Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: PC gesperrt, weißer Bildschirm

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.06.2013, 09:02   #1
Nora_x
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



Hallo,

gestern beim surfen im Internet wurde mir angezeigt, dass mein PC gesperrt sei. Seitdem ist beim Hochfahren meines Laptops nur noch ein weißer Bildschirm zu sehen. Nach einigen recherchen bin ich nun davon überzeugt, mir einen Trojaner eingefangen zu haben und hoffe, ihr könnt mir helfen.

Viele Grüße und danke im voraus,
Nora_x

Alt 12.06.2013, 09:06   #2
t'john
/// Helfer-Team
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm





Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten:

Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.


Lade OTLpe Download OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
  • Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
  • Lege eine leere CD in Deinen Brenner.
  • ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
  • Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
  • Du kannst nun die Fenster des Brennprogramms schließen.
Nun boote von der OTLPE CD. Hinweis: Wie boote ich von CD


Bebilderte Anleitung: OTLpe-Scan
  • Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
  • Mache einen Doppelklick auf das OTLPE Icon.
  • Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!
  • Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
  • Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
  • Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
  • OTLpe sollte nun starten.
  • Drücke Run Scan, um den Scan zu starten.
  • Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
  • Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
  • Bitte poste den Inhalt von C:\OTL.txt und Extras.txt.
__________________

__________________

Alt 12.06.2013, 09:09   #3
Nora_x
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



Ich habe eine OTLP CD erstellt. Als ich meinen PC neu starten wollte mit eingelegter CD kann ich nun wie gewohnt alles sehen. Ist es möglich in diesem Zustand wichtige Daten (Textdateien) auf einen USB zu speichern oder infiziere ich damit nur alles?
__________________

Alt 12.06.2013, 09:22   #4
t'john
/// Helfer-Team
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



Wir koennen den PC entsperren und saubermachen.

Folge den Schritten. Danach kannst du alles "sicher" sichern falls du dennoch formatieren willst.
__________________
Mfg, t'john
Das TB unterstützen

Alt 12.06.2013, 09:34   #5
Nora_x
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



jetzt erscheint ein blue screen:

a problem has been detected and windows has been shut down to prevent damage.

[...]
run CHKDSK/ F to check for har drive corruption, and then restart your computer.

technical information:

***stop: 0x0000007B (0xF78DA528, 0xC0000034, 0x000000000, 0x000000000)


Und jetzt?


Ich habe windows 7.


Alt 12.06.2013, 09:40   #6
t'john
/// Helfer-Team
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



Bitte im BIOS unter den SATA-Einstellungen von AHCI auf IDE/ATA umstellen.
__________________
--> PC gesperrt, weißer Bildschirm

Alt 12.06.2013, 10:05   #7
Nora_x
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 6/12/2013 12:57:04 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.60 Mb Free Space | 75.60% Space Free | Partition Type: NTFS
Drive D: | 46.37 Gb Total Space | 6.66 Gb Free Space | 14.36% Space Free | Partition Type: NTFS
Drive E: | 418.21 Gb Total Space | 398.74 Gb Free Space | 95.34% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/12/14 13:04:56 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto] -- D:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/05/28 10:27:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/15 15:36:09 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/03 06:09:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/06/03 06:09:38 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/03/19 17:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand] -- D:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R)
SRV - [2010/12/13 18:59:28 | 000,703,856 | ---- | M] (Egis Technology Inc. ) [Auto] -- D:\Program Files (x86)\EgisTec BioExcess\EgisService.exe -- (EgisTec Service)
SRV - [2010/12/13 18:58:32 | 000,650,096 | ---- | M] (Egis Technology Inc. ) [Auto] -- D:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/11/18 07:09:24 | 000,330,696 | ---- | M] () [Auto] -- D:\Program Files (x86)\Verbindungsassistent\WTGService.exe -- (WTGService)
SRV - [2010/10/05 09:08:46 | 002,655,768 | R--- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/10/05 09:08:42 | 000,325,656 | R--- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/09/13 13:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/06/03 06:09:38 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/06/03 06:09:38 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/03/19 17:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/12/25 04:07:01 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011/12/25 04:07:01 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2011/12/23 15:36:25 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot] -- D:\Windows\System32\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2011/12/23 15:36:23 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2011/12/23 15:35:08 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- D:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011/12/23 15:35:08 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System] -- D:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011/12/23 15:35:08 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- D:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011/12/15 10:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2010/11/24 06:33:26 | 002,673,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/20 23:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/20 23:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/31 05:36:56 | 000,035,952 | ---- | M] (Egis Technology Inc.) [Kernel | Auto] -- D:\Windows\System32\drivers\FPSensor.sys -- (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys)
DRV:64bit: - [2010/10/21 06:05:22 | 000,228,224 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vm331avs.sys -- (vm331avs)
DRV:64bit: - [2010/10/14 12:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/09/20 21:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/08/16 05:28:50 | 000,008,320 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vmuvcflt.sys -- (vmuvcflt)
DRV:64bit: - [2010/08/03 06:43:14 | 000,290,920 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/05/30 23:46:50 | 000,333,928 | ---- | M] (Realtek                                            ) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/21 09:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand] -- D:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV - [2011/12/25 04:07:01 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\SysWOW64\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/12/25 04:07:01 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\SysWOW64\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\jule_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\jule_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\jule_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B1 24 D8 CF DD 52 CE 01  [binary data]
IE - HKU\jule_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
========== FireFox ==========
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: D:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: D:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}: C:\Program Files (x86)\EgisTec BioExcess\FFExt [2011/12/23 15:34:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/12/25 04:14:07 | 000,000,000 | ---D | M] (No name found) -- D:\Users\jule\AppData\Roaming\Mozilla\Extensions
[2012/12/11 13:02:13 | 000,000,000 | ---D | M] (No name found) -- D:\Users\jule\AppData\Roaming\Mozilla\Firefox\Profiles\or8qb57p.default\extensions
[2013/05/28 10:27:18 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/05/28 10:27:18 | 000,000,000 | ---D | M] (Default) -- D:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- 
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - D:\Program Files (x86)\EgisTec BioExcess\x64\EgisPBIE.dll (Egis Technology Inc.)
O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - D:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  File not found
O4:64bit: - HKLM..\Run: [Energy Management] D:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] D:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] D:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [331BigDog] D:\Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro)
O4 - HKLM..\Run: [avgnt] D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EgisTecPMMUpdate] D:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] D:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [UpdatePRCShortCut] D:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VitaKeyTSR] D:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe (Egis Technology Inc. )
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - Startup: D:\Users\jule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  File not found
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  File not found
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  File not found
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.2.0.10 10.2.0.130
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\jule_ON_D Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\jule_ON_D Winlogon: Shell - (C:\Users\jule\AppData\Roaming\skype.dat) - D:\Users\jule\AppData\Roaming\skype.dat ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{02a3bef3-a647-11e1-a2a0-e4d53dcdd4da}\Shell - "" = AutoRun
O33 - MountPoints2\{02a3bef3-a647-11e1-a2a0-e4d53dcdd4da}\Shell\AutoRun\command - "" = F:\CD_Start.exe
O33 - MountPoints2\{188fe40b-9b78-11e2-a26f-e4d53dcdd4da}\Shell - "" = AutoRun
O33 - MountPoints2\{188fe40b-9b78-11e2-a26f-e4d53dcdd4da}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{36b7e825-3ecf-11e1-bccb-f0def1aa984c}\Shell - "" = AutoRun
O33 - MountPoints2\{36b7e825-3ecf-11e1-bccb-f0def1aa984c}\Shell\AutoRun\command - "" = E:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{b2290972-2ece-11e1-a51c-f0def1aa984c}\Shell - "" = AutoRun
O33 - MountPoints2\{b2290972-2ece-11e1-a51c-f0def1aa984c}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{b2290983-2ece-11e1-a51c-f0def1aa984c}\Shell - "" = AutoRun
O33 - MountPoints2\{b2290983-2ece-11e1-a51c-f0def1aa984c}\Shell\AutoRun\command - "" = E:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\.\Autorun.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/06/10 16:34:41 | 000,526,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2013/06/10 16:34:41 | 000,391,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2013/06/10 16:34:41 | 000,051,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2013/06/10 16:34:40 | 000,603,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2013/06/10 16:34:40 | 000,493,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2013/06/10 16:34:40 | 000,136,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2013/06/10 16:34:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2013/06/10 16:34:40 | 000,089,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2013/06/10 16:34:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/06/10 16:34:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2013/06/10 16:34:40 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
[2013/06/10 16:34:40 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2013/06/10 16:34:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
[2013/06/10 16:34:38 | 000,855,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2013/06/10 16:34:38 | 000,690,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2013/06/10 16:34:37 | 003,958,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2013/06/10 16:34:37 | 002,877,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2013/06/10 12:40:36 | 000,000,000 | ---D | C] -- D:\Users\jule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/06/10 12:40:23 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2013/06/10 12:39:26 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft Games
[2013/05/29 02:17:47 | 001,441,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2013/05/29 02:17:47 | 001,400,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2013/05/29 02:17:47 | 001,400,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2013/05/29 02:17:47 | 001,054,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MsSpellCheckingFacility.exe
[2013/05/29 02:17:47 | 000,719,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmlmedia.dll
[2013/05/29 02:17:47 | 000,629,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2013/05/29 02:17:47 | 000,452,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2013/05/29 02:17:47 | 000,441,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2013/05/29 02:17:47 | 000,361,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2013/05/29 02:17:47 | 000,357,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2013/05/29 02:17:47 | 000,281,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2013/05/29 02:17:47 | 000,232,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2013/05/29 02:17:47 | 000,226,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2013/05/29 02:17:47 | 000,226,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\elshyph.dll
[2013/05/29 02:17:47 | 000,216,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2013/05/29 02:17:47 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2013/05/29 02:17:47 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\elshyph.dll
[2013/05/29 02:17:47 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2013/05/29 02:17:47 | 000,158,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2013/05/29 02:17:47 | 000,150,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
[2013/05/29 02:17:47 | 000,138,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
[2013/05/29 02:17:47 | 000,137,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2013/05/29 02:17:47 | 000,125,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
[2013/05/29 02:17:47 | 000,117,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2013/05/29 02:17:47 | 000,110,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2013/05/29 02:17:47 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
[2013/05/29 02:17:47 | 000,079,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2013/05/29 02:17:47 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/05/29 02:17:47 | 000,069,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
[2013/05/29 02:17:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2013/05/29 02:17:47 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
[2013/05/29 02:17:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2013/05/29 02:17:47 | 000,038,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
[2013/05/29 02:17:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2013/05/29 02:17:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2013/05/29 02:17:46 | 001,509,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2013/05/29 02:17:46 | 000,905,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmlmedia.dll
[2013/05/29 02:17:46 | 000,762,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2013/05/29 02:17:46 | 000,599,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2013/05/29 02:17:46 | 000,235,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2013/05/29 02:17:46 | 000,173,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2013/05/29 02:17:46 | 000,167,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2013/05/29 02:17:46 | 000,149,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
[2013/05/29 02:17:46 | 000,144,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2013/05/29 02:17:46 | 000,136,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2013/05/29 02:17:46 | 000,135,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2013/05/29 02:17:46 | 000,102,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2013/05/29 02:17:46 | 000,097,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2013/05/29 02:17:46 | 000,092,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2013/05/29 02:17:46 | 000,081,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
[2013/05/29 02:17:46 | 000,077,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
[2013/05/29 02:17:46 | 000,062,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2013/05/29 02:17:46 | 000,051,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2013/05/29 02:17:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2013/05/29 02:17:46 | 000,027,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2013/05/29 02:17:46 | 000,013,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
[2013/05/29 02:17:46 | 000,012,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2013/05/29 02:16:53 | 003,928,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d2d1.dll
[2013/05/29 02:16:53 | 003,419,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d2d1.dll
[2013/05/29 02:16:53 | 002,776,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msmpeg2vdec.dll
[2013/05/29 02:16:53 | 002,565,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10warp.dll
[2013/05/29 02:16:53 | 002,284,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msmpeg2vdec.dll
[2013/05/29 02:16:53 | 001,988,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10warp.dll
[2013/05/29 02:16:53 | 001,887,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d11.dll
[2013/05/29 02:16:53 | 001,682,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsPrint.dll
[2013/05/29 02:16:53 | 001,643,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2013/05/29 02:16:53 | 001,504,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d11.dll
[2013/05/29 02:16:53 | 001,424,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecs.dll
[2013/05/29 02:16:53 | 001,247,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
[2013/05/29 02:16:53 | 001,238,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10.dll
[2013/05/29 02:16:53 | 001,158,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsPrint.dll
[2013/05/29 02:16:53 | 001,080,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10.dll
[2013/05/29 02:16:53 | 000,648,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
[2013/05/29 02:16:53 | 000,604,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10level9.dll
[2013/05/29 02:16:53 | 000,522,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsGdiConverter.dll
[2013/05/29 02:16:53 | 000,465,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMPhoto.dll
[2013/05/29 02:16:53 | 000,417,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMPhoto.dll
[2013/05/29 02:16:53 | 000,364,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsGdiConverter.dll
[2013/05/29 02:16:53 | 000,363,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxgi.dll
[2013/05/29 02:16:53 | 000,333,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1core.dll
[2013/05/29 02:16:53 | 000,296,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10core.dll
[2013/05/29 02:16:53 | 000,293,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxgi.dll
[2013/05/29 02:16:53 | 000,249,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1core.dll
[2013/05/29 02:16:53 | 000,245,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecsExt.dll
[2013/05/29 02:16:53 | 000,221,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\UIAnimation.dll
[2013/05/29 02:16:53 | 000,220,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10core.dll
[2013/05/29 02:16:53 | 000,207,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WindowsCodecsExt.dll
[2013/05/29 02:16:53 | 000,194,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1.dll
[2013/05/29 02:16:53 | 000,187,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\UIAnimation.dll
[2013/05/29 02:16:53 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1.dll
[2013/05/29 02:16:53 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/29 02:16:53 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/29 02:16:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/29 02:16:53 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/28 10:45:08 | 000,000,000 | ---D | C] -- D:\Users\jule\Documents\Bewerbung DIE - Kopie
[2013/05/28 10:27:10 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Firefox
[2013/05/17 07:08:32 | 000,000,000 | ---D | C] -- D:\Users\jule\Desktop\Neuer Ordner (2)
[2013/05/16 06:05:04 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\DVDVideoSoft
[2013/05/16 06:05:04 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\DVDVideoSoft
[2013/05/15 13:18:23 | 000,265,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\dxgmms1.sys
[2013/05/15 13:18:22 | 000,144,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cdd.dll
[2013/05/15 13:18:13 | 001,930,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\authui.dll
[2013/05/15 13:18:13 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shdocvw.dll
[2013/05/15 13:18:12 | 001,796,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\authui.dll
[2013/05/15 13:18:12 | 000,111,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\consent.exe
[2013/05/15 13:18:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wwanprotdim.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013/06/12 05:43:30 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2013/06/12 05:43:25 | 000,196,608 | ---- | M] () -- D:\Windows\System32\Ikeext.etl
[2013/06/12 05:43:08 | 000,000,004 | ---- | M] () -- D:\Users\jule\AppData\Roaming\skype.ini
[2013/06/12 05:42:37 | 000,000,262 | ---- | M] () -- D:\Windows\tasks\AutoKMS.job
[2013/06/12 05:42:24 | 3153,702,912 | -HS- | M] () -- D:\hiberfil.sys
[2013/06/12 04:11:43 | 000,026,544 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/12 04:11:43 | 000,026,544 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/12 04:10:44 | 000,697,082 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2013/06/12 04:10:44 | 000,652,360 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2013/06/12 04:10:44 | 000,148,346 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2013/06/12 04:10:44 | 000,121,292 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2013/06/11 13:36:00 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/11 04:31:49 | 000,428,824 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2013/06/10 12:40:23 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2013/06/08 11:00:13 | 000,120,198 | ---- | M] () -- D:\Users\jule\Desktop\dobischat fischell rosendahl.pdf
[2013/06/03 04:25:03 | 000,001,047 | ---- | M] () -- D:\Users\jule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/06/03 04:24:56 | 000,001,013 | ---- | M] () -- D:\Users\jule\Desktop\Dropbox.lnk
[2013/05/29 02:17:47 | 001,441,280 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2013/05/29 02:17:47 | 001,400,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2013/05/29 02:17:47 | 001,400,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2013/05/29 02:17:47 | 001,054,720 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\MsSpellCheckingFacility.exe
[2013/05/29 02:17:47 | 000,719,360 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmlmedia.dll
[2013/05/29 02:17:47 | 000,629,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2013/05/29 02:17:47 | 000,452,096 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2013/05/29 02:17:47 | 000,441,856 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2013/05/29 02:17:47 | 000,361,984 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2013/05/29 02:17:47 | 000,357,888 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2013/05/29 02:17:47 | 000,281,600 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2013/05/29 02:17:47 | 000,232,960 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2013/05/29 02:17:47 | 000,226,816 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2013/05/29 02:17:47 | 000,226,304 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\elshyph.dll
[2013/05/29 02:17:47 | 000,216,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2013/05/29 02:17:47 | 000,197,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2013/05/29 02:17:47 | 000,185,344 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\elshyph.dll
[2013/05/29 02:17:47 | 000,163,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2013/05/29 02:17:47 | 000,158,720 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2013/05/29 02:17:47 | 000,150,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
[2013/05/29 02:17:47 | 000,138,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
[2013/05/29 02:17:47 | 000,137,216 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2013/05/29 02:17:47 | 000,125,440 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
[2013/05/29 02:17:47 | 000,117,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2013/05/29 02:17:47 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2013/05/29 02:17:47 | 000,082,432 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
[2013/05/29 02:17:47 | 000,079,872 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2013/05/29 02:17:47 | 000,073,728 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/05/29 02:17:47 | 000,069,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
[2013/05/29 02:17:47 | 000,061,952 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2013/05/29 02:17:47 | 000,057,344 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
[2013/05/29 02:17:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2013/05/29 02:17:47 | 000,038,400 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
[2013/05/29 02:17:47 | 000,025,185 | ---- | M] () -- D:\Windows\SysWow64\ieuinit.inf
[2013/05/29 02:17:47 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2013/05/29 02:17:47 | 000,011,776 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2013/05/29 02:17:46 | 001,509,376 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2013/05/29 02:17:46 | 000,905,728 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmlmedia.dll
[2013/05/29 02:17:46 | 000,762,368 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2013/05/29 02:17:46 | 000,599,552 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2013/05/29 02:17:46 | 000,235,008 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2013/05/29 02:17:46 | 000,173,568 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2013/05/29 02:17:46 | 000,167,424 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2013/05/29 02:17:46 | 000,149,504 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
[2013/05/29 02:17:46 | 000,144,896 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2013/05/29 02:17:46 | 000,136,192 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2013/05/29 02:17:46 | 000,135,680 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2013/05/29 02:17:46 | 000,102,912 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2013/05/29 02:17:46 | 000,097,280 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2013/05/29 02:17:46 | 000,092,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2013/05/29 02:17:46 | 000,081,408 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
[2013/05/29 02:17:46 | 000,077,312 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
[2013/05/29 02:17:46 | 000,062,976 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2013/05/29 02:17:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2013/05/29 02:17:46 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2013/05/29 02:17:46 | 000,027,648 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2013/05/29 02:17:46 | 000,025,185 | ---- | M] () -- D:\Windows\System32\ieuinit.inf
[2013/05/29 02:17:46 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
[2013/05/29 02:17:46 | 000,012,800 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2013/05/29 02:16:53 | 003,928,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d2d1.dll
[2013/05/29 02:16:53 | 003,419,136 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d2d1.dll
[2013/05/29 02:16:53 | 002,776,576 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msmpeg2vdec.dll
[2013/05/29 02:16:53 | 002,565,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10warp.dll
[2013/05/29 02:16:53 | 002,284,544 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msmpeg2vdec.dll
[2013/05/29 02:16:53 | 001,988,096 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10warp.dll
[2013/05/29 02:16:53 | 001,887,232 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d11.dll
[2013/05/29 02:16:53 | 001,682,432 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\XpsPrint.dll
[2013/05/29 02:16:53 | 001,643,520 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2013/05/29 02:16:53 | 001,504,768 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d11.dll
[2013/05/29 02:16:53 | 001,424,384 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecs.dll
[2013/05/29 02:16:53 | 001,247,744 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
[2013/05/29 02:16:53 | 001,238,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10.dll
[2013/05/29 02:16:53 | 001,158,144 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsPrint.dll
[2013/05/29 02:16:53 | 001,080,832 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10.dll
[2013/05/29 02:16:53 | 000,648,192 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
[2013/05/29 02:16:53 | 000,604,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10level9.dll
[2013/05/29 02:16:53 | 000,522,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\XpsGdiConverter.dll
[2013/05/29 02:16:53 | 000,465,920 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WMPhoto.dll
[2013/05/29 02:16:53 | 000,417,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\WMPhoto.dll
[2013/05/29 02:16:53 | 000,364,544 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsGdiConverter.dll
[2013/05/29 02:16:53 | 000,363,008 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxgi.dll
[2013/05/29 02:16:53 | 000,333,312 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1core.dll
[2013/05/29 02:16:53 | 000,296,960 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10core.dll
[2013/05/29 02:16:53 | 000,293,376 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxgi.dll
[2013/05/29 02:16:53 | 000,249,856 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1core.dll
[2013/05/29 02:16:53 | 000,245,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecsExt.dll
[2013/05/29 02:16:53 | 000,221,184 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\UIAnimation.dll
[2013/05/29 02:16:53 | 000,220,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10core.dll
[2013/05/29 02:16:53 | 000,207,872 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\WindowsCodecsExt.dll
[2013/05/29 02:16:53 | 000,194,560 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1.dll
[2013/05/29 02:16:53 | 000,187,392 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\UIAnimation.dll
[2013/05/29 02:16:53 | 000,161,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1.dll
[2013/05/29 02:16:53 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/29 02:16:53 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/29 02:16:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/29 02:16:53 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/16 06:05:14 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013/05/16 02:29:16 | 000,002,441 | ---- | M] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/05/15 15:36:09 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
[2013/05/15 15:36:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2013/06/11 14:01:12 | 000,000,004 | ---- | C] () -- D:\Users\jule\AppData\Roaming\skype.ini
[2013/06/08 11:00:13 | 000,120,198 | ---- | C] () -- D:\Users\jule\Desktop\dobischat fischell rosendahl.pdf
[2013/05/29 02:17:47 | 000,025,185 | ---- | C] () -- D:\Windows\SysWow64\ieuinit.inf
[2013/05/29 02:17:46 | 000,025,185 | ---- | C] () -- D:\Windows\System32\ieuinit.inf
[2013/05/28 10:45:08 | 000,190,880 | ---- | C] () -- D:\Users\jule\Documents\auszug transkript - Kopie.pdf
[2013/02/12 13:39:08 | 000,000,749 | ---- | C] () -- D:\Windows\SysWow64\Settings.ini
[2012/03/19 17:31:16 | 000,963,912 | ---- | C] () -- D:\Windows\SysWow64\igkrng600.bin
[2012/03/19 17:31:16 | 000,261,208 | ---- | C] () -- D:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 17:25:58 | 000,058,880 | ---- | C] () -- D:\Windows\SysWow64\igdde32.dll
[2012/03/19 16:21:14 | 013,212,672 | ---- | C] () -- D:\Windows\SysWow64\ig4icd32.dll
[2012/01/11 13:57:47 | 000,069,632 | ---- | C] () -- D:\Users\jule\AppData\Roaming\skype.dat
[2011/12/23 18:05:01 | 001,591,234 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/23 15:20:44 | 000,001,652 | ---- | C] () -- D:\Windows\vm331Rmv.ini
[2011/12/23 15:20:44 | 000,001,652 | ---- | C] () -- D:\Windows\SysWow64\vm331Rmv.ini
[2011/12/23 14:30:37 | 000,066,856 | ---- | C] () -- D:\Windows\SysWow64\SynTPEnhPS.dll
[2011/12/23 13:54:37 | 000,145,804 | ---- | C] () -- D:\Windows\SysWow64\igcompkrng600.bin
[2011/12/23 13:50:34 | 000,008,192 | R--- | C] () -- D:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010/11/20 23:24:49 | 000,252,928 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat
[2007/04/27 04:43:58 | 000,120,200 | ---- | C] () -- D:\Windows\SysWow64\DLLDEV32i.dll
 
========== LOP Check ==========
 
[2011/12/23 12:30:26 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2013/02/16 07:03:58 | 000,000,000 | -H-D | M] -- D:\ProgramData\Common Files
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2011/12/23 12:30:26 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2011/12/23 15:35:11 | 000,000,000 | ---D | M] -- D:\ProgramData\EgisTec
[2011/12/23 15:56:52 | 000,000,000 | ---D | M] -- D:\ProgramData\EgisTec IPS
[2012/05/25 01:18:14 | 000,000,000 | ---D | M] -- D:\ProgramData\Energy Management
[2011/12/23 12:30:26 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2013/04/05 07:02:49 | 000,000,000 | ---D | M] -- D:\ProgramData\MAGIX
[2011/12/23 15:39:31 | 000,000,000 | ---D | M] -- D:\ProgramData\OneKey Recovery
[2013/04/29 12:39:01 | 000,000,000 | ---D | M] -- D:\ProgramData\PopCap Games
[2013/04/23 12:15:15 | 000,000,000 | ---D | M] -- D:\ProgramData\simplitec
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2011/12/23 12:30:26 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2011/12/23 15:38:08 | 000,000,000 | ---D | M] -- D:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2013/02/16 07:04:09 | 000,000,000 | ---D | M] -- D:\ProgramData\TuneUp Software
[2011/12/23 12:30:26 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2013/02/16 07:03:58 | 000,000,000 | -HSD | M] -- D:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/06/12 05:42:37 | 000,000,262 | ---- | M] () -- D:\Windows\Tasks\AutoKMS.job
[2013/02/28 09:10:21 | 000,032,632 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
         
--- --- ---

Alt 12.06.2013, 11:42   #8
t'john
/// Helfer-Team
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



Die Bereinigung besteht aus mehreren Schritten, die ausgefuehrt werden muessen.
Diese Nacheinander abarbeiten und die 3 Logs, die dabei erstellt werden bitte in deine naechste Antwort einfuegen.

Sollte der OTL-FIX nicht richig durchgelaufen sein. Fahre nicht fort, sondern melde dies bitte.

1. Schritt

Fixen mit OTLpe

  • Starte den infizierten Rechner mit der OTLpe-CD und öffne OTLpe.
  • Kopiere nun den folgenden Inhalt aus der Codebox in die Textbox.
    Wichtig: Falls du deinen Benutzernamen im Log unkenntlich gemacht hast (z.B. durch ***), dann mach das hier wieder rückgängig.

Code:
ATTFilter
:OTL

O20 - HKU\jule_ON_D Winlogon: Shell - (C:\Users\jule\AppData\Roaming\skype.dat) - D:\Users\jule\AppData\Roaming\skype.dat () 
[2013/06/12 05:43:08 | 000,000,004 | ---- | M] () -- D:\Users\jule\AppData\Roaming\skype.ini 
[2013/06/12 05:42:37 | 000,000,262 | ---- | M] () -- D:\Windows\tasks\AutoKMS.job 
[2012/01/11 13:57:47 | 000,069,632 | ---- | C] () -- D:\Users\jule\AppData\Roaming\skype.dat 

:Files 

ipconfig /flushdns /c
:Commands
[emptytemp]
         
  • Klicke jetzt auf den Fix Button.
  • Starte danach neu und versuche wieder in den normalen Modus von Windows zu booten.
  • Nach dem Neustart findest du ein Textdokument auf deinem Desktop.
    (Auch zu finden unter C:\OTL\MovedFiles\<time_date.log>)
  • Kopiere nun dessen Inhalt hier in deinen Thread.



Nach Neustart:

2. Schritt
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



danach:

3. Schritt
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
Mfg, t'john
Das TB unterstützen

Alt 12.06.2013, 12:45   #9
Nora_x
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



Danke für die schnelle Antworten!
Windows lässt sich nicht starten....

========== OTL ==========
Registry key HKEY_USERS\jule_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon not found.
File D:\Users\jule\AppData\Roaming\skype.dat not found.
File D:\Users\jule\AppData\Roaming\skype.ini not found.
File D:\Windows\tasks\AutoKMS.job not found.
File D:\Users\jule\AppData\Roaming\skype.dat not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
E:\cmd.bat deleted successfully.
E:\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User

User: jule
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 2427 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 487133036 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36032771 bytes

Total Files Cleaned = 499.00 mb


OTLPE by OldTimer - Version 3.1.48.0 log created on 06122013_164150

Also es kommt jetzt die Meldung "Windows-Fehlerbehbung" mit den Optionen

Starthilfe starten (empfohlen)
Windows normal starten

Bei Windows normal starten komme ich zurück auf die Fehlermeldung, wenn ich mit der Starthilfe starte, wird eine Systemstartreparatur durchgeführt - jedoch erfolglos und der Laptop geht aus.

Mit der Start CD komme ich auf den anderen Desktop, bei dem ich OTLPE starten kann.

Alt 12.06.2013, 15:57   #10
t'john
/// Helfer-Team
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



Durch den Neustart haben sich die Laufwerksbuchstaben geaendert.

Mache ein neues OTL-Log.
__________________
Mfg, t'john
Das TB unterstützen

Alt 13.06.2013, 07:15   #11
Nora_x
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



Hier nochmal der OTL und EXTRAS LOG.
Viele Grüße,
Nora_x
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 6/13/2013 1:04:56 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.60 Mb Free Space | 75.60% Space Free | Partition Type: NTFS
Drive D: | 46.37 Gb Total Space | 12.32 Gb Free Space | 26.58% Space Free | Partition Type: NTFS
Drive E: | 418.21 Gb Total Space | 398.74 Gb Free Space | 95.34% Space Free | Partition Type: NTFS
Drive F: | 121.48 Mb Total Space | 105.54 Mb Free Space | 86.88% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- D:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- D:\Windows\System32\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- D:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" File not found
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}" = MAGIX Foto Designer 7
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A000F75A-A246-44A7-8079-9E9E7F9054B2}" = BioExcess
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}" = MAGIX Foto Designer 7
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A000F75A-A246-44A7-8079-9E9E7F9054B2}" = BioExcess
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\jule_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 6/13/2013 1:04:56 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.60 Mb Free Space | 75.60% Space Free | Partition Type: NTFS
Drive D: | 46.37 Gb Total Space | 12.32 Gb Free Space | 26.58% Space Free | Partition Type: NTFS
Drive E: | 418.21 Gb Total Space | 398.74 Gb Free Space | 95.34% Space Free | Partition Type: NTFS
Drive F: | 121.48 Mb Total Space | 105.54 Mb Free Space | 86.88% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/12/14 13:04:56 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto] -- D:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/05/28 10:27:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/15 15:36:09 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/03 06:09:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/06/03 06:09:38 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/03/19 17:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand] -- D:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R)
SRV - [2010/12/13 18:59:28 | 000,703,856 | ---- | M] (Egis Technology Inc. ) [Auto] -- D:\Program Files (x86)\EgisTec BioExcess\EgisService.exe -- (EgisTec Service)
SRV - [2010/12/13 18:58:32 | 000,650,096 | ---- | M] (Egis Technology Inc. ) [Auto] -- D:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/11/18 07:09:24 | 000,330,696 | ---- | M] () [Auto] -- D:\Program Files (x86)\Verbindungsassistent\WTGService.exe -- (WTGService)
SRV - [2010/10/05 09:08:46 | 002,655,768 | R--- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/10/05 09:08:42 | 000,325,656 | R--- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/09/13 13:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/06/03 06:09:38 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/06/03 06:09:38 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/03/19 17:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/12/25 04:07:01 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011/12/25 04:07:01 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2011/12/23 15:36:25 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot] -- D:\Windows\System32\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2011/12/23 15:36:23 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2011/12/23 15:35:08 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- D:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011/12/23 15:35:08 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System] -- D:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011/12/23 15:35:08 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- D:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011/12/15 10:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2010/11/24 06:33:26 | 002,673,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/20 23:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/20 23:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/31 05:36:56 | 000,035,952 | ---- | M] (Egis Technology Inc.) [Kernel | Auto] -- D:\Windows\System32\drivers\FPSensor.sys -- (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys)
DRV:64bit: - [2010/10/21 06:05:22 | 000,228,224 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vm331avs.sys -- (vm331avs)
DRV:64bit: - [2010/10/14 12:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/09/20 21:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/08/16 05:28:50 | 000,008,320 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vmuvcflt.sys -- (vmuvcflt)
DRV:64bit: - [2010/08/03 06:43:14 | 000,290,920 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/05/30 23:46:50 | 000,333,928 | ---- | M] (Realtek                                            ) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/21 09:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand] -- D:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV - [2011/12/25 04:07:01 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\SysWOW64\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/12/25 04:07:01 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\SysWOW64\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\jule_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\jule_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\jule_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B1 24 D8 CF DD 52 CE 01  [binary data]
IE - HKU\jule_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
========== FireFox ==========
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: D:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: D:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}: C:\Program Files (x86)\EgisTec BioExcess\FFExt [2011/12/23 15:34:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/12/25 04:14:07 | 000,000,000 | ---D | M] (No name found) -- D:\Users\jule\AppData\Roaming\Mozilla\Extensions
[2012/12/11 13:02:13 | 000,000,000 | ---D | M] (No name found) -- D:\Users\jule\AppData\Roaming\Mozilla\Firefox\Profiles\or8qb57p.default\extensions
[2013/05/28 10:27:18 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/05/28 10:27:18 | 000,000,000 | ---D | M] (Default) -- D:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- 
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - D:\Program Files (x86)\EgisTec BioExcess\x64\EgisPBIE.dll (Egis Technology Inc.)
O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - D:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  File not found
O4:64bit: - HKLM..\Run: [Energy Management] D:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] D:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] D:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [331BigDog] D:\Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro)
O4 - HKLM..\Run: [avgnt] D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EgisTecPMMUpdate] D:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] D:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [UpdatePRCShortCut] D:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VitaKeyTSR] D:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe (Egis Technology Inc. )
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - Startup: D:\Users\jule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  File not found
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  File not found
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  File not found
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.2.0.10 10.2.0.130
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\jule_ON_D Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/01/21 15:01:20 | 000,487,424 | ---- | M] () - F:\Autor.doc -- [ FAT ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{02a3bef3-a647-11e1-a2a0-e4d53dcdd4da}\Shell - "" = AutoRun
O33 - MountPoints2\{02a3bef3-a647-11e1-a2a0-e4d53dcdd4da}\Shell\AutoRun\command - "" = F:\CD_Start.exe
O33 - MountPoints2\{188fe40b-9b78-11e2-a26f-e4d53dcdd4da}\Shell - "" = AutoRun
O33 - MountPoints2\{188fe40b-9b78-11e2-a26f-e4d53dcdd4da}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{36b7e825-3ecf-11e1-bccb-f0def1aa984c}\Shell - "" = AutoRun
O33 - MountPoints2\{36b7e825-3ecf-11e1-bccb-f0def1aa984c}\Shell\AutoRun\command - "" = E:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{b2290972-2ece-11e1-a51c-f0def1aa984c}\Shell - "" = AutoRun
O33 - MountPoints2\{b2290972-2ece-11e1-a51c-f0def1aa984c}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{b2290983-2ece-11e1-a51c-f0def1aa984c}\Shell - "" = AutoRun
O33 - MountPoints2\{b2290983-2ece-11e1-a51c-f0def1aa984c}\Shell\AutoRun\command - "" = E:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\.\Autorun.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/06/12 15:00:03 | 000,000,000 | ---D | C] -- D:\_OTL
[2013/06/10 16:34:41 | 000,526,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2013/06/10 16:34:41 | 000,391,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2013/06/10 16:34:41 | 000,051,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2013/06/10 16:34:40 | 000,603,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2013/06/10 16:34:40 | 000,493,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2013/06/10 16:34:40 | 000,136,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2013/06/10 16:34:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2013/06/10 16:34:40 | 000,089,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2013/06/10 16:34:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/06/10 16:34:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2013/06/10 16:34:40 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
[2013/06/10 16:34:40 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2013/06/10 16:34:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
[2013/06/10 16:34:38 | 000,855,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2013/06/10 16:34:38 | 000,690,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2013/06/10 16:34:37 | 003,958,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2013/06/10 16:34:37 | 002,877,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2013/06/10 12:40:36 | 000,000,000 | ---D | C] -- D:\Users\jule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/06/10 12:40:23 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2013/06/10 12:39:26 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft Games
[2013/05/29 02:17:47 | 001,441,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2013/05/29 02:17:47 | 001,400,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2013/05/29 02:17:47 | 001,400,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2013/05/29 02:17:47 | 001,054,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MsSpellCheckingFacility.exe
[2013/05/29 02:17:47 | 000,719,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmlmedia.dll
[2013/05/29 02:17:47 | 000,629,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2013/05/29 02:17:47 | 000,452,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2013/05/29 02:17:47 | 000,441,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2013/05/29 02:17:47 | 000,361,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2013/05/29 02:17:47 | 000,357,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2013/05/29 02:17:47 | 000,281,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2013/05/29 02:17:47 | 000,232,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2013/05/29 02:17:47 | 000,226,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2013/05/29 02:17:47 | 000,226,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\elshyph.dll
[2013/05/29 02:17:47 | 000,216,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2013/05/29 02:17:47 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2013/05/29 02:17:47 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\elshyph.dll
[2013/05/29 02:17:47 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2013/05/29 02:17:47 | 000,158,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2013/05/29 02:17:47 | 000,150,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
[2013/05/29 02:17:47 | 000,138,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
[2013/05/29 02:17:47 | 000,137,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2013/05/29 02:17:47 | 000,125,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
[2013/05/29 02:17:47 | 000,117,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2013/05/29 02:17:47 | 000,110,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2013/05/29 02:17:47 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
[2013/05/29 02:17:47 | 000,079,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2013/05/29 02:17:47 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/05/29 02:17:47 | 000,069,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
[2013/05/29 02:17:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2013/05/29 02:17:47 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
[2013/05/29 02:17:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2013/05/29 02:17:47 | 000,038,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
[2013/05/29 02:17:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2013/05/29 02:17:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2013/05/29 02:17:46 | 001,509,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2013/05/29 02:17:46 | 000,905,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmlmedia.dll
[2013/05/29 02:17:46 | 000,762,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2013/05/29 02:17:46 | 000,599,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2013/05/29 02:17:46 | 000,235,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2013/05/29 02:17:46 | 000,173,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2013/05/29 02:17:46 | 000,167,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2013/05/29 02:17:46 | 000,149,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
[2013/05/29 02:17:46 | 000,144,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2013/05/29 02:17:46 | 000,136,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2013/05/29 02:17:46 | 000,135,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2013/05/29 02:17:46 | 000,102,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2013/05/29 02:17:46 | 000,097,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2013/05/29 02:17:46 | 000,092,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2013/05/29 02:17:46 | 000,081,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
[2013/05/29 02:17:46 | 000,077,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
[2013/05/29 02:17:46 | 000,062,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2013/05/29 02:17:46 | 000,051,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2013/05/29 02:17:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2013/05/29 02:17:46 | 000,027,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2013/05/29 02:17:46 | 000,013,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
[2013/05/29 02:17:46 | 000,012,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2013/05/29 02:16:53 | 003,928,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d2d1.dll
[2013/05/29 02:16:53 | 003,419,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d2d1.dll
[2013/05/29 02:16:53 | 002,776,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msmpeg2vdec.dll
[2013/05/29 02:16:53 | 002,565,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10warp.dll
[2013/05/29 02:16:53 | 002,284,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msmpeg2vdec.dll
[2013/05/29 02:16:53 | 001,988,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10warp.dll
[2013/05/29 02:16:53 | 001,887,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d11.dll
[2013/05/29 02:16:53 | 001,682,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsPrint.dll
[2013/05/29 02:16:53 | 001,643,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2013/05/29 02:16:53 | 001,504,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d11.dll
[2013/05/29 02:16:53 | 001,424,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecs.dll
[2013/05/29 02:16:53 | 001,247,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
[2013/05/29 02:16:53 | 001,238,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10.dll
[2013/05/29 02:16:53 | 001,158,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsPrint.dll
[2013/05/29 02:16:53 | 001,080,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10.dll
[2013/05/29 02:16:53 | 000,648,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
[2013/05/29 02:16:53 | 000,604,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10level9.dll
[2013/05/29 02:16:53 | 000,522,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsGdiConverter.dll
[2013/05/29 02:16:53 | 000,465,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMPhoto.dll
[2013/05/29 02:16:53 | 000,417,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMPhoto.dll
[2013/05/29 02:16:53 | 000,364,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsGdiConverter.dll
[2013/05/29 02:16:53 | 000,363,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxgi.dll
[2013/05/29 02:16:53 | 000,333,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1core.dll
[2013/05/29 02:16:53 | 000,296,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10core.dll
[2013/05/29 02:16:53 | 000,293,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxgi.dll
[2013/05/29 02:16:53 | 000,249,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1core.dll
[2013/05/29 02:16:53 | 000,245,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecsExt.dll
[2013/05/29 02:16:53 | 000,221,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\UIAnimation.dll
[2013/05/29 02:16:53 | 000,220,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10core.dll
[2013/05/29 02:16:53 | 000,207,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WindowsCodecsExt.dll
[2013/05/29 02:16:53 | 000,194,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1.dll
[2013/05/29 02:16:53 | 000,187,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\UIAnimation.dll
[2013/05/29 02:16:53 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1.dll
[2013/05/29 02:16:53 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/29 02:16:53 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/29 02:16:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/29 02:16:53 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/28 10:27:10 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Firefox
[2013/05/16 06:05:04 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\DVDVideoSoft
[2013/05/16 06:05:04 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\DVDVideoSoft
[2013/05/15 13:18:23 | 000,265,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\dxgmms1.sys
[2013/05/15 13:18:22 | 000,144,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cdd.dll
[2013/05/15 13:18:13 | 001,930,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\authui.dll
[2013/05/15 13:18:13 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shdocvw.dll
[2013/05/15 13:18:12 | 001,796,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\authui.dll
[2013/05/15 13:18:12 | 000,111,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\consent.exe
[2013/05/15 13:18:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wwanprotdim.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013/06/12 13:03:12 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2013/06/12 05:43:25 | 000,196,608 | ---- | M] () -- D:\Windows\System32\Ikeext.etl
[2013/06/12 05:42:24 | 3153,702,912 | -HS- | M] () -- D:\hiberfil.sys
[2013/06/12 04:11:43 | 000,026,544 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/12 04:11:43 | 000,026,544 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/12 04:10:44 | 000,697,082 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2013/06/12 04:10:44 | 000,652,360 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2013/06/12 04:10:44 | 000,148,346 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2013/06/12 04:10:44 | 000,121,292 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2013/06/11 13:36:00 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/11 04:31:49 | 000,428,824 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2013/06/10 12:40:23 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2013/06/03 04:25:03 | 000,001,047 | ---- | M] () -- D:\Users\jule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/05/29 02:17:47 | 001,441,280 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2013/05/29 02:17:47 | 001,400,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2013/05/29 02:17:47 | 001,400,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2013/05/29 02:17:47 | 001,054,720 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\MsSpellCheckingFacility.exe
[2013/05/29 02:17:47 | 000,719,360 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmlmedia.dll
[2013/05/29 02:17:47 | 000,629,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2013/05/29 02:17:47 | 000,452,096 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2013/05/29 02:17:47 | 000,441,856 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2013/05/29 02:17:47 | 000,361,984 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2013/05/29 02:17:47 | 000,357,888 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2013/05/29 02:17:47 | 000,281,600 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2013/05/29 02:17:47 | 000,232,960 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2013/05/29 02:17:47 | 000,226,816 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2013/05/29 02:17:47 | 000,226,304 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\elshyph.dll
[2013/05/29 02:17:47 | 000,216,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2013/05/29 02:17:47 | 000,197,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2013/05/29 02:17:47 | 000,185,344 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\elshyph.dll
[2013/05/29 02:17:47 | 000,163,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2013/05/29 02:17:47 | 000,158,720 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2013/05/29 02:17:47 | 000,150,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
[2013/05/29 02:17:47 | 000,138,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
[2013/05/29 02:17:47 | 000,137,216 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2013/05/29 02:17:47 | 000,125,440 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
[2013/05/29 02:17:47 | 000,117,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2013/05/29 02:17:47 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2013/05/29 02:17:47 | 000,082,432 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
[2013/05/29 02:17:47 | 000,079,872 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2013/05/29 02:17:47 | 000,073,728 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/05/29 02:17:47 | 000,069,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
[2013/05/29 02:17:47 | 000,061,952 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2013/05/29 02:17:47 | 000,057,344 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
[2013/05/29 02:17:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2013/05/29 02:17:47 | 000,038,400 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
[2013/05/29 02:17:47 | 000,025,185 | ---- | M] () -- D:\Windows\SysWow64\ieuinit.inf
[2013/05/29 02:17:47 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2013/05/29 02:17:47 | 000,011,776 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2013/05/29 02:17:46 | 001,509,376 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2013/05/29 02:17:46 | 000,905,728 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmlmedia.dll
[2013/05/29 02:17:46 | 000,762,368 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2013/05/29 02:17:46 | 000,599,552 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2013/05/29 02:17:46 | 000,235,008 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2013/05/29 02:17:46 | 000,173,568 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2013/05/29 02:17:46 | 000,167,424 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2013/05/29 02:17:46 | 000,149,504 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
[2013/05/29 02:17:46 | 000,144,896 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2013/05/29 02:17:46 | 000,136,192 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2013/05/29 02:17:46 | 000,135,680 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2013/05/29 02:17:46 | 000,102,912 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2013/05/29 02:17:46 | 000,097,280 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2013/05/29 02:17:46 | 000,092,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2013/05/29 02:17:46 | 000,081,408 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
[2013/05/29 02:17:46 | 000,077,312 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
[2013/05/29 02:17:46 | 000,062,976 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2013/05/29 02:17:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2013/05/29 02:17:46 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2013/05/29 02:17:46 | 000,027,648 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2013/05/29 02:17:46 | 000,025,185 | ---- | M] () -- D:\Windows\System32\ieuinit.inf
[2013/05/29 02:17:46 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
[2013/05/29 02:17:46 | 000,012,800 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2013/05/29 02:16:53 | 003,928,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d2d1.dll
[2013/05/29 02:16:53 | 003,419,136 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d2d1.dll
[2013/05/29 02:16:53 | 002,776,576 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msmpeg2vdec.dll
[2013/05/29 02:16:53 | 002,565,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10warp.dll
[2013/05/29 02:16:53 | 002,284,544 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msmpeg2vdec.dll
[2013/05/29 02:16:53 | 001,988,096 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10warp.dll
[2013/05/29 02:16:53 | 001,887,232 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d11.dll
[2013/05/29 02:16:53 | 001,682,432 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\XpsPrint.dll
[2013/05/29 02:16:53 | 001,643,520 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2013/05/29 02:16:53 | 001,504,768 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d11.dll
[2013/05/29 02:16:53 | 001,424,384 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecs.dll
[2013/05/29 02:16:53 | 001,247,744 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
[2013/05/29 02:16:53 | 001,238,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10.dll
[2013/05/29 02:16:53 | 001,158,144 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsPrint.dll
[2013/05/29 02:16:53 | 001,080,832 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10.dll
[2013/05/29 02:16:53 | 000,648,192 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
[2013/05/29 02:16:53 | 000,604,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10level9.dll
[2013/05/29 02:16:53 | 000,522,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\XpsGdiConverter.dll
[2013/05/29 02:16:53 | 000,465,920 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WMPhoto.dll
[2013/05/29 02:16:53 | 000,417,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\WMPhoto.dll
[2013/05/29 02:16:53 | 000,364,544 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsGdiConverter.dll
[2013/05/29 02:16:53 | 000,363,008 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxgi.dll
[2013/05/29 02:16:53 | 000,333,312 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1core.dll
[2013/05/29 02:16:53 | 000,296,960 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10core.dll
[2013/05/29 02:16:53 | 000,293,376 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxgi.dll
[2013/05/29 02:16:53 | 000,249,856 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1core.dll
[2013/05/29 02:16:53 | 000,245,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecsExt.dll
[2013/05/29 02:16:53 | 000,221,184 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\UIAnimation.dll
[2013/05/29 02:16:53 | 000,220,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10core.dll
[2013/05/29 02:16:53 | 000,207,872 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\WindowsCodecsExt.dll
[2013/05/29 02:16:53 | 000,194,560 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1.dll
[2013/05/29 02:16:53 | 000,187,392 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\UIAnimation.dll
[2013/05/29 02:16:53 | 000,161,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1.dll
[2013/05/29 02:16:53 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/29 02:16:53 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/29 02:16:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/29 02:16:53 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/29 02:16:53 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/16 06:05:14 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013/05/16 02:29:16 | 000,002,441 | ---- | M] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/05/15 15:36:09 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
[2013/05/15 15:36:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2013/05/29 02:17:47 | 000,025,185 | ---- | C] () -- D:\Windows\SysWow64\ieuinit.inf
[2013/05/29 02:17:46 | 000,025,185 | ---- | C] () -- D:\Windows\System32\ieuinit.inf
[2013/02/12 13:39:08 | 000,000,749 | ---- | C] () -- D:\Windows\SysWow64\Settings.ini
[2012/03/19 17:31:16 | 000,963,912 | ---- | C] () -- D:\Windows\SysWow64\igkrng600.bin
[2012/03/19 17:31:16 | 000,261,208 | ---- | C] () -- D:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 17:25:58 | 000,058,880 | ---- | C] () -- D:\Windows\SysWow64\igdde32.dll
[2012/03/19 16:21:14 | 013,212,672 | ---- | C] () -- D:\Windows\SysWow64\ig4icd32.dll
[2011/12/23 18:05:01 | 001,591,234 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/23 15:20:44 | 000,001,652 | ---- | C] () -- D:\Windows\vm331Rmv.ini
[2011/12/23 15:20:44 | 000,001,652 | ---- | C] () -- D:\Windows\SysWow64\vm331Rmv.ini
[2011/12/23 14:30:37 | 000,066,856 | ---- | C] () -- D:\Windows\SysWow64\SynTPEnhPS.dll
[2011/12/23 13:54:37 | 000,145,804 | ---- | C] () -- D:\Windows\SysWow64\igcompkrng600.bin
[2011/12/23 13:50:34 | 000,008,192 | R--- | C] () -- D:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010/11/20 23:24:49 | 000,252,928 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat
[2007/04/27 04:43:58 | 000,120,200 | ---- | C] () -- D:\Windows\SysWow64\DLLDEV32i.dll
 
========== LOP Check ==========
 
[2011/12/23 12:30:26 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2013/02/16 07:03:58 | 000,000,000 | -H-D | M] -- D:\ProgramData\Common Files
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2011/12/23 12:30:26 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2011/12/23 15:35:11 | 000,000,000 | ---D | M] -- D:\ProgramData\EgisTec
[2011/12/23 15:56:52 | 000,000,000 | ---D | M] -- D:\ProgramData\EgisTec IPS
[2012/05/25 01:18:14 | 000,000,000 | ---D | M] -- D:\ProgramData\Energy Management
[2011/12/23 12:30:26 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2013/04/05 07:02:49 | 000,000,000 | ---D | M] -- D:\ProgramData\MAGIX
[2011/12/23 15:39:31 | 000,000,000 | ---D | M] -- D:\ProgramData\OneKey Recovery
[2013/04/29 12:39:01 | 000,000,000 | ---D | M] -- D:\ProgramData\PopCap Games
[2013/04/23 12:15:15 | 000,000,000 | ---D | M] -- D:\ProgramData\simplitec
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2011/12/23 12:30:26 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2011/12/23 15:38:08 | 000,000,000 | ---D | M] -- D:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2013/02/16 07:04:09 | 000,000,000 | ---D | M] -- D:\ProgramData\TuneUp Software
[2011/12/23 12:30:26 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2013/02/16 07:03:58 | 000,000,000 | -HSD | M] -- D:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/02/28 09:10:21 | 000,032,632 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
         
--- --- ---

Alt 14.06.2013, 08:10   #12
t'john
/// Helfer-Team
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



Hast du den Fix mehrmals ausgefuehrt?
Du hast offensichtlich nicht das FixLog vom ersten durchgang gepostet.

Stelle im Bios wieder zurueck auf AHCI und starte normal!

Dann ab Schritt 2 ier weitermachen: http://www.trojaner-board.de/136446-...ml#post1083737
__________________
Mfg, t'john
Das TB unterstützen

Alt 14.06.2013, 16:57   #13
Nora_x
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



Hier das Log vom 2. Schritt.

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.14.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
jule :: JULE-PC [Administrator]

Schutz: Aktiviert

14.06.2013 18:00:05
mbam-log-2013-06-14 (18-00-05).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 310726
Laufzeit: 39 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\_OTL\MovedFiles\06122013_150002\D_Users\jule\AppData\Roaming\skype.dat (Trojan.Agent.rf) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Hier das Log vom 3. Schritt.AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.303 - Datei am 14/06/2013 um 23:01:14 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : jule - JULE-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\jule\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\jule\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\jule\AppData\Roaming\OpenCandy

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\jule\AppData\Roaming\Mozilla\Firefox\Profiles\or8qb57p.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [1889 octets] - [14/06/2013 23:01:14]

########## EOF - C:\AdwCleaner[S1].txt - [1949 octets] ##########
         
--- --- ---




Ist jetzt wieder alles bereinigt? Vielen Dank für die schnelle und unkomplizierte Hilfe!!!

Alt 14.06.2013, 19:43   #14
t'john
/// Helfer-Team
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



Sehr gut!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



danach:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




danach:

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
Mfg, t'john
Das TB unterstützen

Alt 14.06.2013, 20:00   #15
Nora_x
 
PC gesperrt, weißer Bildschirm - Standard

PC gesperrt, weißer Bildschirm



Der AVAST! Scan ist zwischendurch abgestürzt. mit der Einstellung (none) ergab es folgendes Log:

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-14 20:57:09
-----------------------------
20:57:09.608 OS Version: Windows x64 6.1.7601 Service Pack 1
20:57:09.608 Number of processors: 2 586 0x2A07
20:57:09.608 ComputerName: JULE-PC UserName: jule
20:57:09.990 Initialize success
20:57:22.606 AVAST engine defs: 13061300
20:57:31.898 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:57:31.898 Disk 0 Vendor: WDC_WD50 03.0 Size: 476940MB BusType: 3
20:57:32.038 Disk 0 MBR read successfully
20:57:32.048 Disk 0 MBR scan
20:57:32.048 Disk 0 Windows 7 default MBR code
20:57:32.048 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:57:32.058 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 47483 MB offset 206848
20:57:32.088 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 428247 MB offset 97452032
20:57:32.118 Disk 0 Partition 4 00 12 Compaq diag NTFS 1109 MB offset 974501888
20:57:32.178 Disk 0 scanning C:\Windows\system32\drivers
20:57:43.186 Service scanning
20:58:10.766 Modules scanning
20:58:10.776 Disk 0 trace - called modules:
20:58:11.136 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:58:11.146 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c4d060]
20:58:11.156 3 CLASSPNP.SYS[fffff88000c0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800470b050]
20:58:11.156 Scan finished successfully
20:58:30.098 Disk 0 MBR has been saved successfully to "C:\Users\jule\Desktop\MBR.dat"
20:58:30.108 The log file has been saved successfully to "C:\Users\jule\Desktop\aswMBR.txt"

Der ESET-Scan ist zwischendurch abgestürzt. Zu sehen war ein Bluescreen, danach habe ich Windows normal hochfahren lassen!

Antwort

Themen zu PC gesperrt, weißer Bildschirm
angezeigt, bildschirm, eingefangen, gefangen, gesperrt, hochfahren, hoffe, inter, interne, internet, laptops, pc gesperrt, seitdem, surfe, surfen, troja, trojaner, trojaner eingefangen, weißer, weißer bildschirm, überzeugt



Ähnliche Themen: PC gesperrt, weißer Bildschirm


  1. weißer bildschirm, schwarzer bildschirm, maus laggs nach systemstart, mausbewegungen in boxen.
    Plagegeister aller Art und deren Bekämpfung - 02.12.2013 (3)
  2. Windows 7. Bei Start weißer Bildschirm. PC durch Interpool gesperrt
    Log-Analyse und Auswertung - 29.10.2013 (9)
  3. Mein Laptop zeigt die Meldung an: Ihr Computer ist gesperrt, nun immer ein weißer Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (3)
  4. Trojaner, PC gesperrt, weißer Bildschirm
    Log-Analyse und Auswertung - 07.08.2013 (10)
  5. Bundesinnenministerium! Desktop gesperrt, weißer Bildschirm, 100€ Strafzahlungsaufforderung
    Plagegeister aller Art und deren Bekämpfung - 25.06.2013 (13)
  6. Computer gesperrt, weißer Bildschirm beim Start
    Log-Analyse und Auswertung - 17.06.2013 (13)
  7. weißer Bildschirm, danach erscheint die Meldung dass der Computer gesperrt ist für 72 Stunden.
    Log-Analyse und Auswertung - 20.05.2013 (65)
  8. Österreich; PC gesperrt; weißer Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 13.04.2013 (11)
  9. "Weißer Bildschirm Trojaner", Nach dem Windowsstart nur weißer Bildschirm!
    Log-Analyse und Auswertung - 01.09.2012 (1)
  10. weißer Bildschirm mit der Meldung Ihr Computer wurde gesperrt
    Log-Analyse und Auswertung - 14.08.2012 (14)
  11. weißer Bildschirm, Computer gesperrt - Trojaner?
    Log-Analyse und Auswertung - 14.06.2012 (6)
  12. 50€ GEMA Virus, weißer Bildschirm, PC direkt nach Start gesperrt
    Plagegeister aller Art und deren Bekämpfung - 13.04.2012 (11)
  13. weißer Bildschirm bitten warten Sie jetzt schwarzer Bildschirm
    Log-Analyse und Auswertung - 13.04.2012 (1)
  14. zu 50€ GEMA Virus, weißer Bildschirm, PC direkt nach Start gesperrt, widows boot error
    Plagegeister aller Art und deren Bekämpfung - 04.04.2012 (3)
  15. Computer wurde gesperrt! Windows Security! weißer Bildschirm.
    Log-Analyse und Auswertung - 19.03.2012 (7)
  16. Weißer Bildschirm nach Systemstart: "Achtung ihr Computer wurde gesperrt"
    Plagegeister aller Art und deren Bekämpfung - 11.02.2012 (24)
  17. windows 7, weißer Bildschirm, Meldung: windows security center, Achtung! Ihr Computer wurde gesperrt
    Log-Analyse und Auswertung - 06.02.2012 (11)

Zum Thema PC gesperrt, weißer Bildschirm - Hallo, gestern beim surfen im Internet wurde mir angezeigt, dass mein PC gesperrt sei. Seitdem ist beim Hochfahren meines Laptops nur noch ein weißer Bildschirm zu sehen. Nach einigen recherchen - PC gesperrt, weißer Bildschirm...
Archiv
Du betrachtest: PC gesperrt, weißer Bildschirm auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.