Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   "Windows aus Sicherheitsgründen blockiert"! (https://www.trojaner-board.de/109910-windows-sicherheitsgruenden-blockiert.html)

Rejono 14.02.2012 16:50
"Windows aus Sicherheitsgründen blockiert"!
 
Hallo Commu.

Habe seit heute auch diesen fiesen Virus. Jedoch ist er bei mir komisch.

Vorerst, ich möchte nicht mein System Platt machen!

Also, habe gestern ein Song gehört, und habe die Lyrics angeschaut. Dan kam aufenmal dieser Virus ( 50 Euro Virus ). Natürlich habe ich ersteinmal den STRG+ALT+ENTF gedrückt und habe auf Neustart geklickt, dabei habe ich den Vorgang abgebrochen damit ich auf meinem Dektop zugreifen konnte. Danach habe ich die AVAST Neustart prüfung gestartet. Er hat unteranderem Firefox als Infizierte Datei angezeigt und auch meinen Keylogger, der aber kein Virus ist.

Was jedoch komisch ist, beim starten des Computers versucht sich eine Datei zu öffnen mit dem Namen "theo" ( mein eigener Name ) Habe den Autostart dann bei TuneUp ausgemacht und komischerweise war der Pfad auch bei Firefox.exe. Firefox habe ich vorerst deinstalliert ( ohne Lesezeichen ). Und die Datei ist irgendwie immernoch da.

Also, ich kann auf meinen Desktop und alles, aber iwas ist da noch da und Malwarebytes und Avast finden nichts mehr!

Grüße:dankeschoen:

Rejono 14.02.2012 17:51
// Edit

Bleibt der Virus auch aktiv wenn ich mit Google Chrome surfe?..

Chris4You 14.02.2012 17:54
Hi,

wenn Du beim Pfad vom Firefox aufgepasst hast, wirst Du feststellen der liegt nicht im "Programmbereich", sondern im Datenbereich... das ist die getarnte Exe...

Und ja, er bleibt auch aktiv wenn der richtige Firefox deinstalliert/gelöscht wird (wird über Run-Key gestartet)... aber eigentlich sollte er ja von Avast erwischt worden sein...

Daher bitte:
OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread

chris

Rejono 14.02.2012 18:12
So habe ich gemacht ;)

Chris4You 14.02.2012 19:11
Hi,

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"
http://oldtimer.geekstogo.com/OTL/OTL_Main_Tutorial.gif
Code:
:OTL
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

:Commands
[emptytemp]
[Reboot]
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
http://filepony.de/download-chameleon/
Danach bitte update der Signaturdateien (Reiter "Aktualisierungen" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

chris

Rejono 14.02.2012 20:31
Hey,

Habe beides gemacht. Leider habe ich jetzt keine LOG dateien, also es besteht kein %systemroot%\_OLT odner!..

Und der Bericht von Malwarebytes, naja er hat nichts gefunden!

Chris4You 14.02.2012 20:42
Hi,

das OLT-Log findest Du unter C:\_OTL...
Bist Du dir sicher, das Du einen Fullscan hast machen lassen...
Poste trotzdem das Log von MAM...

chris

Rejono 14.02.2012 20:52
Die datei kann ich hochladen.

Bei der anderen steht hier im fenster ungültiger Dateityp..also hier

Code:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Mcx1-THEOHULOK-HP
->Temp folder emptied: 516 bytes
->Temporary Internet Files folder emptied: 192721 bytes
->Flash cache emptied: 41620 bytes
 
User: Public
 
User: Theo Hulok
->Temp folder emptied: 1416749 bytes
->Temporary Internet Files folder emptied: 31693376 bytes
->Java cache emptied: 55826813 bytes
->FireFox cache emptied: 57703719 bytes
->Flash cache emptied: 86973 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1618992 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 195942 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes
RecycleBin emptied: 17309811898 bytes
 
Total Files Cleaned = 16,650.00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 02142012_193109

Files\Folders moved on Reboot...
C:\Users\Theo Hulok\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Der Keylogger ist nicht meiner, der war mal auf einem USB stick und den hatte ich alles nur rübergezogen!

Chris4You 14.02.2012 21:26
Hi,

kein Keylogger sondern ein Keygen...

Noch den TDSS-Killer dann ist Schluß...
TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Nach dem Start erscheint ein Fenster, dort dann "Start Scan".
Wenn der Scan fertig ist bitte "Report" anwählen. Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

chris

Rejono 14.02.2012 21:35
Code:
21:33:14.0320 4440        TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
21:33:14.0565 4440        ============================================================
21:33:14.0565 4440        Current date / time: 2012/02/14 21:33:14.0565
21:33:14.0565 4440        SystemInfo:
21:33:14.0565 4440       
21:33:14.0565 4440        OS Version: 6.1.7601 ServicePack: 1.0
21:33:14.0565 4440        Product type: Workstation
21:33:14.0565 4440        ComputerName: THEOHULOK-HP
21:33:14.0565 4440        UserName: Theo Hulok
21:33:14.0565 4440        Windows directory: C:\Windows
21:33:14.0565 4440        System windows directory: C:\Windows
21:33:14.0565 4440        Running under WOW64
21:33:14.0565 4440        Processor architecture: Intel x64
21:33:14.0565 4440        Number of processors: 8
21:33:14.0565 4440        Page size: 0x1000
21:33:14.0565 4440        Boot type: Normal boot
21:33:14.0565 4440        ============================================================
21:33:14.0867 4440        Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:33:14.0871 4440        Drive \Device\Harddisk1\DR1 - Size: 0xF1000000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:33:14.0886 4440        \Device\Harddisk0\DR0:
21:33:14.0886 4440        MBR used
21:33:14.0886 4440        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:33:14.0886 4440        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72B5E800
21:33:14.0886 4440        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72B91000, BlocksNum 0x1B75000
21:33:14.0886 4440        \Device\Harddisk1\DR1:
21:33:14.0887 4440        MBR used
21:33:14.0888 4440        \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x7DC1, BlocksNum 0x77DE6A
21:33:14.0958 4440        Initialize success
21:33:14.0958 4440        ============================================================
21:33:18.0853 3412        ============================================================
21:33:18.0853 3412        Scan started
21:33:18.0853 3412        Mode: Manual;
21:33:18.0853 3412        ============================================================
21:33:19.0350 3412        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:33:19.0353 3412        1394ohci - ok
21:33:19.0396 3412        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:33:19.0399 3412        ACPI - ok
21:33:19.0432 3412        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:33:19.0433 3412        AcpiPmi - ok
21:33:19.0484 3412        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:33:19.0489 3412        adp94xx - ok
21:33:19.0525 3412        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:33:19.0529 3412        adpahci - ok
21:33:19.0572 3412        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:33:19.0574 3412        adpu320 - ok
21:33:19.0638 3412        AFD            (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:33:19.0642 3412        AFD - ok
21:33:19.0682 3412        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:33:19.0685 3412        agp440 - ok
21:33:19.0720 3412        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:33:19.0720 3412        aliide - ok
21:33:19.0753 3412        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:33:19.0754 3412        amdide - ok
21:33:19.0798 3412        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:33:19.0800 3412        AmdK8 - ok
21:33:19.0955 3412        amdkmdag        (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
21:33:20.0045 3412        amdkmdag - ok
21:33:20.0063 3412        amdkmdap        (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
21:33:20.0064 3412        amdkmdap - ok
21:33:20.0124 3412        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:33:20.0125 3412        AmdPPM - ok
21:33:20.0165 3412        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:33:20.0166 3412        amdsata - ok
21:33:20.0198 3412        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:33:20.0200 3412        amdsbs - ok
21:33:20.0229 3412        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:33:20.0229 3412        amdxata - ok
21:33:20.0276 3412        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:33:20.0277 3412        AppID - ok
21:33:20.0303 3412        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:33:20.0305 3412        arc - ok
21:33:20.0332 3412        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:33:20.0333 3412        arcsas - ok
21:33:20.0413 3412        aswFsBlk        (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
21:33:20.0414 3412        aswFsBlk - ok
21:33:20.0474 3412        aswFW          (78c8f46f4bd5f9dcfe2af5dfea33f334) C:\Windows\system32\drivers\aswFW.sys
21:33:20.0475 3412        aswFW - ok
21:33:20.0507 3412        aswMonFlt      (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
21:33:20.0508 3412        aswMonFlt - ok
21:33:20.0531 3412        aswNdis        (518b8d447a1975ab46da093a2e743256) C:\Windows\system32\DRIVERS\aswNdis.sys
21:33:20.0532 3412        aswNdis - ok
21:33:20.0572 3412        aswNdis2        (a985fa77a3262bc119e6e520cda645b0) C:\Windows\system32\drivers\aswNdis2.sys
21:33:20.0574 3412        aswNdis2 - ok
21:33:20.0611 3412        aswRdr          (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
21:33:20.0612 3412        aswRdr - ok
21:33:20.0677 3412        aswSnx          (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
21:33:20.0679 3412        aswSnx - ok
21:33:20.0713 3412        aswSP          (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
21:33:20.0714 3412        aswSP - ok
21:33:20.0732 3412        aswTdi          (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
21:33:20.0733 3412        aswTdi - ok
21:33:20.0767 3412        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:33:20.0768 3412        AsyncMac - ok
21:33:20.0819 3412        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:33:20.0820 3412        atapi - ok
21:33:20.0858 3412        AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys
21:33:20.0859 3412        AtiHDAudioService - ok
21:33:20.0956 3412        atksgt          (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
21:33:20.0958 3412        atksgt - ok
21:33:21.0022 3412        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:33:21.0026 3412        b06bdrv - ok
21:33:21.0064 3412        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:33:21.0067 3412        b57nd60a - ok
21:33:21.0093 3412        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:33:21.0094 3412        Beep - ok
21:33:21.0151 3412        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:33:21.0152 3412        blbdrive - ok
21:33:21.0201 3412        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:33:21.0202 3412        bowser - ok
21:33:21.0214 3412        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:33:21.0214 3412        BrFiltLo - ok
21:33:21.0230 3412        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:33:21.0230 3412        BrFiltUp - ok
21:33:21.0258 3412        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:33:21.0261 3412        Brserid - ok
21:33:21.0281 3412        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:33:21.0282 3412        BrSerWdm - ok
21:33:21.0293 3412        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:33:21.0294 3412        BrUsbMdm - ok
21:33:21.0301 3412        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:33:21.0302 3412        BrUsbSer - ok
21:33:21.0319 3412        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:33:21.0320 3412        BTHMODEM - ok
21:33:21.0346 3412        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:33:21.0347 3412        cdfs - ok
21:33:21.0397 3412        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:33:21.0399 3412        cdrom - ok
21:33:21.0437 3412        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:33:21.0438 3412        circlass - ok
21:33:21.0465 3412        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:33:21.0469 3412        CLFS - ok
21:33:21.0517 3412        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:33:21.0518 3412        CmBatt - ok
21:33:21.0537 3412        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:33:21.0538 3412        cmdide - ok
21:33:21.0569 3412        CNG            (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:33:21.0573 3412        CNG - ok
21:33:21.0609 3412        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:33:21.0609 3412        Compbatt - ok
21:33:21.0637 3412        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:33:21.0638 3412        CompositeBus - ok
21:33:21.0676 3412        CpqDfw          (a398ed024f739e7be74ecffa8a713a89) C:\Windows\system32\drivers\CpqDfw.sys
21:33:21.0677 3412        CpqDfw - ok
21:33:21.0695 3412        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:33:21.0696 3412        crcdisk - ok
21:33:21.0738 3412        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:33:21.0739 3412        DfsC - ok
21:33:21.0759 3412        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:33:21.0760 3412        discache - ok
21:33:21.0788 3412        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:33:21.0788 3412        Disk - ok
21:33:21.0807 3412        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:33:21.0807 3412        drmkaud - ok
21:33:21.0836 3412        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:33:21.0840 3412        DXGKrnl - ok
21:33:21.0902 3412        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:33:21.0929 3412        ebdrv - ok
21:33:21.0970 3412        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:33:21.0975 3412        elxstor - ok
21:33:22.0017 3412        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:33:22.0018 3412        ErrDev - ok
21:33:22.0065 3412        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:33:22.0067 3412        exfat - ok
21:33:22.0111 3412        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:33:22.0113 3412        fastfat - ok
21:33:22.0137 3412        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:33:22.0138 3412        fdc - ok
21:33:22.0159 3412        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:33:22.0160 3412        FileInfo - ok
21:33:22.0176 3412        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:33:22.0177 3412        Filetrace - ok
21:33:22.0191 3412        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:33:22.0191 3412        flpydisk - ok
21:33:22.0216 3412        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:33:22.0218 3412        FltMgr - ok
21:33:22.0276 3412        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:33:22.0277 3412        FsDepends - ok
21:33:22.0301 3412        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:33:22.0301 3412        Fs_Rec - ok
21:33:22.0314 3412        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:33:22.0316 3412        fvevol - ok
21:33:22.0333 3412        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:33:22.0334 3412        gagp30kx - ok
21:33:22.0367 3412        hamachi        (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
21:33:22.0368 3412        hamachi - ok
21:33:22.0426 3412        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:33:22.0427 3412        hcw85cir - ok
21:33:22.0460 3412        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:33:22.0463 3412        HdAudAddService - ok
21:33:22.0512 3412        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:33:22.0514 3412        HDAudBus - ok
21:33:22.0554 3412        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:33:22.0555 3412        HidBatt - ok
21:33:22.0579 3412        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:33:22.0580 3412        HidBth - ok
21:33:22.0600 3412        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:33:22.0601 3412        HidIr - ok
21:33:22.0621 3412        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:33:22.0622 3412        HidUsb - ok
21:33:22.0688 3412        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:33:22.0689 3412        HpSAMD - ok
21:33:22.0718 3412        HTCAND64        (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:33:22.0719 3412        HTCAND64 - ok
21:33:22.0771 3412        htcnprot        (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
21:33:22.0773 3412        htcnprot - ok
21:33:22.0802 3412        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:33:22.0809 3412        HTTP - ok
21:33:22.0835 3412        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:33:22.0836 3412        hwpolicy - ok
21:33:22.0865 3412        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:33:22.0866 3412        i8042prt - ok
21:33:22.0899 3412        iaStor          (8180a2392e732e8871589b54fab6991f) C:\Windows\system32\DRIVERS\iaStor.sys
21:33:22.0901 3412        iaStor - ok
21:33:22.0958 3412        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:33:22.0962 3412        iaStorV - ok
21:33:22.0998 3412        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:33:22.0999 3412        iirsp - ok
21:33:23.0052 3412        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:33:23.0053 3412        intelide - ok
21:33:23.0087 3412        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:33:23.0087 3412        intelppm - ok
21:33:23.0144 3412        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:33:23.0148 3412        IpFilterDriver - ok
21:33:23.0191 3412        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:33:23.0192 3412        IPMIDRV - ok
21:33:23.0224 3412        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:33:23.0225 3412        IPNAT - ok
21:33:23.0257 3412        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:33:23.0258 3412        IRENUM - ok
21:33:23.0288 3412        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:33:23.0289 3412        isapnp - ok
21:33:23.0317 3412        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:33:23.0320 3412        iScsiPrt - ok
21:33:23.0376 3412        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:33:23.0376 3412        kbdclass - ok
21:33:23.0397 3412        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:33:23.0398 3412        kbdhid - ok
21:33:23.0431 3412        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:33:23.0432 3412        KSecDD - ok
21:33:23.0456 3412        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:33:23.0458 3412        KSecPkg - ok
21:33:23.0487 3412        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:33:23.0488 3412        ksthunk - ok
21:33:23.0575 3412        lirsgt          (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
21:33:23.0576 3412        lirsgt - ok
21:33:23.0624 3412        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:33:23.0625 3412        lltdio - ok
21:33:23.0671 3412        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:33:23.0672 3412        LSI_FC - ok
21:33:23.0707 3412        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:33:23.0709 3412        LSI_SAS - ok
21:33:23.0738 3412        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:33:23.0739 3412        LSI_SAS2 - ok
21:33:23.0768 3412        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:33:23.0769 3412        LSI_SCSI - ok
21:33:23.0790 3412        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:33:23.0792 3412        luafv - ok
21:33:23.0865 3412        MBAMProtector  (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
21:33:23.0866 3412        MBAMProtector - ok
21:33:23.0909 3412        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:33:23.0910 3412        megasas - ok
21:33:23.0941 3412        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:33:23.0944 3412        MegaSR - ok
21:33:23.0971 3412        MEIx64          (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
21:33:23.0971 3412        MEIx64 - ok
21:33:23.0993 3412        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:33:23.0994 3412        Modem - ok
21:33:24.0012 3412        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:33:24.0013 3412        monitor - ok
21:33:24.0043 3412        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:33:24.0043 3412        mouclass - ok
21:33:24.0056 3412        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:33:24.0057 3412        mouhid - ok
21:33:24.0091 3412        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:33:24.0092 3412        mountmgr - ok
21:33:24.0112 3412        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:33:24.0114 3412        mpio - ok
21:33:24.0146 3412        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:33:24.0147 3412        mpsdrv - ok
21:33:24.0177 3412        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:33:24.0178 3412        MRxDAV - ok
21:33:24.0200 3412        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:33:24.0202 3412        mrxsmb - ok
21:33:24.0221 3412        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:33:24.0224 3412        mrxsmb10 - ok
21:33:24.0232 3412        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:33:24.0233 3412        mrxsmb20 - ok
21:33:24.0255 3412        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:33:24.0256 3412        msahci - ok
21:33:24.0280 3412        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:33:24.0282 3412        msdsm - ok
21:33:24.0304 3412        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:33:24.0304 3412        Msfs - ok
21:33:24.0337 3412        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:33:24.0338 3412        mshidkmdf - ok
21:33:24.0373 3412        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:33:24.0373 3412        msisadrv - ok
21:33:24.0401 3412        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:33:24.0402 3412        MSKSSRV - ok
21:33:24.0414 3412        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:33:24.0415 3412        MSPCLOCK - ok
21:33:24.0424 3412        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:33:24.0425 3412        MSPQM - ok
21:33:24.0454 3412        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:33:24.0458 3412        MsRPC - ok
21:33:24.0475 3412        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:33:24.0476 3412        mssmbios - ok
21:33:24.0491 3412        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:33:24.0492 3412        MSTEE - ok
21:33:24.0503 3412        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:33:24.0503 3412        MTConfig - ok
21:33:24.0521 3412        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:33:24.0521 3412        Mup - ok
21:33:24.0560 3412        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:33:24.0563 3412        NativeWifiP - ok
21:33:24.0635 3412        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:33:24.0643 3412        NDIS - ok
21:33:24.0662 3412        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:33:24.0663 3412        NdisCap - ok
21:33:24.0688 3412        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:33:24.0689 3412        NdisTapi - ok
21:33:24.0715 3412        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:33:24.0716 3412        Ndisuio - ok
21:33:24.0731 3412        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:33:24.0733 3412        NdisWan - ok
21:33:24.0757 3412        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:33:24.0758 3412        NDProxy - ok
21:33:24.0790 3412        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:33:24.0791 3412        NetBIOS - ok
21:33:24.0807 3412        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:33:24.0809 3412        NetBT - ok
21:33:24.0872 3412        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:33:24.0873 3412        nfrd960 - ok
21:33:24.0882 3412        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:33:24.0883 3412        Npfs - ok
21:33:24.0891 3412        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:33:24.0892 3412        nsiproxy - ok
21:33:24.0930 3412        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:33:24.0956 3412        Ntfs - ok
21:33:24.0985 3412        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:33:24.0986 3412        Null - ok
21:33:25.0015 3412        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:33:25.0017 3412        nvraid - ok
21:33:25.0033 3412        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:33:25.0035 3412        nvstor - ok
21:33:25.0088 3412        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:33:25.0090 3412        nv_agp - ok
21:33:25.0108 3412        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:33:25.0110 3412        ohci1394 - ok
21:33:25.0139 3412        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:33:25.0141 3412        Parport - ok
21:33:25.0167 3412        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:33:25.0169 3412        partmgr - ok
21:33:25.0205 3412        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:33:25.0207 3412        pci - ok
21:33:25.0225 3412        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:33:25.0226 3412        pciide - ok
21:33:25.0245 3412        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:33:25.0248 3412        pcmcia - ok
21:33:25.0269 3412        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:33:25.0270 3412        pcw - ok
21:33:25.0305 3412        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:33:25.0311 3412        PEAUTH - ok
21:33:25.0375 3412        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:33:25.0376 3412        PptpMiniport - ok
21:33:25.0406 3412        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:33:25.0407 3412        Processor - ok
21:33:25.0449 3412        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:33:25.0451 3412        Psched - ok
21:33:25.0492 3412        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:33:25.0505 3412        ql2300 - ok
21:33:25.0527 3412        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:33:25.0529 3412        ql40xx - ok
21:33:25.0553 3412        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:33:25.0554 3412        QWAVEdrv - ok
21:33:25.0597 3412        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:33:25.0598 3412        RasAcd - ok
21:33:25.0629 3412        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:33:25.0630 3412        RasAgileVpn - ok
21:33:25.0649 3412        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:33:25.0651 3412        Rasl2tp - ok
21:33:25.0660 3412        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:33:25.0661 3412        RasPppoe - ok
21:33:25.0669 3412        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:33:25.0670 3412        RasSstp - ok
21:33:25.0687 3412        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:33:25.0690 3412        rdbss - ok
21:33:25.0709 3412        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:33:25.0709 3412        rdpbus - ok
21:33:25.0737 3412        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:33:25.0738 3412        RDPCDD - ok
21:33:25.0747 3412        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:33:25.0747 3412        RDPENCDD - ok
21:33:25.0756 3412        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:33:25.0756 3412        RDPREFMP - ok
21:33:25.0774 3412        RDPWD          (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:33:25.0776 3412        RDPWD - ok
21:33:25.0805 3412        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:33:25.0808 3412        rdyboost - ok
21:33:25.0895 3412        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:33:25.0896 3412        rspndr - ok
21:33:25.0915 3412        RTCore64        (2e887e52e45bba3c47ccd0e75fc5266f) C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
21:33:25.0915 3412        RTCore64 - ok
21:33:25.0952 3412        RTL8167        (b15c021c2c9bb217a799d9532e8f04d4) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:33:25.0954 3412        RTL8167 - ok
21:33:25.0987 3412        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:33:25.0989 3412        sbp2port - ok
21:33:26.0029 3412        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:33:26.0030 3412        scfilter - ok
21:33:26.0051 3412        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:33:26.0051 3412        secdrv - ok
21:33:26.0111 3412        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:33:26.0112 3412        Serenum - ok
21:33:26.0155 3412        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:33:26.0156 3412        Serial - ok
21:33:26.0176 3412        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:33:26.0177 3412        sermouse - ok
21:33:26.0194 3412        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:33:26.0195 3412        sffdisk - ok
21:33:26.0205 3412        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:33:26.0206 3412        sffp_mmc - ok
21:33:26.0234 3412        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:33:26.0235 3412        sffp_sd - ok
21:33:26.0250 3412        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:33:26.0251 3412        sfloppy - ok
21:33:26.0266 3412        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:33:26.0267 3412        SiSRaid2 - ok
21:33:26.0284 3412        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:33:26.0285 3412        SiSRaid4 - ok
21:33:26.0318 3412        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:33:26.0319 3412        Smb - ok
21:33:26.0352 3412        speedfan - ok
21:33:26.0397 3412        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:33:26.0397 3412        spldr - ok
21:33:26.0418 3412        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:33:26.0422 3412        srv - ok
21:33:26.0433 3412        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:33:26.0437 3412        srv2 - ok
21:33:26.0445 3412        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:33:26.0447 3412        srvnet - ok
21:33:26.0464 3412        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:33:26.0465 3412        stexstor - ok
21:33:26.0500 3412        STHDA          (84311d693857d5ae2e397b43c91f7b41) C:\Windows\system32\DRIVERS\stwrt64.sys
21:33:26.0505 3412        STHDA - ok
21:33:26.0576 3412        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:33:26.0576 3412        swenum - ok
21:33:26.0665 3412        Tcpip          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:33:26.0690 3412        Tcpip - ok
21:33:26.0740 3412        TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:33:26.0747 3412        TCPIP6 - ok
21:33:26.0769 3412        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:33:26.0770 3412        tcpipreg - ok
21:33:26.0796 3412        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:33:26.0797 3412        TDPIPE - ok
21:33:26.0816 3412        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:33:26.0817 3412        TDTCP - ok
21:33:26.0847 3412        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:33:26.0849 3412        tdx - ok
21:33:26.0947 3412        TelekomNM6      (4283d7125ba4bd0cb50bb0f78b54257a) C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
21:33:26.0947 3412        TelekomNM6 - ok
21:33:26.0991 3412        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:33:26.0992 3412        TermDD - ok
21:33:27.0031 3412        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:33:27.0032 3412        tssecsrv - ok
21:33:27.0059 3412        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:33:27.0060 3412        TsUsbFlt - ok
21:33:27.0148 3412        TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
21:33:27.0149 3412        TuneUpUtilitiesDrv - ok
21:33:27.0176 3412        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:33:27.0177 3412        tunnel - ok
21:33:27.0211 3412        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:33:27.0212 3412        uagp35 - ok
21:33:27.0274 3412        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:33:27.0277 3412        udfs - ok
21:33:27.0323 3412        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:33:27.0324 3412        uliagpkx - ok
21:33:27.0354 3412        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:33:27.0355 3412        umbus - ok
21:33:27.0380 3412        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:33:27.0381 3412        UmPass - ok
21:33:27.0411 3412        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:33:27.0413 3412        usbccgp - ok
21:33:27.0455 3412        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:33:27.0457 3412        usbcir - ok
21:33:27.0488 3412        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:33:27.0489 3412        usbehci - ok
21:33:27.0506 3412        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:33:27.0509 3412        usbhub - ok
21:33:27.0566 3412        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:33:27.0567 3412        usbohci - ok
21:33:27.0604 3412        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:33:27.0605 3412        usbprint - ok
21:33:27.0631 3412        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:33:27.0633 3412        USBSTOR - ok
21:33:27.0657 3412        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:33:27.0658 3412        usbuhci - ok
21:33:27.0694 3412        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:33:27.0695 3412        vdrvroot - ok
21:33:27.0720 3412        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:33:27.0721 3412        vga - ok
21:33:27.0743 3412        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:33:27.0744 3412        VgaSave - ok
21:33:27.0776 3412        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:33:27.0779 3412        vhdmp - ok
21:33:27.0845 3412        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:33:27.0846 3412        viaide - ok
21:33:27.0862 3412        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:33:27.0863 3412        volmgr - ok
21:33:27.0898 3412        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:33:27.0906 3412        volmgrx - ok
21:33:27.0928 3412        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:33:27.0930 3412        volsnap - ok
21:33:27.0957 3412        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:33:27.0959 3412        vsmraid - ok
21:33:27.0982 3412        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
21:33:27.0983 3412        vwifibus - ok
21:33:28.0007 3412        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:33:28.0008 3412        WacomPen - ok
21:33:28.0024 3412        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:33:28.0025 3412        WANARP - ok
21:33:28.0028 3412        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:33:28.0028 3412        Wanarpv6 - ok
21:33:28.0044 3412        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:33:28.0045 3412        Wd - ok
21:33:28.0076 3412        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:33:28.0082 3412        Wdf01000 - ok
21:33:28.0095 3412        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:33:28.0096 3412        WfpLwf - ok
21:33:28.0112 3412        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:33:28.0113 3412        WIMMount - ok
21:33:28.0134 3412        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:33:28.0135 3412        WmiAcpi - ok
21:33:28.0176 3412        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:33:28.0177 3412        ws2ifsl - ok
21:33:28.0203 3412        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:33:28.0205 3412        WudfPf - ok
21:33:28.0235 3412        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:33:28.0237 3412        WUDFRd - ok
21:33:28.0278 3412        xusb21          (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
21:33:28.0279 3412        xusb21 - ok
21:33:28.0300 3412        MBR (0x1B8)    (bc669f027047c32c69b6fbb2d8465732) \Device\Harddisk0\DR0
21:33:28.0519 3412        \Device\Harddisk0\DR0 - ok
21:33:28.0521 3412        MBR (0x1B8)    (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
21:33:28.0524 3412        \Device\Harddisk1\DR1 - ok
21:33:28.0525 3412        Boot (0x1200)  (8af0f085c791597c223787bbce53f63d) \Device\Harddisk0\DR0\Partition0
21:33:28.0526 3412        \Device\Harddisk0\DR0\Partition0 - ok
21:33:28.0531 3412        Boot (0x1200)  (921fceb1585ec59705ed48d12ed79b7c) \Device\Harddisk0\DR0\Partition1
21:33:28.0532 3412        \Device\Harddisk0\DR0\Partition1 - ok
21:33:28.0564 3412        Boot (0x1200)  (30af39d2297bb131742fc24f11bb3300) \Device\Harddisk0\DR0\Partition2
21:33:28.0565 3412        \Device\Harddisk0\DR0\Partition2 - ok
21:33:28.0567 3412        Boot (0x1200)  (26a1bf9f1cd32419ce13dd95dc36ac3e) \Device\Harddisk1\DR1\Partition0
21:33:28.0567 3412        \Device\Harddisk1\DR1\Partition0 - ok
21:33:28.0567 3412        ============================================================
21:33:28.0567 3412        Scan finished
21:33:28.0567 3412        ============================================================
21:33:28.0572 5380        Detected object count: 0
21:33:28.0572 5380        Actual detected object count: 0

So, bitte.

Wollte halt noch sagen das die Datei, "theo" immernoch bei TuneUp angezeigt wird.

Grüße

Chris4You 14.02.2012 21:59
Hi,

was genau zeigt Dir tuneup an?

chris

Rejono 14.02.2012 22:02
Liste der Anhänge anzeigen (Anzahl: 1)
Hab dir mal nen Screenshot gemacht! ;)

Und danke für alles!

Chris4You 14.02.2012 22:05
Hi,

schlecht, das ist wieder der "falsche" Firefox...

Poste nochmal ein neues OTL-Log...

chris

Rejono 14.02.2012 22:13
Code:
OTL logfile created on: 2/14/2012 10:09:47 PM - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Theo Hulok\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5.98 Gb Total Physical Memory | 3.81 Gb Available Physical Memory | 63.75% Memory free
11.96 Gb Paging File | 9.40 Gb Available in Paging File | 78.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.68 Gb Total Space | 630.92 Gb Free Space | 68.75% Space Free | Partition Type: NTFS
Drive D: | 13.73 Gb Total Space | 1.69 Gb Free Space | 12.33% Space Free | Partition Type: NTFS
Drive J: | 3.74 Gb Total Space | 3.73 Gb Free Space | 99.59% Space Free | Partition Type: FAT32
 
Computer Name: THEOHULOK-HP | User Name: Theo Hulok | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/02/14 18:01:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Theo Hulok\Desktop\OTL.exe
PRC - [2012/02/08 21:31:09 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/02/07 13:18:30 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/01/17 20:18:44 | 000,232,616 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/02 21:05:49 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/12/30 11:27:34 | 000,074,752 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2011/11/28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/10/17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/10/17 15:12:48 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/08/02 10:21:01 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\steam\Steam.exe
PRC - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/01/17 17:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 17:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/10/05 15:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 15:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/09/28 16:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010/04/23 20:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2009/05/09 00:39:48 | 002,068,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
PRC - [2009/05/09 00:11:00 | 002,068,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
PRC - [2009/02/28 03:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
PRC - [2008/11/20 18:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/02/14 16:27:14 | 014,415,144 | ---- | M] () -- C:\steam\bin\libcef.dll
MOD - [2012/02/14 16:27:12 | 000,914,216 | ---- | M] () -- C:\steam\bin\avcodec-52.dll
MOD - [2012/02/14 16:27:12 | 000,857,896 | ---- | M] () -- C:\steam\bin\chromehtml.dll
MOD - [2012/02/14 16:27:12 | 000,155,432 | ---- | M] () -- C:\steam\bin\avformat-52.dll
MOD - [2012/02/14 16:27:12 | 000,091,432 | ---- | M] () -- C:\steam\bin\avutil-50.dll
MOD - [2012/02/08 21:31:09 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/01/12 16:06:31 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll
MOD - [2011/12/26 13:19:50 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\f14466471a19a329eccf40839aa72cc4\IAStorUtil.ni.dll
MOD - [2011/12/26 13:19:50 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\056e417666352c7a702530d8a2770e30\IAStorCommon.ni.dll
MOD - [2011/11/11 19:04:41 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/10/14 11:41:13 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/10/14 11:41:09 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/10/14 11:41:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/14 11:40:59 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/10/14 11:40:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/10/14 11:40:56 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/14 11:40:52 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/08/02 22:14:19 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/08/02 22:14:19 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
MOD - [2011/04/24 13:05:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/11/13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/02/28 03:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
MOD - [2009/02/20 01:22:50 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/12/14 12:23:22 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011/12/06 04:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/11/28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/03/24 15:48:52 | 002,404,864 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe -- (Netzmanager Service)
SRV:64bit: - [2010/09/27 21:10:00 | 000,270,336 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV)
SRV:64bit: - [2010/08/06 03:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/01 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/02/07 13:18:30 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/02 21:05:49 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/12/30 11:27:34 | 000,074,752 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2011/12/14 12:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/12/14 12:23:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/10/17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011/06/21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/05 15:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/10/05 15:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/09/28 16:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010/06/01 23:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/12/24 21:24:40 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/12/24 21:24:40 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/12/06 04:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/12/06 03:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/11/28 18:54:44 | 000,140,120 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2011/11/28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/11/28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/11/28 18:53:28 | 000,258,392 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2011/11/28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/11/28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/11/28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/11/28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/10/17 18:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/10/17 14:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/09/06 21:10:01 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/27 21:10:00 | 000,517,120 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/09/21 03:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/09/16 16:02:59 | 000,045,664 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys -- (TelekomNM6)
DRV:64bit: - [2010/09/03 07:59:26 | 000,349,800 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/06/25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010/03/01 23:59:50 | 000,024,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cpqdfw.sys -- (CpqDfw)
DRV:64bit: - [2009/11/01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2011/11/08 12:47:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2011/03/18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2010/05/27 01:43:00 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/04 15:19:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/14 18:53:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/07/28 21:00:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Theo Hulok\AppData\Roaming\mozilla\Extensions
[2012/02/08 18:52:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Theo Hulok\AppData\Roaming\mozilla\Firefox\Profiles\xrewpnjf.default\extensions
[2012/02/07 21:00:03 | 000,000,000 | ---D | M] (Spam Free Search Bar) -- C:\Users\Theo Hulok\AppData\Roaming\mozilla\Firefox\Profiles\xrewpnjf.default\extensions\{00f12770-e60e-4dc6-9105-425bface7c73}
[2012/02/08 18:52:42 | 000,000,000 | ---D | M] (Better Battlelog (BBLog)) -- C:\Users\Theo Hulok\AppData\Roaming\mozilla\Firefox\Profiles\xrewpnjf.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack
[2012/02/14 18:53:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/08 21:31:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/08 18:36:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/02/08 18:21:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/08 18:36:16 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/02/08 18:36:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/02/08 18:36:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/02/08 18:36:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Updater For Spam Free Search Bar) - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll (Visicom Media)
O2 - BHO: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Steam] C:\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Theo Hulok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A009DB9D-AD45-4A89-A873-CD05A71ED2A9}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\MPK\mpk.exe) -  File not found
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/02/14 21:31:39 | 000,000,000 | ---D | C] -- C:\tdsskiller
[2012/02/14 19:31:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/14 18:53:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/02/14 18:52:59 | 015,640,448 | ---- | C] (Mozilla) -- C:\Users\Theo Hulok\Desktop\Firefox_Setup_10.0.1.exe
[2012/02/14 18:03:23 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Theo Hulok\Desktop\OTL.exe
[2012/02/13 23:21:17 | 000,000,000 | ---D | C] -- C:\Users\Theo Hulok\AppData\Roaming\Malwarebytes
[2012/02/13 23:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/13 23:21:12 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/02/13 23:21:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/02/13 23:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/13 23:19:17 | 009,502,424 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Theo Hulok\Desktop\mbam-setup-1.60.1.1000.exe
[2012/02/09 16:04:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/02/09 16:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/02/07 21:00:08 | 000,000,000 | ---D | C] -- C:\Users\Theo Hulok\AppData\Local\blekkotb
[2012/02/07 21:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Anti-phishing Domain Advisor
[2012/02/07 21:00:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\blekkotb
[2012/02/06 17:04:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/02/06 17:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/02/06 17:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/02/06 17:02:41 | 000,000,000 | ---D | C] -- C:\AMD
[2012/02/03 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ace of Spades
[2012/02/03 16:14:21 | 000,000,000 | ---D | C] -- C:\Ace of Spades
[2012/01/31 16:27:33 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/31 16:27:33 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/01/31 16:27:33 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/01/31 16:27:33 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/01/31 16:27:33 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/01/31 16:27:33 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/01/30 19:12:43 | 000,000,000 | ---D | C] -- C:\Users\Theo Hulok\Desktop\Minecraft Server
[2012/01/26 20:23:05 | 000,000,000 | ---D | C] -- C:\Users\Theo Hulok\Documents\GUILD WARS
[2012/01/26 20:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GUILD WARS
[2012/01/26 20:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GUILD WARS
[2012/01/26 19:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/01/26 19:43:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Bridge CS5.1
[2012/01/26 19:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Encoder CS5.5
[2012/01/26 19:42:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Device Central CS5.5
[2012/01/26 19:42:37 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/01/26 19:42:16 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe After Effects CS5.5
[2012/01/26 19:41:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/01/26 19:41:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Extension Manager CS5.5
[2012/01/26 19:40:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/01/26 16:35:31 | 000,000,000 | ---D | C] -- C:\Users\Theo Hulok\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/01/26 16:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2012/01/19 18:58:08 | 000,000,000 | ---D | C] -- C:\Users\Theo Hulok\AppData\Roaming\Sony Creative Software Inc
[2012/01/17 20:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012/01/17 20:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2012/01/17 20:27:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2012/01/17 18:31:37 | 219,499,888 | ---- | C] (Sony Creative Software Inc.) -- C:\Users\Theo Hulok\Desktop\vegaspro11.0.511_64bit.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012/02/14 22:01:19 | 000,057,177 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\5555.JPG
[2012/02/14 21:30:13 | 002,042,462 | ---- | M] () -- C:\tdsskiller.zip
[2012/02/14 20:33:39 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/14 20:33:39 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/14 20:24:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/14 20:24:50 | 523,132,927 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/14 19:00:56 | 002,340,875 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\IMG_5131.JPG
[2012/02/14 18:53:38 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/14 18:06:09 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/14 18:06:09 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/02/14 18:06:09 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/14 18:06:09 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/02/14 18:06:09 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/14 18:01:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Theo Hulok\Desktop\OTL.exe
[2012/02/14 16:32:58 | 015,640,448 | ---- | M] (Mozilla) -- C:\Users\Theo Hulok\Desktop\Firefox_Setup_10.0.1.exe
[2012/02/13 23:21:13 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/13 23:20:28 | 009,502,424 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Theo Hulok\Desktop\mbam-setup-1.60.1.1000.exe
[2012/02/12 13:49:43 | 000,758,236 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\michi.jpg
[2012/02/11 19:44:28 | 000,003,372 | ---- | M] () -- C:\Users\Theo Hulok\.recently-used.xbel
[2012/02/11 14:02:09 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/02/11 14:02:09 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/02/11 14:01:41 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/02/10 16:33:56 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTheo Hulok.job
[2012/02/09 22:36:00 | 000,234,990 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\175604_100905299989245_100002093251996_6070_6316198_o.jpg
[2012/02/09 16:04:45 | 000,000,888 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012/02/08 21:10:57 | 000,646,255 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\Bild010 (1).jpg
[2012/02/07 21:11:18 | 000,000,858 | ---- | M] () -- C:\Windows\SysWow64\runrefog.lnk
[2012/02/06 22:02:53 | 000,018,400 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\Unbenannt 2.odt
[2012/02/05 12:14:50 | 000,078,144 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\Unbenannt.JPG
[2012/02/03 18:21:39 | 000,091,541 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\1290.jpg
[2012/02/02 20:49:13 | 003,870,904 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\battlelog-web-plugins-1.110.0-retail-prod.exe
[2012/01/28 12:16:55 | 000,090,254 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\anti acta.jpg
[2012/01/28 12:13:55 | 001,038,701 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\logostoppacta.pdf
[2012/01/27 12:09:00 | 004,868,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/01/25 22:05:16 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTHEOHULOK-HP$.job
[2012/01/19 18:57:57 | 000,029,136 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\Ohne Titel.veg
[2012/01/18 21:47:11 | 003,844,545 | ---- | M] () -- C:\Users\Theo Hulok\Desktop\CityRoutineByPapafiotmusicInFlStudio_5481.mp3
[2012/01/17 19:00:28 | 219,499,888 | ---- | M] (Sony Creative Software Inc.) -- C:\Users\Theo Hulok\Desktop\vegaspro11.0.511_64bit.exe
 
========== Files Created - No Company Name ==========
 
[2012/02/14 22:01:19 | 000,057,177 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\5555.JPG
[2012/02/14 21:30:11 | 002,042,462 | ---- | C] () -- C:\tdsskiller.zip
[2012/02/14 19:00:42 | 002,340,875 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\IMG_5131.JPG
[2012/02/14 18:53:38 | 000,001,027 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/14 18:53:38 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/13 23:21:13 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/12 13:49:43 | 000,758,236 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\michi.jpg
[2012/02/11 19:44:28 | 000,003,372 | ---- | C] () -- C:\Users\Theo Hulok\.recently-used.xbel
[2012/02/09 22:35:58 | 000,234,990 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\175604_100905299989245_100002093251996_6070_6316198_o.jpg
[2012/02/08 21:10:39 | 000,646,255 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\Bild010 (1).jpg
[2012/02/07 21:11:18 | 000,000,858 | ---- | C] () -- C:\Windows\SysWow64\runrefog.lnk
[2012/02/06 21:30:40 | 007,134,943 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\Film.wmv
[2012/02/06 19:13:49 | 000,018,400 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\Unbenannt 2.odt
[2012/02/05 12:14:49 | 000,078,144 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\Unbenannt.JPG
[2012/02/03 18:21:39 | 000,091,541 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\1290.jpg
[2012/02/02 20:47:51 | 003,870,904 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\battlelog-web-plugins-1.110.0-retail-prod.exe
[2012/01/28 12:16:55 | 000,090,254 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\anti acta.jpg
[2012/01/28 12:13:54 | 001,038,701 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\logostoppacta.pdf
[2012/01/26 19:44:22 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS5.5.lnk
[2012/01/26 19:43:33 | 000,001,045 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
[2012/01/26 19:43:23 | 000,001,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS5.5.lnk
[2012/01/26 19:42:52 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2012/01/26 19:42:43 | 000,001,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit 2.6.lnk
[2012/01/26 19:41:58 | 000,001,239 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
[2012/01/26 19:41:54 | 000,001,517 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2012/01/26 16:35:30 | 000,001,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/01/19 18:57:57 | 000,029,136 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\Ohne Titel.veg
[2012/01/18 21:45:11 | 003,844,545 | ---- | C] () -- C:\Users\Theo Hulok\Desktop\CityRoutineByPapafiotmusicInFlStudio_5481.mp3
[2011/12/05 22:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/12/05 22:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/11/17 19:49:40 | 000,000,054 | ---- | C] () -- C:\Users\Theo Hulok\AppData\Roaming\updater.cfg
[2011/11/10 03:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011/11/10 03:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/09/30 18:45:19 | 000,001,854 | ---- | C] () -- C:\Users\Theo Hulok\AppData\Roaming\GhostObjGAFix.xml
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/25 15:30:56 | 004,131,328 | ---- | C] () -- C:\Windows\SysWow64\LS3Renderer.dll
[2011/09/21 07:01:46 | 004,070,912 | ---- | C] () -- C:\Windows\SysWow64\PhotoLooksRenderer.dll
[2011/09/12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/08 12:18:32 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/08/30 19:29:46 | 000,282,864 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/08/30 19:29:44 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/08/30 19:29:44 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/08/07 11:09:44 | 000,000,025 | ---- | C] () -- C:\Windows\CDE D78DEFGIPS.ini
[2011/08/01 13:47:44 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/07/28 19:38:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/04/24 12:36:54 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011/04/24 12:26:14 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/04/24 12:21:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/21 18:30:44 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2005/09/30 01:00:00 | 000,043,873 | R--- | C] () -- C:\Windows\SysWow64\EPSUI64W_000.dat

< End of report >

Die Datei war aber schon die ganze Zeit da :/

Chris4You 14.02.2012 22:26
Hi,

OTL zeigt nur die richtige EXE an...Sie müsste im Run-Block stehen, tut sie aber nicht...

Prüf das bitte mal mit autoruns nach...

chris


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:28 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131