unin.dat
[2011/08/02 15:31:13 | 000,002,829 | ---- | C] () -- D:\Windows\War3Unin.pif
[2011/07/30 08:39:09 | 000,034,660 | ---- | C] () -- D:\Users\Mirsad\Desktop\mirsad1.jpg
[2011/06/26 06:11:10 | 000,851,658 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/25 02:54:34 | 000,117,248 | ---- | C] () -- D:\Users\Mirsad\AppData\Local\ExJamDecompiler.exe
[2011/06/25 02:54:34 | 000,000,447 | ---- | C] () -- D:\Users\Mirsad\AppData\Local\Compiled3.lua
[2011/06/25 02:54:33 | 000,000,953 | ---- | C] () -- D:\Users\Mirsad\AppData\Local\Compiled3.bin
[2011/03/14 10:27:02 | 000,215,128 | ---- | C] () -- D:\Windows\SysWow64\PnkBstrB.exe
[2011/03/14 10:26:58 | 002,434,856 | ---- | C] () -- D:\Windows\SysWow64\pbsvc_bc2.exe
[2011/03/14 10:26:58 | 000,075,064 | ---- | C] () -- D:\Windows\SysWow64\PnkBstrA.exe
[2011/02/22 20:37:09 | 000,088,280 | -H-- | C] () -- D:\Windows\SysWow64\mlfcache.dat
[2011/01/18 13:59:53 | 000,000,262 | ---- | C] () -- D:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/01/14 10:29:18 | 000,106,496 | ---- | C] () -- D:\Windows\FixUVC.exe
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2011/03/10 12:06:01 | 000,000,000 | ---D | M] -- D:\ProgramData\DAEMON Tools Lite
[2011/03/10 12:04:09 | 000,000,000 | ---D | M] -- D:\ProgramData\DAEMON Tools Pro
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2011/03/11 18:44:13 | 000,000,000 | ---D | M] -- D:\ProgramData\EA Core
[2011/03/11 18:44:12 | 000,000,000 | ---D | M] -- D:\ProgramData\Electronic Arts
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2011/01/14 10:23:54 | 000,000,000 | ---D | M] -- D:\ProgramData\ICQ
[2011/05/02 13:24:25 | 000,000,000 | ---D | M] -- D:\ProgramData\Media Get LLC
[2011/08/01 11:25:22 | 000,000,000 | ---D | M] -- D:\ProgramData\PMB Files
[2011/06/26 07:11:20 | 000,000,000 | ---D | M] -- D:\ProgramData\PreEmptive Solutions
[2011/06/02 23:13:04 | 000,000,000 | ---D | M] -- D:\ProgramData\RapidSolution
[2011/06/03 02:29:46 | 000,000,000 | ---D | M] -- D:\ProgramData\Screaming Bee
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2011/06/30 17:35:30 | 000,032,612 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >

Alt 13.08.2011, 12:12   #2
Djokovic
 
Aus Sicherheitsgründen wurde Ihr Windows System blockiert. - Standard

Aus Sicherheitsgründen wurde Ihr Windows System blockiert.



Okay, hat sich erledigt, ich habe das Problem soweit auf eigene Faust gelöst.
Trotzdem danke.

SUPERAntiSpyware.com

- Download Portable Version
- Auf einen USB Stick ziehen
- In den abgesicherten Modus gehen
- Das Programm initialisieren und starten
- Kompletten Scan durchführen lassen (hat bei mir ca 45min. gedauert)

Das Programm hat die Malware gefunden, aus der registry den Eintrag gelöscht und die dazugehörigen files entsorgt.

Nach dem Neustart lief alles einwandfrei, zur Sicherheit habe ich noch Malwarebytes und andere Sicherheitstools laufen lassen, soweit nichts gefunden.

(habe sogar noch 2 andere trojaner auf meinem PC gefunden und entfernen können hehe )
Hoffe ich konnte euch jedenfalls ein wenig helfen.

Mit freundlichem Gruß



M. Djokovic
__________________


Antwort

Themen zu Aus Sicherheitsgründen wurde Ihr Windows System blockiert.
64-bit, aus sicherheitsgründen, autorun, bho, bingbar, blockiert, browser, defender, error, explorer, firefox, format, google, helper, infizierte, langs, logfile, mbamservice.exe, microsoft, nvidia, object, plug-in, reatogo, registry, scan, security, security scan, seiten, sicherheitsgründe, sicherheitsgründen, software, start menu, system, system blockiert, viren, warnung, webcheck, wieder herstellen, windows, windows system, windows system blockiert, wurde ihr




Ähnliche Themen: Aus Sicherheitsgründen wurde Ihr Windows System blockiert.


  1. Aus Sicherheitsgründen wurde ihr Windows System blockiert
    Log-Analyse und Auswertung - 15.04.2012 (32)
  2. Aus Sicherheitsgründen wurde ihr Windows System blockiert!
    Plagegeister aller Art und deren Bekämpfung - 10.02.2012 (36)
  3. Windows System wurde aus Sicherheitsgründen Blockiert!
    Plagegeister aller Art und deren Bekämpfung - 08.02.2012 (1)
  4. Aus Sicherheitsgründen wurde ihr windows-system blockiert
    Plagegeister aller Art und deren Bekämpfung - 06.02.2012 (12)
  5. Aus Sicherheitsgründen wurde ihr Windows System blockiert...
    Plagegeister aller Art und deren Bekämpfung - 30.01.2012 (5)
  6. Aus Sicherheitsgründen wurde ihr Windows System blockiert!
    Log-Analyse und Auswertung - 30.01.2012 (20)
  7. Ihr Windows System wurde aus Sicherheitsgründen blockiert!
    Plagegeister aller Art und deren Bekämpfung - 25.01.2012 (71)
  8. Aus Sicherheitsgründen wurde Ihr Windows-System blockiert
    Log-Analyse und Auswertung - 02.01.2012 (1)
  9. Aus Sicherheitsgründen wurde ihr Windows-System blockiert
    Log-Analyse und Auswertung - 02.01.2012 (3)
  10. Aus Sicherheitsgründen wurde ihr Windows-System blockiert
    Plagegeister aller Art und deren Bekämpfung - 02.01.2012 (13)
  11. Pc wird blockiert: Aus Sicherheitsgründen wurde ihr Windows System blockiert.....
    Log-Analyse und Auswertung - 29.12.2011 (19)
  12. Aus Sicherheitsgründen wurde ihr Windows-System blockiert
    Plagegeister aller Art und deren Bekämpfung - 21.12.2011 (5)
  13. Aus Sicherheitsgründen wurde ihr Windows-System blockiert...
    Plagegeister aller Art und deren Bekämpfung - 20.12.2011 (8)
  14. Aus Sicherheitsgründen wurde ihr Windows-System blockiert...
    Plagegeister aller Art und deren Bekämpfung - 20.12.2011 (14)
  15. aus sicherheitsgründen wurde ihr windows system blockiert
    Plagegeister aller Art und deren Bekämpfung - 19.12.2011 (8)
  16. Aus Sicherheitsgründen wurde Ihr Windows System blockiert
    Log-Analyse und Auswertung - 17.12.2011 (1)
  17. Pc wird blockiert: Aus Sicherheitsgründen wurde ihr Windows System blockiert.....
    Plagegeister aller Art und deren Bekämpfung - 12.12.2011 (7)

Zum Thema Aus Sicherheitsgründen wurde Ihr Windows System blockiert. - Hallo Ihr Lieben, seit heute morgen springt nach dem Login meines Benutzerkontos ein rotes Fenster auf mit der Warnung: Achtung aus Sicherheitsgründen wurde ihr Windows System blockiert Durch das Besuchen - Aus Sicherheitsgründen wurde Ihr Windows System blockiert....
Archiv
Du betrachtest: Aus Sicherheitsgründen wurde Ihr Windows System blockiert. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.