Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Blackscreen + "Lags" Was tun

Blackscreen + "Lags" Was tun


Plagegeister aller Art und deren Bekämpfung: Blackscreen + "Lags" Was tun

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 22.12.2011, 00:33   #1
Tencendur
 
Blackscreen + "Lags" Was tun - Standard

Blackscreen + "Lags" Was tun


Blackscreen & "Lags"

Guten Abend,
da ich mein Problem nicht definitiv einer "Problemzone" zuordnen kann, hoffe ich ihr könnt mir trotzdessen helfen.

Das Problem begann vor mittlerweile 1 1/2 Wochen in Form eines "Standbildes" + BIOS-Sound( dieses Biepen, durchgehend).
Nach dem Neustart des Rechners, wurde durch den Monitor eine "Kein Signal" Meldung angezeigt.
Nachdem Austauschen des Monitors wurde zumindest das Bild erst mal wieder dargestellt.
Allerdings eröffnete sich mir da schon das nächste Problem: Das Bild wurde extrem fehlerhaft dargestellt. Zudem konnte ich die Bildtiefe auf nicht mehr als 4Bit einstellen. Die Graka wurde nicht erkannt, DirectX angeblich nicht vorhanden. Ansonsten funktionierte das System reibungslos.
Daraufhin reinigte ich den Rechner und tauschte die Grafikkarte aus. Wie erhofft wurde das Bild fehlerfrei angezeigt, die Graka erkannt und DirectX wieder vorhanden.

Jetzt zum aktuellen Problem:
Wird der Rechner gestartet wechselt der Monitor nachdem Booten in ein "Blackscreen" bei dem die Maus gesteuert werden kann.
Das dauert ca. 10 sec. an danach geht der Startvorgang normal von statten. Doch schon bei der Darstellung des Windowslogos "hängt" der Desktop kurze Zeit.
Bin ich dan angemeldet wird jede Aktion von Verzögerungen begleitet. Aus Mangel an Worten bezeichne ich das jetz mal als "Lag".
Der Dektop ist eingefroren und ich kann nichts machen. Ab udn an wird das auch von dem BIOS Sound begleitet(durchgehendes Biepen) "Lags" dauern 2-20sec. Filme/Programmstarts/Texteingabe etc. ist schwer bis gar nicht möglich auf Grund dieser Verzögerungen. Hoffe die Anamnese hilft erst mal weiter...

Systeminformationen:
Windows Vista Home Premium 32bit / SP2
Motherboard ID 07/17/2007-SiS-671-2A7IGG01C-00
Motherboard Hersteller PACKARD BELL BV GA-T671MG
CPU Name: Intel Core 2 Duo CPU E4500 2.20GHz
Grafikkarte: GeForce GT 520
Treiber:nvd3dum (8.17.12.7533),nvwgf2um,nvwgf2um
2 GB Arbeitsspeicher

Ähm ja falls ihr noch weitere Infos braucht sagts einfach, ich versuch mein Bestes.

Ich habe im I-Net schon mal einige Infos zusammengetragen und daraufhin das hier geladen/ausgeführt:
Ad-Aware, Avira, SpyBot, Malwarebytes' Anti-Malware. CPU Stable Test, Wise Registry Cleaner, Memtest(Noch nicht durchgeführt), HiJackThis, RSIT, Defogger, OTL.
Logs pinn ich ma gleich mit dran.

Hoffe auf rasche Antwort.

Mr.Tencendur

Mh...kurioser weise kann ich keine Dateianhänge mitsenden da ich nicht eingeloggt bin -.- ...Egal wie oft ich mich einlogge es wid immer nur wieder neu das Einloggfenster geladen..ichversuchs weiterhin.

Gerade noch gesehen das ich die OTL.txt datei direkt hier rein posten soll.OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 21.12.2011 22:45:41 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\***\Desktop\SystemControl
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 62,10% Memory free
4,23 Gb Paging File | 3,39 Gb Available in Paging File | 80,17% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,09 Gb Total Space | 18,24 Gb Free Space | 6,29% Space Free | Partition Type: NTFS
Drive G: | 20,49 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.21 22:33:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\SystemControl\OTL.exe
PRC - [2011.12.15 20:06:44 | 000,127,040 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.7\ICQ.exe
PRC - [2011.07.15 11:19:17 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.05.25 08:25:02 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.05.25 08:24:56 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.05.25 08:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.05.04 14:40:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.11 08:57:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.09.23 12:08:48 | 000,604,416 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
PRC - [2010.05.08 12:48:36 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010.05.08 12:48:26 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.10.02 22:32:51 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2009.04.11 07:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007.05.10 16:10:00 | 004,468,736 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.03.29 14:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.02.27 15:39:29 | 000,019,968 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.10.28 19:35:26 | 002,152,152 | ---- | M] (Lavasoft Limited) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011.07.15 11:19:17 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.25 08:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.05.04 14:40:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.09.23 12:08:48 | 000,604,416 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010.09.23 12:08:45 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.09.22 21:30:44 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.05.08 12:48:36 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2009.04.27 13:21:36 | 000,028,928 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.10.28 19:35:26 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011.07.15 11:19:20 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.15 11:19:20 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.05.25 08:24:42 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.09.22 20:35:47 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.07.05 13:17:50 | 000,015,172 | ---- | M] (Prassi Technology) [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\PzWDM.sys -- (PzWDM)
DRV - [2010.04.09 15:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.03.25 10:08:38 | 000,105,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.03.20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010.03.20 10:28:12 | 000,116,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.06.22 18:17:20 | 000,103,680 | ---- | M] (C-motech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cm_ser.sys -- (cm_ser)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2007.01.23 10:01:00 | 000,050,176 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-974869382-2840092170-1439893959-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\S-1-5-21-974869382-2840092170-1439893959-1002\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-974869382-2840092170-1439893959-1002\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-974869382-2840092170-1439893959-1002\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-974869382-2840092170-1439893959-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
 
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
 
 
[2010.08.10 13:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.12.17 04:17:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\d066qnlp.default\extensions
[2008.04.23 18:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\d066qnlp.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.12.15 20:11:15 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\d066qnlp.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.12.17 04:17:32 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\d066qnlp.default\extensions\plugin@yontoo.com
[2008.04.23 18:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\d066qnlp.default\extensions\TEMP
[2011.11.12 00:52:02 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\d066qnlp.default\extensions\welcome@toolmin.com
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\d066qnlp.default\searchplugins\icqplugin.xml
[2008.04.25 23:01:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008.04.23 05:15:39 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\PACKARDBELL@PARTNERS.MOZILLA.COM
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\TALKBACK@MOZILLA.ORG
[2006.11.09 14:20:40 | 002,111,096 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
 
O1 HOSTS File: ([2011.05.21 19:11:47 | 000,419,912 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 14490 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No CLSID value found.
O3 - HKU\S-1-5-21-974869382-2840092170-1439893959-1002\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-974869382-2840092170-1439893959-1002..\Run: [ICQ] C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-974869382-2840092170-1439893959-1002..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-974869382-2840092170-1439893959-1002..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-974869382-2840092170-1439893959-1005..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O7 - HKU\S-1-5-21-974869382-2840092170-1439893959-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-974869382-2840092170-1439893959-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0E86F415-C3A2-455A-A5CC-DF4AC4F6B014}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59E6236C-16CB-4123-BF94-C8B796D681CC}: DhcpNameServer = 193.189.244.225 193.189.244.206
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\***\Desktop\All in one\Bilddaz,Picz\PICT0001.JPG
O24 - Desktop BackupWallPaper: C:\Users\***\Desktop\All in one\Bilddaz,Picz\PICT0001.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.10.17 13:11:37 | 000,000,000 | ---D | M] - C:\Autorun -- [ NTFS ]
O32 - AutoRun File - [2010.05.08 20:48:36 | 000,126,976 | R--- | M] () - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.03.10 01:34:52 | 000,000,047 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0c0bffb0-6023-11de-aa2e-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{0c0bffb0-6023-11de-aa2e-001a4ddcbf24}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{13768b13-2968-11e0-94d8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13768b13-2968-11e0-94d8-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{13768b7a-2968-11e0-94d8-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{13768b7a-2968-11e0-94d8-001a4ddcbf24}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{14754a21-2a75-11e1-bc50-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{14754a21-2a75-11e1-bc50-001a4ddcbf24}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2010.05.08 20:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{2012c120-c682-11df-a6d4-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{2012c120-c682-11df-a6d4-001a4ddcbf24}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2010.05.08 20:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{20166a92-dd3c-11df-ad74-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{20166a92-dd3c-11df-ad74-001a4ddcbf24}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{20166aab-dd3c-11df-ad74-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{20166aab-dd3c-11df-ad74-001a4ddcbf24}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{25a4f93e-2969-11e0-bba8-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{25a4f93e-2969-11e0-bba8-001a4ddcbf24}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{25a4f969-2969-11e0-bba8-001e101fb681}\Shell - "" = AutoRun
O33 - MountPoints2\{25a4f969-2969-11e0-bba8-001e101fb681}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{25f5a8f6-9432-11df-ad51-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{25f5a8f6-9432-11df-ad51-001a4ddcbf24}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{293597f3-5463-11e0-91c3-001e101fe5e1}\Shell - "" = AutoRun
O33 - MountPoints2\{293597f3-5463-11e0-91c3-001e101fe5e1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4a9b08dd-2971-11e0-bc76-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{4a9b08dd-2971-11e0-bc76-001a4ddcbf24}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{59caa7f0-3129-11e0-8609-001e101f9743}\Shell - "" = AutoRun
O33 - MountPoints2\{59caa7f0-3129-11e0-8609-001e101f9743}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{60424ec3-5f4d-11de-933b-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{60424ec3-5f4d-11de-933b-001a4ddcbf24}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{60424f0d-5f4d-11de-933b-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{60424f0d-5f4d-11de-933b-001a4ddcbf24}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{64ba5e91-6f12-11e0-81a6-001e101f0f46}\Shell - "" = AutoRun
O33 - MountPoints2\{64ba5e91-6f12-11e0-81a6-001e101f0f46}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6ee3536d-4b7e-11dd-b3df-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{6ee3536d-4b7e-11dd-b3df-001a4ddcbf24}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O33 - MountPoints2\{71cf97f3-e055-11df-ae7e-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{71cf97f3-e055-11df-ae7e-001a4ddcbf24}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{71cf9836-e055-11df-ae7e-001e101f8aaa}\Shell - "" = AutoRun
O33 - MountPoints2\{71cf9836-e055-11df-ae7e-001e101f8aaa}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7ba3d2df-0d13-11e0-8370-001e101f859f}\Shell - "" = AutoRun
O33 - MountPoints2\{7ba3d2df-0d13-11e0-8370-001e101f859f}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{82023bc2-10ee-11dd-96c6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{82023bc2-10ee-11dd-96c6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autoplay.exe
O33 - MountPoints2\{94ba9646-10f3-11dd-b740-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{94ba9646-10f3-11dd-b740-001a4ddcbf24}\Shell\AutoRun\command - "" = J:\StartVMCLite.exe
O33 - MountPoints2\{94ba964d-10f3-11dd-b740-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{94ba964d-10f3-11dd-b740-001a4ddcbf24}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O33 - MountPoints2\{9f659e65-3217-11e0-a044-001e101f82a7}\Shell - "" = AutoRun
O33 - MountPoints2\{9f659e65-3217-11e0-a044-001e101f82a7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bea039e2-f50c-11df-8cbe-001e101f82a0}\Shell - "" = AutoRun
O33 - MountPoints2\{bea039e2-f50c-11df-8cbe-001e101f82a0}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c8ec4f0c-4df2-11dd-b643-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{c8ec4f0c-4df2-11dd-b643-001a4ddcbf24}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O33 - MountPoints2\{cc5b4193-6e53-11e0-8e8b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cc5b4193-6e53-11e0-8e8b-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ccb0ae2d-2a7b-11e1-8c51-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{ccb0ae2d-2a7b-11e1-8c51-001a4ddcbf24}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2010.05.08 20:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{de6263c2-1f5b-11e1-86af-001a4ddcbf24}\Shell - "" = AutoRun
O33 - MountPoints2\{de6263c2-1f5b-11e1-86af-001a4ddcbf24}\Shell\AutoRun\command - "" = Iomega Encryption Utility.exe
O33 - MountPoints2\{f814b44e-606b-11e0-bc16-001e101f50a4}\Shell - "" = AutoRun
O33 - MountPoints2\{f814b44e-606b-11e0-bc16-001e101f50a4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Installer.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.19 21:00:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Macrovision
[2011.12.19 20:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
[2011.12.19 20:15:03 | 000,069,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2011.12.19 20:15:03 | 000,063,616 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2011.12.19 20:15:03 | 000,046,336 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2011.12.19 20:15:03 | 000,025,088 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2011.12.19 20:14:56 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2011.12.19 20:14:56 | 000,116,736 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2011.12.19 20:14:56 | 000,105,984 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2011.12.19 20:14:56 | 000,023,424 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2011.12.19 20:14:56 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2011.12.19 20:14:48 | 000,101,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2011.12.18 03:17:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\vlc
[2011.12.17 17:22:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Wise Registry Cleaner
[2011.12.17 17:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2011.12.17 17:10:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\PackageAware
[2011.12.17 06:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.12.17 06:33:40 | 000,000,000 | ---D | C] -- C:\rsit
[2011.12.17 04:20:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011.12.17 04:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.12.17 04:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.17 04:18:54 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.12.17 04:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers Runtime
[2011.12.17 04:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2011.12.17 04:14:00 | 009,852,544 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\***\Desktop\mbam-setup-1.51.2.1300.exe
[2011.12.17 02:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2011.12.17 00:04:12 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\SystemControl
[2011.12.16 21:05:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Macromedia
[2011.12.16 05:04:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2011.12.16 02:51:43 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.12.16 02:51:25 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2011.12.16 02:51:25 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2011.12.16 02:51:13 | 003,693,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2011.12.16 02:51:13 | 002,557,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2011.12.16 02:51:13 | 000,111,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2011.12.16 02:51:09 | 000,543,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyupdatusapiu.dll
[2011.12.16 02:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.12.16 02:44:32 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011.12.16 02:44:31 | 016,456,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2011.12.16 02:44:31 | 010,589,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2011.12.16 02:44:31 | 006,555,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2011.12.16 02:44:31 | 000,899,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220150.dll
[2011.12.16 02:44:31 | 000,865,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322090.dll
[2011.12.16 02:44:30 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2011.12.16 02:44:30 | 011,992,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2011.12.16 02:44:30 | 005,301,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2011.12.16 02:44:30 | 002,804,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2011.12.16 02:44:30 | 002,082,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2011.12.16 02:44:29 | 002,335,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2011.12.16 02:44:29 | 000,012,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2011.12.16 01:52:28 | 000,000,000 | ---D | C] -- C:\MFT 3777
[2011.12.15 20:40:40 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.12.15 20:11:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.7
[2011.12.15 20:05:50 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.7
[2011.12.15 06:18:15 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011.12.15 05:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2011.12.15 05:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011.12.15 05:54:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011.12.14 19:17:02 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.12.14 17:56:51 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.12.14 17:56:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.12.14 17:56:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.12.14 17:56:48 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.12.14 17:56:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.12.14 17:56:41 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.12.14 17:49:44 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.12.14 17:49:42 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.12.14 17:49:39 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.12.14 17:49:39 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.12.14 17:49:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.12.14 17:49:18 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011.12.14 17:08:44 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2011.12.14 17:08:44 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2011.12.14 17:08:44 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2011.12.14 17:08:43 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2011.12.14 17:08:43 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2011.12.14 17:08:43 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2011.12.14 17:08:42 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2011.12.14 17:08:42 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2011.12.14 17:08:41 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2011.12.14 17:08:41 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2011.12.14 17:08:41 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2011.12.14 17:08:41 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2011.12.13 21:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\MSI Afterburner
[2011.12.13 21:13:23 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll
[2011.12.13 21:13:20 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll
[2011.12.11 21:10:02 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.12.11 00:19:44 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.12.11 00:19:44 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.12.11 00:19:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.12.11 00:19:44 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.12.11 00:19:43 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.12.11 00:19:43 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.12.11 00:19:43 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.12.11 00:19:43 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.12.11 00:19:43 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.12.11 00:19:43 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.12.11 00:19:43 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.12.11 00:19:43 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.12.11 00:19:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.12.11 00:19:43 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.12.11 00:19:42 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.12.11 00:19:42 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.12.11 00:19:42 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.12.11 00:19:42 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.12.11 00:19:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.12.11 00:19:42 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.12.11 00:19:42 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.12.11 00:19:42 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.12.11 00:19:41 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.12.11 00:19:41 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.12.11 00:19:41 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.12.11 00:19:41 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.12.11 00:19:41 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.12.11 00:19:41 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.12.11 00:19:41 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.12.11 00:19:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.12.11 00:19:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.12.11 00:18:44 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011.12.11 00:18:44 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011.12.11 00:18:44 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011.12.11 00:18:44 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.12.11 00:18:43 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.12.11 00:18:43 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011.12.11 00:18:43 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011.12.11 00:18:41 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.12.11 00:18:41 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.12.11 00:18:41 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.12.11 00:18:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.12.11 00:18:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.11.25 18:28:21 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\PALIM PALIM
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.21 23:00:03 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2011.12.21 22:50:57 | 007,551,736 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.12.21 22:50:57 | 002,699,728 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.21 22:50:57 | 002,338,372 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.12.21 22:50:57 | 002,116,380 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.21 22:40:51 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.21 22:40:50 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.21 22:39:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.21 22:38:55 | 000,000,020 | ---- | M] () -- C:\Users\***\defogger_reenable
[2011.12.19 20:32:33 | 000,000,680 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2011.12.19 20:15:40 | 000,000,839 | ---- | M] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2011.12.17 04:15:47 | 009,852,544 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\***\Desktop\mbam-setup-1.51.2.1300.exe
[2011.12.17 02:49:25 | 000,000,726 | ---- | M] () -- C:\Users\***\Desktop\EVEREST Home Edition.lnk
[2011.12.16 05:06:28 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\Warcraft III - The Frozen Throne.lnk
[2011.12.15 20:11:57 | 000,001,572 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.7.lnk
[2011.12.15 06:18:14 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011.12.15 06:17:44 | 000,016,432 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2011.12.15 04:55:59 | 000,001,100 | ---- | M] () -- C:\Users\***\AppData\Local\d3d8caps.dat
[2011.12.14 18:08:18 | 002,346,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.12.14 18:02:04 | 000,184,320 | -H-- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.11 22:59:51 | 000,001,594 | ---- | M] () -- C:\Users\***\Desktop\config.ini
[2011.12.11 00:19:50 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.12.11 00:19:50 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.12.11 00:19:44 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.12.11 00:19:44 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.12.11 00:19:44 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.12.11 00:19:44 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.12.11 00:19:43 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.12.11 00:19:43 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.12.11 00:19:43 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.12.11 00:19:43 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.12.11 00:19:43 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.12.11 00:19:43 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.12.11 00:19:43 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.12.11 00:19:43 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.12.11 00:19:43 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.12.11 00:19:43 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.12.11 00:19:43 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.12.11 00:19:42 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.12.11 00:19:42 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.12.11 00:19:42 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.12.11 00:19:42 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.12.11 00:19:42 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.12.11 00:19:42 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.12.11 00:19:42 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.12.11 00:19:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.12.11 00:19:41 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.12.11 00:19:41 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.12.11 00:19:41 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.12.11 00:19:41 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.12.11 00:19:41 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.12.11 00:19:41 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.12.11 00:19:41 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.12.11 00:19:41 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.12.11 00:19:41 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.12.11 00:18:44 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011.12.11 00:18:44 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011.12.11 00:18:44 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011.12.11 00:18:44 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.12.11 00:18:43 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.12.11 00:18:43 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011.12.11 00:18:43 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011.12.11 00:18:41 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.12.11 00:18:41 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.12.11 00:18:41 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.12.11 00:18:41 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.12.11 00:18:41 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.11.27 14:28:23 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2011.11.26 16:20:09 | 000,001,940 | ---- | M] () -- C:\Users\***\Desktop\Spybot - Search & Destroy.lnk
[2011.11.23 14:37:27 | 002,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.21 22:37:21 | 000,000,020 | ---- | C] () -- C:\Users\***\defogger_reenable
[2011.12.19 20:15:40 | 000,000,839 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2011.12.17 02:49:25 | 000,000,726 | ---- | C] () -- C:\Users\***\Desktop\EVEREST Home Edition.lnk
[2011.12.16 05:04:09 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\Warcraft III - The Frozen Throne.lnk
[2011.12.16 02:44:31 | 000,004,364 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2011.12.15 20:11:57 | 000,001,572 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.7.lnk
[2011.12.15 13:44:20 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2011.12.11 22:59:51 | 000,001,594 | ---- | C] () -- C:\Users\***\Desktop\config.ini
[2011.12.11 00:29:59 | 000,000,912 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.12.11 00:19:43 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.11.26 16:20:09 | 000,001,940 | ---- | C] () -- C:\Users\***\Desktop\Spybot - Search & Destroy.lnk
[2011.05.20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.05.10 03:00:19 | 000,000,610 | ---- | C] () -- C:\Windows\System32\wun32.dll
[2010.11.01 07:01:35 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2010.10.21 19:18:56 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2010.09.23 11:34:08 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.09.23 11:34:08 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.07.05 13:17:47 | 000,091,923 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.07.05 13:17:47 | 000,076,956 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.07.05 13:17:47 | 000,039,121 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.07.05 13:17:47 | 000,027,965 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_JP.dat
[2009.06.22 18:57:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\WoW-3.0.3.9183-to-3.0.8.9464-deDE-patch.exe.part
[2009.06.22 18:57:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\WoW-3.0.8.9464-to-3.0.8.9506-deDE-patch.exe.part
[2009.04.23 03:25:55 | 000,000,000 | ---- | C] () -- C:\Windows\iPlayer.INI
[2008.11.11 07:03:00 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.06 21:35:22 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2008.07.06 21:35:22 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2008.07.06 21:35:22 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2008.06.27 00:45:54 | 000,001,100 | ---- | C] () -- C:\Users\***\AppData\Local\d3d8caps.dat
[2008.05.25 21:06:37 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2008.05.09 02:36:50 | 000,000,442 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008.04.23 18:25:30 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2008.04.23 18:13:09 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.04.23 14:36:10 | 007,551,736 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.23 14:36:10 | 002,338,372 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.23 14:36:10 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.23 14:36:10 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.23 08:27:22 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2008.04.23 06:06:26 | 000,184,320 | -H-- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.04.23 05:52:18 | 000,000,094 | -H-- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2007.02.13 08:48:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 002,346,928 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 002,699,728 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 002,116,380 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[1999.04.30 01:00:00 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
[1997.06.14 12:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

< End of report >
--- --- ---
Geändert von Tencendur (22.12.2011 um 00:59 Uhr)

 

Themen zu Blackscreen + "Lags" Was tun
avira, booten, desktop, eingefroren, erkannt, geforce, gen, grafikkarte, hijack, hijackthis, home, hängt, i-net, malwarebytes, maus, meldung, monitor, neustart, nicht erkannt, nicht mehr, nicht möglich, nvlddmkm.sys, packard bell, problem, registry, registry cleaner, safer networking, search the web, senden, spybot, system, tarma, vista, yontoo


« Aus Sicherheitsgründen wurde ihr Windowssystem blockiert. | System wurde [...] blockiert »


Ähnliche Themen: Blackscreen + "Lags" Was tun


  1. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  2. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  3. "Antiviren Werbung" "Langsamer PC" "PC stürzt ab" Banner und Popups beim surfen
    Plagegeister aller Art und deren Bekämpfung - 05.11.2013 (28)
  4. Blackscreen nach "Windowszeichen"
    Plagegeister aller Art und deren Bekämpfung - 06.04.2013 (16)
  5. "Deutsche Post(eMail-Anhang)" Alle "EXE(Programme)" werden blockiert "WIN 7 Defender"
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (3)
  6. "The document has moved. Redirecting"+"Popup unten rechts"+"Nicht alle Links anklickbar"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  7. Trojaner: Blackscreen, Windows "gesperrt", Zahlungsaufforderung
    Log-Analyse und Auswertung - 16.03.2012 (8)
  8. Blackscreen und Meldung "Ihr Windowssystem wurde aus Sicherheitsgründen gesperrt. Bezahlen & Her..."
    Plagegeister aller Art und deren Bekämpfung - 07.03.2012 (6)
  9. Blackscreen, "angebliche Windows Sicherheitswarnung" maleware?
    Log-Analyse und Auswertung - 05.02.2012 (1)
  10. Malwarereinigung: "TR/Kazy.25747.40", "Trojan.Downloader..." und "Backdoor: Win32Cycbot.B"
    Log-Analyse und Auswertung - 09.06.2011 (1)
  11. Öffentliches Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Netzwerk und Hardware - 02.05.2011 (14)
  12. Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Alles rund um Windows - 16.04.2011 (0)
  13. Nach Virenentfernung "Blackscreen"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2008 (2)
  14. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  15. "error cleaner" "privacy protector" "spyware und malware protection"
    Plagegeister aller Art und deren Bekämpfung - 28.06.2008 (2)
  16. Beheben des Problems "kein Internet"/"rsvp32_2.dll"/"Can't load library from memory"
    Plagegeister aller Art und deren Bekämpfung - 25.03.2007 (22)
  17. ">"">><meta http-equiv="Refresh" content="0;url=http://askimizsonsuza.com/code/">"">
    Plagegeister aller Art und deren Bekämpfung - 04.09.2006 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Blackscreen + "Lags" Was tun - Blackscreen & "Lags" Guten Abend, da ich mein Problem nicht definitiv einer "Problemzone" zuordnen kann, hoffe ich ihr könnt mir trotzdessen helfen. Das Problem begann vor mittlerweile 1 1/2 Wochen - Blackscreen + "Lags" Was tun...
Archiv
Du betrachtest: Blackscreen + "Lags" Was tun auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131