Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt

Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt


Log-Analyse und Auswertung: Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 11.04.2012, 23:22   #1
reyespeugeot
 
Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt - Standard

Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt


Hallo zusammen!

Habe seit gestern das Problem wie einige hier. Wenn ich meinen Rechner hochfahren will, erscheint ein weißer Bildschirm "Warten Sie während die Verbindung hergestellt wird". Dann werden Logo und Name der SUISA dazu verwendet, um der Zugang zu meinem Computer zu sperren und zur Zahlung einer Mahngebühr in Höhe von 75 Franken via paysafecard aufzufordern. Ich wollte den Rechner auch über den Abgesicherten Modus starten, hatte aber den selben Effekt. --> weißer Bildschirm

Habe mich dann hier eingelesen und über die CD(REATOGO-X-PE) gebootet.
Danach habe ich mit OTLPE das LOG file erstellt.
Ich hoffe das war bis jetzt der richtige Weg!

Ich suche weitere Hilfe von Ihnen. Denn ich komme aus China, deswegen gibt es einige Wörter, die das Software vielleicht nicht identifizieren kann. Ich weiss nicht, ob es in diesem Weg noch funktioniert. Und das OTL file ist zu gross. Ich darf nicht es per Anhang beifügen. Deswegen klebe ich es hier.

Bitte verzeiht mir Fehler die ich evtl. gemacht habe, habe von Computern leider nur sehr wenig Ahnung.

Vielen Dank aus der Schweiz.

Code:
ATTFilter
OTL logfile created on: 4/12/2012 2:09:33 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 74.37 Mb Free Space | 74.37% Space Free | Partition Type: NTFS
Drive D: | 283.27 Gb Total Space | 157.57 Gb Free Space | 55.62% Space Free | Partition Type: NTFS
Drive E: | 238.63 Mb Total Space | 238.60 Mb Free Space | 99.99% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/01/14 03:01:51 | 000,203,776 | ---- | M] (AMD) [Auto] -- D:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/12/09 19:26:26 | 000,923,024 | ---- | M] (Sony Corporation) [Auto] -- D:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2010/12/06 12:14:50 | 000,584,080 | ---- | M] (Sony Corporation) [Auto] -- D:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2010/11/18 12:23:44 | 001,310,096 | ---- | M] (Sony Corporation) [On_Demand] -- D:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2010/11/02 16:49:46 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto] -- D:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:64bit: - [2010/11/02 16:39:08 | 000,340,240 | ---- | M] () [On_Demand] -- D:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/11/02 16:34:14 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto] -- D:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:64bit: - [2010/10/25 20:55:26 | 000,387,896 | ---- | M] (Sony Corporation) [Auto] -- D:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2010/10/25 20:26:34 | 000,101,152 | ---- | M] (Sony Corporation) [On_Demand] -- D:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2010/10/25 20:12:24 | 000,549,168 | ---- | M] (Sony Corporation) [Auto] -- D:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2010/09/27 18:13:22 | 000,303,872 | ---- | M] (Sony Corporation) [On_Demand] -- D:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/12 18:15:34 | 000,257,936 | ---- | M] (Sony Corporation) [Auto] -- D:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010/07/29 22:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto] -- D:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/02 10:16:04 | 000,273,240 | ---- | M] (360.cn) [Auto] -- D:\Program Files (x86)\360\360Safe\deepscan\zhudongfangyu.exe -- (ZhuDongFangYu)
SRV - [2011/11/21 04:35:12 | 000,189,784 | ---- | M] () [Auto] -- D:\Program Files (x86)\360\360jishi\360js.exe -- (360js)
SRV - [2011/09/30 20:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/09/30 20:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/06/18 03:34:14 | 000,008,192 | ---- | M] () [Auto] -- D:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011/06/10 06:39:36 | 000,078,512 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) [On_Demand] -- D:\Program Files (x86)\Thunder Network\Thunder\Program\DctSer.dll -- (XLDoctor Service)
SRV - [2011/05/20 08:28:56 | 000,182,128 | R--- | M] (Swisscom) [Auto] -- D:\Program Files (x86)\Swisscom\Unlimited Data Manager\DashBoardS.exe -- (UDM Service)
SRV - [2011/05/16 09:14:02 | 001,482,240 | ---- | M] (Swisscom) [Auto] -- D:\Program Files (x86)\Swisscom\Sesam\BIN\SecMIPService.exe -- (SesamService)
SRV - [2011/05/13 03:07:46 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand] -- D:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/03/23 00:38:56 | 000,077,824 | ---- | M] () [Auto] -- D:\Windows\System_ejectcd.exe -- (UI_)
SRV - [2011/02/16 03:31:22 | 000,210,248 | ---- | M] (新浪网技术(中国)有限公司) [Auto] -- D:\Program Files (x86)\sina\Sina_live\2010\live_deamon.dll -- (sina_live_deamon)
SRV - [2011/01/05 02:11:44 | 002,656,280 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011/01/05 02:10:33 | 000,325,656 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/12/23 19:24:52 | 000,095,632 | ---- | M] (Sony Corporation) [Auto] -- D:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010/12/10 09:50:28 | 000,939,352 | ---- | M] (360.cn) [Auto] -- D:\Program Files (x86)\360\360sd\360rp.exe -- (360rp)
SRV - [2010/11/27 03:55:44 | 000,398,176 | ---- | M] (Sony Corporation) [Auto] -- D:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010/11/06 02:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/10/12 18:52:48 | 000,423,280 | ---- | M] (Sony Corporation) [Auto] -- D:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010/09/27 18:12:36 | 000,864,000 | ---- | M] (Sony Corporation) [Auto] -- D:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010/09/22 09:54:22 | 000,307,568 | ---- | M] (Sierra Wireless, Inc.) [Auto] -- D:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe -- (SwiCardDetectSvc)
SRV - [2010/09/10 11:47:30 | 000,108,400 | ---- | M] (Sony Corporation) [Auto] -- D:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010/09/10 11:47:30 | 000,067,952 | ---- | M] (Sony Corporation) [Auto] -- D:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2010/03/18 14:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand] -- D:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/18 01:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/06 09:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/22 23:19:10 | 000,200,704 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand] -- D:\Program Files (x86)\360\360sd\scan.dll -- (scan)
SRV - [2008/09/18 13:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto] -- D:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/03/08 10:01:32 | 000,355,928 | ---- | M] (360.cn) [File_System | System] -- D:\Windows\System32\drivers\360fsflt.sys -- (360FsFlt)
DRV:64bit: - [2011/12/23 04:35:28 | 000,274,008 | ---- | M] (360安全中心) [File_System | System] -- D:\Windows\System32\drivers\360Box64.sys -- (360Box64)
DRV:64bit: - [2011/12/05 11:07:08 | 000,171,360 | ---- | M] (360.cn) [Kernel | System] -- D:\Windows\System32\Drivers\BAPIDRV64.SYS -- (BAPIDRV)
DRV:64bit: - [2011/09/30 20:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/09/30 20:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/09/30 20:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/09/30 20:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/05/09 20:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/11 09:53:24 | 000,409,456 | ---- | M] (Swisscom) [Kernel | System] -- D:\Windows\System32\drivers\wtsmpflt.sys -- (WtSmpFlt)
DRV:64bit: - [2011/04/11 09:53:22 | 000,056,688 | ---- | M] (Swisscom) [Kernel | On_Demand] -- D:\Windows\System32\drivers\wtsmpadap.sys -- (WtSmpAdap)
DRV:64bit: - [2011/04/02 01:48:14 | 000,056,920 | ---- | M] (360.cn) [Kernel | System] -- D:\Windows\System32\drivers\360netmon.sys -- (360netmon)
DRV:64bit: - [2011/02/17 21:00:44 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011/02/17 21:00:42 | 000,256,000 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2011/01/29 21:19:52 | 000,425,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/01/14 03:04:13 | 012,252,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011/01/14 03:04:13 | 012,252,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/01/14 03:02:02 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/01/14 03:02:02 | 000,295,424 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/01/14 02:59:48 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2011/01/05 02:10:11 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/12/21 16:09:15 | 000,329,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010/12/06 16:38:55 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/12/01 08:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/09 06:16:36 | 008,500,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
DRV:64bit: - [2010/11/01 16:09:19 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/11/01 16:09:19 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/09/23 03:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/21 09:01:12 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010/09/21 09:01:10 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2010/04/26 16:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010/04/16 03:40:00 | 000,091,184 | ---- | M] (360安全中心) [Kernel | System] -- D:\Windows\System32\drivers\qutmdrv.sys -- (qutmdserv)
DRV:64bit: - [2009/07/28 03:59:54 | 000,120,832 | ---- | M] (Tlay Incorporated) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tlusbat.sys -- (TLAYusbnmea)
DRV:64bit: - [2009/07/28 03:59:54 | 000,120,832 | ---- | M] (Tlay Incorporated) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tlusbmdm.sys -- (TLAYusbmdm)
DRV:64bit: - [2009/07/13 19:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 16:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\e1y60x64.sys -- (e1yexpress) Intel(R)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/05/26 17:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008/06/16 06:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- D:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/05/14 11:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand] -- D:\Windows\System32\drivers\RimUsb_AMD64.sys -- (RimUsb)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
 
IE - HKU\Xu_Huang_ON_D\Software\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Xu Huang\Downloads
IE - HKU\Xu_Huang_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
IE - HKU\Xu_Huang_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Xu_Huang_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Xu_Huang_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@baidu.com/npxbdyy: D:\Program Files (x86)\Baidu\BaiduPlayer\1.0.23.108\npxbdyy.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pptv.com/plugin: D:\Program Files (x86)\Internet Explorer\PPLite\plugin\npplugin2.dll (PPLive Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/npqscall,version=1.0.0: D:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll (Tencent)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@qvod.com/QvodInsert: D:\Program Files (x86)\QvodPlayer\npQvodInsert.dll (Shenzhen QVOD Technology Co.,Ltd)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Acrobat: D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011/05/13 04:03:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/05/13 04:03:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/05/13 04:04:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{E4D8AFFF-DA7C-412F-A976-05ED142C7806}: C:\Program Files (x86)\Swisscom\Unlimited Data Manager\FireFox_Remote\ [2012/03/30 03:17:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/01 10:42:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/01 10:41:26 | 000,000,000 | ---D | M]
 
[2012/03/01 10:42:34 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/01 10:41:37 | 000,000,000 | ---D | M] (Talkback) -- D:\Program Files (x86)\Mozilla Firefox\extensions\talkback@mozilla.org
[2008/12/17 18:34:33 | 000,067,688 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\jar50.dll
[2008/12/17 18:34:33 | 000,054,368 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\jsd3250.dll
[2008/12/17 18:34:33 | 000,034,944 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\myspell.dll
[2008/12/17 18:34:33 | 000,046,712 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\spellchk.dll
[2008/12/17 18:34:33 | 000,172,136 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\xpinstal.dll
[2006/08/24 17:07:50 | 000,001,525 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2006/08/24 17:07:50 | 000,001,063 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2006/11/10 07:42:00 | 000,000,998 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2006/11/10 18:32:03 | 000,000,815 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (ѸÀ×FLVÊÓƵÐá̽¼°ÏÂÔØÖ§³Ö) - {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - D:\Program Files (x86)\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.2.48.dll (ShenZhen Xunlei Networking Technologies,LTD)
O2 - BHO: (ѸÀ×ÏÂÔØÖ§³Ö) - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO7.2.0.3076.dll (深圳市迅雷网络技术有限公司)
O2 - BHO: (QvodExtend) - {A8502600-B272-4F68-A67B-A0305D46D297} - D:\Program Files (x86)\QvodPlayer\QvodExtend.dll (Shenzhen QVOD Technology Co.,Ltd)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -  File not found
O2 - BHO: (ѸÀ×ÏÂÔØÖúÊÖ) - {B0E2F470-0B07-48f0-B3B1-5749505FAE9B} - D:\Program Files (x86)\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.2.48.dll (ShenZhen Xunlei Networking Technologies,LTD)
O2 - BHO: (SafeMon Class) - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - D:\Program Files (x86)\360\360Safe\safemon\safemon.dll (360.cn)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\Xu_Huang_ON_D\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] D:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVBg] D:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [360Safetray] D:\Program Files (x86)\360\360Safe\safemon\360Tray.exe (360.cn)
O4 - HKLM..\Run: [ISBMgr.exe] D:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] D:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SHTtray.exe] D:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIO Boot Manager] D:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe (Sony Corporation)
O4 - HKU\boinc_master_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Xu_Huang_ON_D..\Run: [360sd] D:\Program Files (x86)\360\360sd\360sd.exe (360.cn)
O4 - HKU\Xu_Huang_ON_D..\Run: [CardejectRun.exe] D:\Windows\CardejectRun.exe ()
O4 - HKU\Xu_Huang_ON_D..\Run: [lmfvMDBr3jNvGGM] D:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe (cambi taceva)
O4 - HKU\boinc_master_ON_D..\RunOnce: [mctadmin]  File not found
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\Xu_Huang_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NolowDiskSpaceChecks = 1
O7 - HKU\Xu_Huang_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Xu_Huang_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Xu_Huang_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O9 - Extra Button: 浩方电竞平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\Program Files (x86)\Holdfast\platform 5.0\GameClient.exe (上海浩方在线信息技术有限公司)
O9 - Extra Button: 启动飞信 - {814953B0-3DE7-4171-A0DD-A7A38322B6C7} - D:\Program Files (x86)\China Mobile\Fetion\\Fetion.exe ()
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - D:\Program Files (x86)\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - D:\Program Files (x86)\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: 255.148 ([202.96] http in Trusted sites)
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: alipay.com ([]http in Trusted sites)
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: alipay.com ([]https in Trusted sites)
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: alisoft.com ([]http in Trusted sites)
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: alisoft.com ([]https in Trusted sites)
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: online.unionpay.com ([]https in Trusted sites)
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: pps.tv ([]http in Trusted sites)
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: ppstream.com ([]http in Trusted sites)
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: taobao.com ([]http in Trusted sites)
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: taobao.com ([]https in Trusted sites)
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: unionpay.com ([online] https in Trusted sites)
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: unionpaysecure.com ([]https in Trusted sites)
O15:64bit: - Xu_Huang_ON_D\..Trusted Domains: webscache.com ([]http in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://studmailak.unisg.ch/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {152FC577-6940-4B1E-99BB-D4D5B8BF182E} hxxp://hr.chalco.com.cn/cs_deploy/FileViewerX.cab (FileViewer Control)
O16 - DPF: {1DABF8D5-8430-4985-9B7F-A30E53D709B3} hxxp://dl_dir.qq.com/qqtv/MMInstaller.cab (InstallHelper Class)
O16 - DPF: {1E0DFFCF-27FF-4574-849B-55007349FEDA} https://download.alipay.com/ukey/cert/1007/ie/PTA.cab (iTrusPTA Class)
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} https://download.alipay.com/aliedit/aliedit/2401/aliedit.cab (EditCtrl Class)
O16 - DPF: {75533D3B-C507-4337-BD9A-FC7212DF7927} hxxp://hr.chalco.com.cn/cs_deploy/hrpsetiesecurity.cab (HrpSetIESecurityX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {AE460AD7-D678-43BB-B4DF-394B2D0C4E52} https://unionpaysecure.com/upe/UPEditor.cab (UpSecEditor Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E758BC30-C8C3-4379-B27B-B50E146460A9} hxxp://update.tv.sina.com.cn/live/p2p/install_service_v4.cab.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Xu_Huang_ON_D Winlogon: Shell - (C:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe) - D:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe (cambi taceva)
O20 - HKU\Xu_Huang_ON_D Winlogon: UserInit - (C:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe) - D:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe (cambi taceva)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/04/12 00:27:10 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2012/04/10 10:09:55 | 000,306,688 | ---- | C] (cambi taceva) -- D:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe
[2012/04/10 07:53:17 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{725E0F02-36AA-400C-8535-DA5BBBABAAF5}
[2012/04/10 04:02:51 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\Desktop\Jop Application
[2012/04/10 03:34:27 | 000,000,000 | RHSD | C] -- D:\360SANDBOX
[2012/04/09 09:07:15 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{E39DB016-7C16-4E45-9215-C03B97AEA725}
[2012/04/08 06:30:19 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{FE4978BC-825A-4AE7-AEEA-D9544117F057}
[2012/04/07 09:04:36 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{E1EBAEB8-41FA-41A8-9719-48BDD1B934EF}
[2012/04/06 08:41:52 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{76AC334D-F7BB-4716-BF13-0CBB4708FEFB}
[2012/04/05 06:16:59 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{B550CD61-ABE8-49A0-B380-462FC96759AA}
[2012/04/04 06:57:08 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{DFDE4588-2F68-4281-BE38-418C9B51A263}
[2012/04/03 06:57:50 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{B4941A33-CF8A-4E68-BB1B-2A91C0CB3032}
[2012/04/02 04:45:20 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{19551250-5481-4FE4-ABB6-538925B5750D}
[2012/04/01 13:52:01 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{DA3C5E36-F9A5-4399-B3DF-F0F961132FB0}
[2012/03/31 15:13:55 | 000,000,000 | R--D | C] -- D:\huangxu graduation
[2012/03/31 05:14:08 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{15E7DF21-C395-4E6C-B279-6A26420A50A2}
[2012/03/30 03:18:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Local
[2012/03/30 03:17:54 | 001,490,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WdfCoInstaller01007.dll
[2012/03/30 03:17:54 | 001,490,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2012/03/30 03:17:54 | 000,196,608 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\Windows\System32\drivers\ew_juwwanecm.sys
[2012/03/30 03:17:54 | 000,093,696 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\Windows\System32\drivers\ew_jucdcacm.sys
[2012/03/30 03:17:54 | 000,085,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\Windows\System32\drivers\ew_jubusenum.sys
[2012/03/30 03:17:54 | 000,055,296 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\Windows\System32\drivers\ew_jucdcecm.sys
[2012/03/30 03:17:54 | 000,029,184 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\Windows\System32\drivers\ew_juextctrl.sys
[2012/03/30 03:17:42 | 000,256,000 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\Windows\System32\drivers\ewusbnet.sys
[2012/03/30 03:17:42 | 000,121,600 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\Windows\System32\drivers\ewusbmdm.sys
[2012/03/30 03:17:42 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- D:\Windows\System32\drivers\ewdcsc.sys
[2012/03/30 03:17:42 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\Windows\System32\drivers\ew_usbenumfilter.sys
[2012/03/30 03:17:28 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\Windows\System32\drivers\ew_hwusbdev.sys
[2012/03/30 03:17:16 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unlimited Data Manager
[2012/03/30 03:17:06 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Swisscom
[2012/03/30 03:17:05 | 000,000,000 | ---D | C] -- D:\ProgramData\WtDashboard
[2012/03/30 03:17:05 | 000,000,000 | ---D | C] -- D:\ProgramData\UDM
[2012/03/30 03:17:05 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Sierra Wireless Inc
[2012/03/30 03:14:52 | 000,000,000 | ---D | C] -- D:\ProgramData\UDM_21168
[2012/03/29 05:09:46 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{4CE6C859-8ACE-4A9A-9152-18A27B3A8031}
[2012/03/26 02:17:14 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{170FA8C4-7E29-44E6-9AD0-EC2E8A1C85F3}
[2012/03/26 02:16:58 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{59EDE93D-55BC-4F0C-B05A-B8567EFBFF14}
[2012/03/25 05:56:06 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{8A992498-B122-418B-82C6-FF93AA1FD82D}
[2012/03/25 05:55:55 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{53E285B5-E697-4663-9699-DE94B697CB07}
[2012/03/24 06:31:39 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{BF4825E5-E761-412D-8B51-A4F778A628A2}
[2012/03/24 06:31:28 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{FCFB172C-D6C4-44BE-A643-C980FDB9B577}
[2012/03/23 07:30:41 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{1A2415EF-23EB-4439-9BBC-32548AB09DA1}
[2012/03/23 07:30:30 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{5EB392B3-0A8A-4392-A057-276B0B9FF705}
[2012/03/22 07:20:00 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{BD850B9F-81F3-48CD-8243-789F7DFB9C60}
[2012/03/22 07:19:49 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{2755C2F4-A35D-4470-A36B-9C3F20D9906A}
[2012/03/21 06:41:26 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{5D1CF059-B8A9-4711-8EDE-91E71C2B782A}
[2012/03/21 06:41:15 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{95BD8688-6F99-4209-A952-42CCA9469BBF}
[2012/03/20 16:13:29 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{00766BAF-BBBD-465E-828A-E88A705C2ED9}
[2012/03/20 16:13:18 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{03B8F9A6-A3EA-46B6-B980-B24413450C86}
[2012/03/19 03:56:45 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{AC95D965-2580-43F7-B297-88AAB8CD2735}
[2012/03/19 03:56:35 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{265C671B-6CDD-4E37-A9EF-408758EC1756}
[2012/03/16 06:42:48 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{85D4C0A5-5BEA-41C2-A87B-AA8C0A70B28F}
[2012/03/16 06:42:38 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{4AD1BA4C-D4D5-4CC6-9CBF-4B151CE11C07}
[2012/03/15 17:09:01 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{A1143957-DD85-4276-9605-3D8032AC29E5}
[2012/03/15 17:08:51 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{A9A98BD2-7DF4-4007-9EAE-4F41CD1D7E09}
[2012/03/14 12:10:49 | 005,559,152 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntoskrnl.exe
[2012/03/14 12:10:48 | 003,968,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/14 12:10:48 | 003,913,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntoskrnl.exe
[2012/03/14 07:18:50 | 001,544,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2012/03/14 07:18:50 | 001,077,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
[2012/03/14 07:15:48 | 000,149,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpcorekmts.dll
[2012/03/14 07:15:48 | 000,077,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpwsx.dll
[2012/03/14 07:15:48 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdrmemptylst.exe
[2012/03/14 07:15:47 | 001,031,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpcore.dll
[2012/03/14 07:15:47 | 000,826,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\rdpcore.dll
[2012/03/14 03:37:02 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{7594831A-D6D2-4B7F-AB3C-5B1343C8B4A8}
[2012/03/14 03:36:52 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{03248852-3D13-4EEF-9EA5-EAD688C4A0B6}
[2012/03/13 06:15:27 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{24BEC7F7-355E-49E1-BABE-AD33EBBB972A}
[2012/03/13 06:15:17 | 000,000,000 | ---D | C] -- D:\Users\Xu Huang\AppData\Local\{6482F7E1-539D-4AC3-91A6-4FBCC33F7C85}
[1 D:\Users\Xu Huang\AppData\Roaming\*.tmp files -> D:\Users\Xu Huang\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/04/11 18:40:27 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2012/04/11 18:40:24 | 3155,025,920 | -HS- | M] () -- D:\hiberfil.sys
[2012/04/11 18:35:28 | 000,000,006 | -H-- | M] () -- D:\Windows\tasks\SA.DAT
[2012/04/11 08:35:04 | 000,727,334 | ---- | M] () -- D:\Windows\System32\PerfStringBackup.INI
[2012/04/11 08:35:04 | 000,616,694 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2012/04/11 08:35:04 | 000,106,816 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2012/04/11 06:45:28 | 000,014,144 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/11 06:45:28 | 000,014,144 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/10 10:09:50 | 000,306,688 | ---- | M] (cambi taceva) -- D:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe
[2012/04/10 10:04:06 | 000,000,118 | ---- | M] () -- D:\Windows\hexin.INI
[2012/04/10 07:53:28 | 000,034,726 | ---- | M] () -- D:\Users\Xu Huang\Documents\keyfile_u
[2012/04/10 07:53:26 | 000,000,016 | ---- | M] () -- D:\Users\Xu Huang\Documents\keyfile
[2012/04/10 03:32:35 | 001,143,170 | -H-- | M] () -- D:\Users\Xu Huang\AppData\Local\IconCache.db
[2012/04/04 16:51:27 | 000,051,270 | ---- | M] () -- D:\Users\Xu Huang\AppData\Roaming\room_v3.dat
[2012/04/04 04:38:21 | 000,163,733 | ---- | M] () -- D:\Users\Xu Huang\Desktop\602.101_d_ED.pdf
[2012/04/04 04:29:15 | 000,028,617 | ---- | M] () -- D:\Users\Xu Huang\Desktop\Airticket_ZRH_PVG.pdf
[2012/04/02 08:15:41 | 000,000,917 | ---- | M] () -- D:\Users\Xu Huang\AppData\Roaming\coreavc.ini
[2012/03/31 16:51:20 | 000,123,832 | ---- | M] () -- D:\Users\Xu Huang\AppData\Local\GDIPFONTCACHEV1.DAT
[2012/03/31 04:56:41 | 000,015,257 | ---- | M] () -- D:\Users\Xu Huang\Desktop\Interrail Tickets Confirmation.pdf
[2012/03/31 04:44:00 | 000,068,717 | ---- | M] () -- D:\Users\Xu Huang\Desktop\confirmation_Kreuzfahrt.pdf
[2012/03/30 03:17:57 | 000,000,000 | -H-- | M] () -- D:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2012/03/30 03:17:16 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unlimited Data Manager
[2012/03/22 07:13:51 | 485,866,299 | ---- | M] () -- D:\Windows\MEMORY.DMP
[2012/03/15 12:48:02 | 000,224,823 | ---- | M] () -- D:\test.xml
[2012/03/15 02:38:44 | 000,480,224 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[1 D:\Users\Xu Huang\AppData\Roaming\*.tmp files -> D:\Users\Xu Huang\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/04/04 04:29:15 | 000,028,617 | ---- | C] () -- D:\Users\Xu Huang\Desktop\Airticket_ZRH_PVG.pdf
[2012/04/03 07:37:31 | 000,163,733 | ---- | C] () -- D:\Users\Xu Huang\Desktop\602.101_d_ED.pdf
[2012/03/31 04:56:41 | 000,015,257 | ---- | C] () -- D:\Users\Xu Huang\Desktop\Interrail Tickets Confirmation.pdf
[2012/03/31 04:44:00 | 000,068,717 | ---- | C] () -- D:\Users\Xu Huang\Desktop\confirmation_Kreuzfahrt.pdf
[2012/03/30 03:17:57 | 000,000,000 | -H-- | C] () -- D:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2012/03/22 07:13:51 | 485,866,299 | ---- | C] () -- D:\Windows\MEMORY.DMP
[2012/03/01 10:42:06 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat
[2012/02/14 09:56:22 | 000,000,118 | ---- | C] () -- D:\Windows\hexin.INI
[2011/12/22 20:38:18 | 001,143,170 | -H-- | C] () -- D:\Users\Xu Huang\AppData\Local\IconCache.db
[2011/11/19 16:07:56 | 000,000,891 | ---- | C] () -- D:\Windows\SysWow64\bdsecushr.dat
[2011/11/19 16:01:21 | 000,000,138 | ---- | C] () -- D:\Windows\vsfilter.INI
[2011/11/16 08:53:14 | 000,291,176 | ---- | C] () -- D:\Windows\SysWow64\kindling.dll
[2011/08/09 08:35:51 | 000,052,550 | ---- | C] () -- D:\Windows\SysWow64\uninst.exe
[2011/08/07 10:37:58 | 000,000,051 | ---- | C] () -- D:\Program Files (x86)\10jqkaweb.url
[2011/08/05 13:34:23 | 000,018,760 | ---- | C] () -- D:\Windows\SysWow64\QQVistaHelper.dll
[2011/08/05 03:13:04 | 000,077,824 | ---- | C] () -- D:\Windows\System_ejectcd.exe
[2011/08/05 03:13:04 | 000,036,864 | ---- | C] () -- D:\Windows\CardejectRun.exe
[2011/07/18 10:29:32 | 000,000,917 | ---- | C] () -- D:\Users\Xu Huang\AppData\Roaming\coreavc.ini
[2011/07/08 09:27:03 | 000,000,733 | ---- | C] () -- D:\Windows\hpntwksetup.ini
[2011/06/19 04:57:31 | 000,252,928 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2011/06/18 03:34:47 | 000,077,824 | ---- | C] () -- D:\Windows\KMService.exe
[2011/06/18 03:34:47 | 000,008,192 | ---- | C] () -- D:\Windows\SysWow64\srvany.exe
[2011/06/18 02:44:21 | 000,000,020 | ---- | C] () -- D:\Windows\SysWow64\pub_store.dat
[2011/06/17 13:11:17 | 000,000,256 | ---- | C] () -- D:\Users\Xu Huang\AppData\Roaming\01F0BF97591793
[2011/06/16 14:36:58 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat
[2011/06/14 15:45:18 | 000,735,646 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/14 11:55:07 | 000,123,832 | ---- | C] () -- D:\Users\Xu Huang\AppData\Local\GDIPFONTCACHEV1.DAT
[2011/06/13 16:21:09 | 000,051,270 | ---- | C] () -- D:\Users\Xu Huang\AppData\Roaming\room_v3.dat
[2011/05/13 02:56:30 | 000,000,000 | ---- | C] () -- D:\Windows\ativpsrm.bin
[2011/05/13 02:46:50 | 000,002,975 | ---- | C] () -- D:\Windows\SysWow64\atipblup.dat
[2011/01/14 04:20:50 | 000,960,940 | ---- | C] () -- D:\Windows\SysWow64\igkrng600.bin
[2011/01/14 04:20:50 | 000,206,952 | ---- | C] () -- D:\Windows\SysWow64\igfcg600m.bin
[2011/01/14 04:20:50 | 000,145,804 | ---- | C] () -- D:\Windows\SysWow64\igcompkrng600.bin
[2011/01/14 04:20:50 | 000,002,975 | ---- | C] () -- D:\Windows\SysWow64\atipblag.dat
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/14 01:32:39 | 000,043,318 | ---- | C] () -- D:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2009/07/14 01:32:39 | 000,029,779 | ---- | C] () -- D:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 01:32:39 | 000,026,489 | ---- | C] () -- D:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 01:32:39 | 000,026,040 | ---- | C] () -- D:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:35:42 | 000,001,405 | ---- | C] () -- D:\Windows\msdfmap.ini
[2009/07/13 22:34:57 | 000,000,478 | ---- | C] () -- D:\Windows\win.ini
[2009/07/13 22:34:57 | 000,000,219 | ---- | C] () -- D:\Windows\system.ini
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:59:36 | 000,982,196 | ---- | C] () -- D:\Windows\SysWow64\igkrng500.bin
[2009/07/13 17:59:36 | 000,139,824 | ---- | C] () -- D:\Windows\SysWow64\igfcg500.bin
[2009/07/13 17:59:36 | 000,097,448 | ---- | C] () -- D:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 17:59:35 | 000,417,344 | ---- | C] () -- D:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat
[2009/02/04 05:50:32 | 000,024,576 | ---- | C] () -- D:\Windows\SysWow64\nsis_loader.dll
 
========== LOP Check ==========
 
[2011/08/08 19:49:56 | 000,000,000 | ---D | M] -- D:\ProgramData\360safe
[2012/01/30 15:03:15 | 000,000,000 | ---D | M] -- D:\ProgramData\360SD
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2011/11/19 15:57:39 | 000,000,000 | ---D | M] -- D:\ProgramData\Baidu
[2011/06/14 11:54:21 | 000,000,000 | ---D | M] -- D:\ProgramData\BOINC
[2011/08/13 10:22:24 | 000,000,000 | ---D | M] -- D:\ProgramData\CCTV
[2011/05/13 02:38:22 | 000,000,000 | ---D | M] -- D:\ProgramData\DDNi
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2011/05/13 03:11:50 | 000,000,000 | ---D | M] -- D:\ProgramData\eSellerate
[2011/05/13 03:25:24 | 000,000,000 | ---D | M] -- D:\ProgramData\Evernote
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2011/06/22 05:40:07 | 000,000,000 | ---D | M] -- D:\ProgramData\Fetion
[2011/10/23 10:10:38 | 000,000,000 | ---D | M] -- D:\ProgramData\Jlcm
[2012/03/30 03:18:41 | 000,000,000 | ---D | M] -- D:\ProgramData\Local
[2011/09/13 16:14:47 | 000,000,000 | ---D | M] -- D:\ProgramData\mquadr.at
[2011/07/17 11:55:36 | 000,000,000 | ---D | M] -- D:\ProgramData\Persist
[2011/06/14 15:44:02 | 000,000,000 | ---D | M] -- D:\ProgramData\PPLive
[2012/04/10 07:49:32 | 000,000,000 | ---D | M] -- D:\ProgramData\QvodPlayer
[2011/05/13 02:52:49 | 000,000,000 | ---D | M] -- D:\ProgramData\Roaming
[2011/05/13 03:12:39 | 000,000,000 | ---D | M] -- D:\ProgramData\SmartSound Software Inc
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2012/04/01 10:02:51 | 000,000,000 | ---D | M] -- D:\ProgramData\Storm
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2011/08/05 13:44:18 | 000,000,000 | ---D | M] -- D:\ProgramData\Tencent
[2011/06/18 02:43:45 | 000,000,000 | ---D | M] -- D:\ProgramData\Thunder Network
[2012/04/11 09:29:50 | 000,000,000 | ---D | M] -- D:\ProgramData\UDM
[2012/03/30 03:14:52 | 000,000,000 | ---D | M] -- D:\ProgramData\UDM_21168
[2011/06/15 15:46:27 | 000,000,000 | ---D | M] -- D:\ProgramData\VirtualizedApplications
[2012/04/01 10:07:24 | 000,000,000 | ---D | M] -- D:\ProgramData\WtDashboard
[2011/06/18 02:45:05 | 000,000,000 | ---D | M] -- D:\ProgramData\Xunlei
[2011/05/13 02:38:23 | 000,000,000 | -H-D | M] -- D:\ProgramData\{2BD4D073-FF7E-46C6-B916-02F1AF376300}
[2011/08/28 14:19:21 | 000,000,000 | ---D | M] -- D:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/04/11 11:32:42 | 000,032,566 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2012/04/11 18:35:30 | 000,000,292 | ---- | M] ()(D:\Windows\tasks\360????????????.job) -- D:\Windows\tasks\360开机加速延迟启动任务计划.job
[2012/04/10 04:23:32 | 000,000,000 | ---D | M](D:\Users\Xu Huang\Desktop\????????) -- D:\Users\Xu Huang\Desktop\证券从业资格考试
[2012/04/10 04:03:33 | 000,000,000 | ---D | M](D:\????????) -- D:\黄旭证书和成绩单
[2012/03/28 13:20:39 | 000,000,000 | ---D | M](D:\Users\Xu Huang\Documents\Outlook ??) -- D:\Users\Xu Huang\Documents\Outlook 文件
[2012/03/25 06:51:03 | 000,000,000 | ---D | C](D:\Users\Xu Huang\Desktop\????????) -- D:\Users\Xu Huang\Desktop\证券从业资格考试
[2012/03/08 03:12:16 | 000,001,907 | ---- | M] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\??.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\快播.lnk
[2012/02/06 05:29:24 | 000,001,122 | ---- | M] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\??2012.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\飞信2012.lnk
[2012/02/06 05:29:24 | 000,001,122 | ---- | C] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\??2012.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\飞信2012.lnk
[2011/12/27 07:15:53 | 000,001,907 | ---- | C] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\??.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\快播.lnk
[2011/12/07 06:27:56 | 000,001,209 | ---- | M] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\360????.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\360软件管家.lnk
[2011/12/07 06:27:56 | 000,001,065 | ---- | M] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\360????.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\360安全卫士.lnk
[2011/09/10 05:30:18 | 000,000,000 | ---D | C](D:\Users\Xu Huang\Documents\Outlook ??) -- D:\Users\Xu Huang\Documents\Outlook 文件
[2011/08/25 04:24:55 | 000,001,209 | ---- | C] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\360????.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\360软件管家.lnk
[2011/08/25 04:24:55 | 000,001,065 | ---- | C] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\360????.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\360安全卫士.lnk
[2011/08/08 03:39:28 | 000,000,000 | ---D | M](D:\Program Files (x86)\VS??????) -- D:\Program Files (x86)\VS竞技游戏平台
[2011/08/08 03:39:28 | 000,000,000 | ---D | M](D:\Program Files (x86)\VS??????) -- D:\Program Files (x86)\VS竞技游戏平台
[2011/08/08 03:39:26 | 000,001,001 | ---- | M] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VS??????.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VS竞技游戏平台.lnk
[2011/08/08 03:39:26 | 000,001,001 | ---- | C] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VS??????.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VS竞技游戏平台.lnk
[2011/08/08 03:39:25 | 000,000,977 | ---- | M] ()(D:\Users\boinc_master\Desktop\VS??????.lnk) -- D:\Users\boinc_master\Desktop\VS竞技游戏平台.lnk
[2011/08/08 03:39:25 | 000,000,977 | ---- | C] ()(D:\Users\boinc_master\Desktop\VS??????.lnk) -- D:\Users\boinc_master\Desktop\VS竞技游戏平台.lnk
[2011/08/07 11:07:32 | 000,001,072 | ---- | M] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\??????.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\浩方电竞平台.lnk
[2011/08/07 11:07:32 | 000,001,072 | ---- | C] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\??????.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\浩方电竞平台.lnk
[2011/08/07 10:37:58 | 000,001,945 | ---- | M] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\???.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\同花顺.lnk
[2011/08/07 10:37:58 | 000,001,945 | ---- | C] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\???.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\同花顺.lnk
[2011/08/07 10:37:55 | 000,001,921 | ---- | M] ()(D:\Users\Xu Huang\Desktop\???.lnk) -- D:\Users\Xu Huang\Desktop\同花顺.lnk
[2011/08/07 10:37:55 | 000,001,921 | ---- | C] ()(D:\Users\Xu Huang\Desktop\???.lnk) -- D:\Users\Xu Huang\Desktop\同花顺.lnk
[2011/08/07 10:37:43 | 000,000,000 | ---D | M](D:\Program Files (x86)\?????) -- D:\Program Files (x86)\同花顺软件
[2011/08/07 10:37:43 | 000,000,000 | ---D | M](D:\Program Files (x86)\?????) -- D:\Program Files (x86)\同花顺软件
[2011/08/05 13:34:55 | 000,002,197 | ---- | M] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\??QQ.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\腾讯QQ.lnk
[2011/08/05 13:34:55 | 000,002,197 | ---- | C] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\??QQ.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\腾讯QQ.lnk
[2011/07/17 11:54:13 | 000,000,989 | ---- | M] ()(D:\Users\boinc_master\Desktop\????.lnk) -- D:\Users\boinc_master\Desktop\暴风影音.lnk
[2011/07/17 11:54:13 | 000,000,989 | ---- | C] ()(D:\Users\boinc_master\Desktop\????.lnk) -- D:\Users\boinc_master\Desktop\暴风影音.lnk
[2011/07/17 11:54:13 | 000,000,963 | ---- | M] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\????.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\暴风影音.lnk
[2011/07/17 11:54:13 | 000,000,963 | ---- | C] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\????.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\暴风影音.lnk
[2011/06/17 13:09:28 | 000,001,053 | ---- | M] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\360??.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\360压缩.lnk
[2011/06/17 13:09:28 | 000,001,053 | ---- | C] ()(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\360??.lnk) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\360压缩.lnk
[2011/06/17 13:09:26 | 000,001,029 | ---- | M] ()(D:\Users\boinc_master\Desktop\360??.lnk) -- D:\Users\boinc_master\Desktop\360压缩.lnk
[2011/06/17 13:09:26 | 000,001,029 | ---- | C] ()(D:\Users\boinc_master\Desktop\360??.lnk) -- D:\Users\boinc_master\Desktop\360压缩.lnk
[2011/06/15 13:28:03 | 000,000,292 | ---- | C] ()(D:\Windows\tasks\360????????????.job) -- D:\Windows\tasks\360开机加速延迟启动任务计划.job
[2011/06/13 15:28:10 | 000,000,000 | -H-D | M](D:\?????) -- D:\萝萝文件夹
[2011/06/13 15:26:00 | 000,000,000 | ---D | M](D:\????) -- D:\照片集合
[2011/06/13 15:08:35 | 000,000,000 | ---D | M](D:\???) -- D:\法国游
[2011/06/13 15:03:23 | 000,000,000 | ---D | M](D:\??) -- D:\学习
[2009/10/25 18:38:11 | 000,000,000 | ---D | C](D:\???) -- D:\法国游
[2009/08/23 00:53:31 | 000,000,000 | ---D | C](D:\????) -- D:\照片集合
[2009/03/31 21:19:21 | 000,000,000 | ---D | C](D:\????????) -- D:\黄旭证书和成绩单
[2009/02/06 08:42:36 | 000,000,000 | -H-D | C](D:\?????) -- D:\萝萝文件夹
[2009/02/06 08:33:55 | 000,000,000 | ---D | C](D:\??) -- D:\学习
(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VS??????) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VS竞技游戏平台
(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360????) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360安全中心
(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360??) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360压缩
(D:\Users\Xu Huang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????) -- D:\Users\Xu Huang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win7???????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win7防游戏花屏补丁
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\VS??????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\VS竞技游戏平台
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\360????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\360??) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\360压缩
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\11????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\11对战平台
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\????????????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\中国银河证券股份有限公司
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\?????????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\中国电信无线客户端
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\????????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\申银万国网上交易
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\???????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\同花顺独立委托
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\??????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\浩方电竞平台
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\??????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\中国移动飞信
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\迅雷软件
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\百度影音
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\暴风影音
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\快播软件
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\????) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\德邦证券
(D:\ProgramData\Microsoft\Windows\Start Menu\Programs\???) -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\同花顺
(D:\Program Files (x86)\VS??????) -- D:\Program Files (x86)\VS竞技游戏平台
(D:\Program Files (x86)\?????) -- D:\Program Files (x86)\同花顺软件
< End of report >

Alt 12.04.2012, 11:37   #2
markusg
/// Malware-holic
 
Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt - Standard

Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt


auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:
Code:
ATTFilter
:OTL
O4 - HKU\Xu_Huang_ON_D..\Run: [lmfvMDBr3jNvGGM] D:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe (cambi taceva)
O7 - HKU\Xu_Huang_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Xu_Huang_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Xu_Huang_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O20 - HKU\Xu_Huang_ON_D Winlogon: Shell - (C:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe) - D:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe (cambi
taceva)
O20 - HKU\Xu_Huang_ON_D Winlogon: UserInit - (C:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe) - D:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe (cambi
taceva)
:Files
D:\Users\Xu Huang\AppData\Roaming\bstr55uhjzd.exe
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]


dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.



falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!



Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus
__________________

__________________
Alt 12.04.2012, 17:02   #3
reyespeugeot
 
Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt - Standard

Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt


Danke. Ich habe es versucht. Aber ich habe Problem beim Hochladen von diesem Code. Ich möchte Button Fix klicken. Aber es geht nicht. Anstatt gibt es eine Warnung: Access violation at address 7CA0C936 in module shell32.dll. Read of address 00000006.

Was soll ich tun jetzt?

Danke dir noch einmal.
__________________
Alt 12.04.2012, 17:51   #4
markusg
/// Malware-holic
 
Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt - Standard

Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt


da steht ja, wenn es nicht klappt, fix manuell eintragen, also per hand
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt
adobe, autorun, bho, bildschirm, bonjour, computer, computern, defender, disabletaskmgr, download, error, explorer, fehler, file, firefox, format, home, igdpmd64.sys, launch, log file, logfile, paysafecard, plug-in, problem, realtek, registry, scan, sierra, software, starten, suche, tencent, version=1.0, weißer bildschirm warte verbindung hergestellt, wörter, zahlung


« S.M.A.R.T. HDD Virus eingefangen | SSL Fehler (Google Startseite)? »


Ähnliche Themen: Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt


  1. weißer Bildschirm Verbindung wird hergestellt bitte warten ...
    Log-Analyse und Auswertung - 18.06.2012 (13)
  2. Weißer Bildschirm - Verbindung wird hergestellt
    Log-Analyse und Auswertung - 03.06.2012 (6)
  3. Weißer Bildschirm warten Verbindung wird hergestellt
    Plagegeister aller Art und deren Bekämpfung - 30.05.2012 (1)
  4. Trojaner: weißer Bildschirm, Bitte warten sie wärend die Verbindung hergestellt wird.
    Plagegeister aller Art und deren Bekämpfung - 25.05.2012 (1)
  5. weißer bildschirm warte verbindung hergestellt
    Log-Analyse und Auswertung - 13.05.2012 (47)
  6. Weißer Bildschirm - Warten Sie während die Verbindung hergestellt wird.
    Log-Analyse und Auswertung - 13.05.2012 (3)
  7. Weißer Bildschirm -Warte Sie Verbindung wird hergestellt
    Log-Analyse und Auswertung - 12.05.2012 (13)
  8. Weißer Bildschirm - Verbindung wird hergestellt...
    Log-Analyse und Auswertung - 06.04.2012 (7)
  9. Weißer Bildschirm - Verbindung wird hergestellt
    Plagegeister aller Art und deren Bekämpfung - 03.04.2012 (1)
  10. Weißer Bildschirm warten Sie während die Verbindung hergestellt wird
    Alles rund um Windows - 01.04.2012 (3)
  11. Weißer Bildschirm, Verbindung wird hergestellt.
    Log-Analyse und Auswertung - 29.03.2012 (3)
  12. Weißer Bildschirm warten Sie während die Verbindung hergestellt wird
    Plagegeister aller Art und deren Bekämpfung - 29.03.2012 (21)
  13. Weißer Bildschirm warten Verbindung wird hergestellt
    Plagegeister aller Art und deren Bekämpfung - 20.03.2012 (14)
  14. Weißer Bildschirm - Bitte warten Sie während die Verbindung hergestellt wird
    Log-Analyse und Auswertung - 20.03.2012 (6)
  15. Weißer bildschirm - Bitte warten, während die Verbindung hergestellt wird
    Plagegeister aller Art und deren Bekämpfung - 05.03.2012 (14)
  16. Weißer Bildschirm: Bitte Warten sie während die Verbindung mit dem Internet hergestellt wird
    Log-Analyse und Auswertung - 22.02.2012 (6)
  17. Weißer Bildschirm: Bitte Warten sie während die Verbindung mit dem Interent hergestellt wird
    Plagegeister aller Art und deren Bekämpfung - 21.02.2012 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt - Hallo zusammen! Habe seit gestern das Problem wie einige hier. Wenn ich meinen Rechner hochfahren will, erscheint ein weißer Bildschirm "Warten Sie während die Verbindung hergestellt wird". Dann werden Logo - Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt...
Archiv
Du betrachtest: Weißer Bildschirm (SUISA) -Warte Sie Verbindung wird hergestellt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58