Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Blackscreen nach Boot

Blackscreen nach Boot


Plagegeister aller Art und deren Bekämpfung: Blackscreen nach Boot

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 06.04.2013, 16:37   #1
Unreality
 
Blackscreen nach Boot - Standard

Blackscreen nach Boot


Hallo zusammen,

habe vorhin mein Notebook gestartet, Anfrage zur Systemüberprüfung beim Boot durchgeführt, seitdem Blackscreen nach dem Login + weißer Mauszeiger.

Malwarebytes hat im abgesicherten Modus nichts ergeben.

Taskmanager lässt sich im normalen Modus nicht aufrufen, Fehlermeldung:

"Die Anwendung konnte nicht korrekt gestartet werden (0xc0000022).
Klicken sie auf "OK", um die Anwendung zu schließen"

Code:
ATTFilter
OTL logfile created on: 06.04.2013 16:52:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = F:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,78 Gb Available Physical Memory | 72,18% Memory free
7,71 Gb Paging File | 6,79 Gb Available in Paging File | 88,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 56,58 Gb Free Space | 48,60% Space Free | Partition Type: NTFS
Drive D: | 329,79 Gb Total Space | 214,24 Gb Free Space | 64,96% Space Free | Partition Type: NTFS
Drive F: | 7,46 Gb Total Space | 7,13 Gb Free Space | 95,58% Space Free | Partition Type: FAT32
 
Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.04.06 15:08:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2012.12.14 16:49:28 | 000,824,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.10.18 00:54:38 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.08.11 14:01:06 | 004,018,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files\OO Software\DiskImage\oodiag.exe -- (OO DiskImage)
SRV:64bit: - [2009.12.08 01:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Stopped] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.11.27 05:39:45 | 000,243,712 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.11.11 10:29:13 | 000,202,752 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.08.06 23:17:46 | 000,118,672 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2013.03.31 16:31:39 | 000,968,880 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013.03.21 22:51:22 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.21 22:39:04 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.06 10:59:12 | 002,569,168 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2013.02.28 00:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013.02.19 05:02:02 | 001,418,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2013.02.19 05:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.08.23 12:31:24 | 002,148,216 | ---- | M] (AVG) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.10.21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Stopped] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.27 05:39:45 | 000,243,712 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe -- (STacSV)
SRV - [2009.11.10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.10.01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.10.01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.03.31 16:31:39 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.02.27 00:40:46 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013.02.14 04:52:46 | 000,239,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013.02.08 05:37:56 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013.02.08 05:37:54 | 000,311,096 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013.02.08 05:37:50 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013.02.08 05:37:42 | 000,206,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013.02.08 05:37:40 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012.09.04 11:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.22 03:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB)
DRV:64bit: - [2010.10.22 03:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2010.08.11 14:02:36 | 000,043,600 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\oodivdh.sys -- (oodivdh)
DRV:64bit: - [2010.08.11 14:02:34 | 000,215,120 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oodivd.sys -- (oodivd)
DRV:64bit: - [2010.08.11 14:02:32 | 000,040,016 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\oodisrh.sys -- (oodisrh)
DRV:64bit: - [2010.08.11 14:02:30 | 000,117,328 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oodisr.sys -- (oodisr)
DRV:64bit: - [2009.11.27 05:39:45 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.11.13 11:47:35 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.11.11 11:02:11 | 006,104,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.10.26 06:39:43 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.10.15 11:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009.10.05 03:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.09.30 03:34:31 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.08.21 08:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.08.12 05:38:01 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.08.06 23:17:34 | 000,013,784 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.07.20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.13 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008.12.08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007.03.12 15:26:00 | 000,106,496 | ---- | M] (Syntek Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\STK02NW2.sys -- (DCamUSBSTK02N)
DRV - [2012.07.04 16:26:12 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.02.24 20:14:22 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/09/16 18:48:01] [Kernel | Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2007.03.12 15:25:00 | 000,101,520 | ---- | M] (Syntek Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\STK02NW2.sys -- (DCamUSBSTK02N)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=08104E5D600379BF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=08104E5D600379BF
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=ASUBDF&PC=MAAU&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119370&babsrc=SP_ss&mntrId=08104E5D600379BF
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid=&mid=807c76d844b547d0a623f18676bb741a-135112108420ea05a3ce03c3a4778c09d1be0864&lang=de&ds=AVG&pr=fr&d=&v=&pid=AVG&sg=&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=08104E5D600379BF"
FF - prefs.js..extensions.enabledAddons: %7B906305f7-aafc-45e9-8bbd-941950a84dad%7D:1.1.11222.992
FF - prefs.js..extensions.enabledAddons: %7B0F827075-B026-42F3-885D-98981EE7B1AE%7D:2.6.1125.80
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:14.2.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013.03.31 16:33:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.21 22:39:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.21 22:38:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{0F827075-B026-42F3-885D-98981EE7B1AE}: C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013.03.21 22:41:35 | 000,000,000 | ---D | M]
 
[2011.01.18 17:41:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2013.03.21 22:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\28bu7e8y.default\extensions
[2013.03.21 22:41:16 | 000,000,000 | ---D | M] (DealPly Shopping) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\28bu7e8y.default\extensions\amo@dealplyshopping.com
[2011.12.16 20:38:26 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\28bu7e8y.default\extensions\DefaultManager@Microsoft
[2013.03.21 22:41:27 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\28bu7e8y.default\extensions\ffxtlbr@delta.com
[2013.03.21 22:41:28 | 000,001,294 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\28bu7e8y.default\searchplugins\delta.xml
[2013.03.21 22:38:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.21 22:38:56 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2013.03.31 16:33:05 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\14.2.0.1
[2013.03.21 22:41:35 | 000,000,000 | ---D | M] (BrowserProtect) -- C:\PROGRAMDATA\BROWSERPROTECT\2.6.1125.80\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION
[2013.03.21 22:39:05 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.02.07 15:27:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.11.29 11:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.31 16:33:11 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2013.03.21 22:41:22 | 000,006,468 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.11.29 11:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.29 11:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 11:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 11:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 11:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=08104E5D600379BF
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma\3.5.0.0_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (DealPly) - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45474191-24C0-48B8-B758-A8C1EC2871EF}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8122EAAC-913C-4C01-93A7-B56714E62B4A}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99985665-B2C2-4B1E-9D0F-7AB091686B92}: NameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.10.17 22:33:55 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{c5588729-1d96-11e0-843c-20cf305f9de9}\Shell - "" = AutoRun
O33 - MountPoints2\{c5588729-1d96-11e0-843c-20cf305f9de9}\Shell\AutoRun\command - "" = F:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.06 15:33:35 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Malwarebytes
[2013.04.06 15:33:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.06 15:33:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.06 15:33:28 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.06 15:33:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.06 15:33:18 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Programs
[2013.04.06 15:19:21 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.04.06 14:18:11 | 000,000,000 | -HSD | C] -- C:\found.000
[2013.04.05 15:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013.03.29 23:01:41 | 000,035,192 | ---- | C] (AVG) -- C:\Windows\SysNative\TURegOpt.exe
[2013.03.29 23:01:41 | 000,026,488 | ---- | C] (AVG) -- C:\Windows\SysNative\authuitu.dll
[2013.03.29 23:01:41 | 000,021,880 | ---- | C] (AVG) -- C:\Windows\SysWow64\authuitu.dll
[2013.03.29 23:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
[2013.03.29 23:01:15 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\AVG
[2013.03.29 23:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2013.03.29 23:00:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013.03.29 22:23:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\AVG Secure Search
[2013.03.29 22:23:19 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2013.03.29 22:23:14 | 000,039,768 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.03.29 22:23:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013.03.29 22:23:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2013.03.26 20:57:33 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.26 20:41:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013.03.26 20:41:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013.03.25 22:00:37 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\vlc
[2013.03.25 22:00:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.03.25 22:00:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.03.24 15:40:17 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\mh-software
[2013.03.24 15:39:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mh-software
[2013.03.24 15:38:55 | 001,827,896 | ---- | C] (Data Dynamics) -- C:\Windows\SysWow64\actrpt2.dll
[2013.03.24 15:38:55 | 001,204,872 | ---- | C] (gdpicture.com) -- C:\Windows\SysWow64\gdimagebox2.ocx
[2013.03.24 15:38:55 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2013.03.24 15:38:55 | 000,609,336 | ---- | C] (Data Dynamics) -- C:\Windows\SysWow64\ARVIEW2.OCX
[2013.03.24 15:38:55 | 000,551,992 | ---- | C] (Data Dynamics) -- C:\Windows\SysWow64\htmlexpt.dll
[2013.03.24 15:38:55 | 000,540,672 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\Pesgo32b.ocx
[2013.03.24 15:38:55 | 000,532,480 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\Pego32b.ocx
[2013.03.24 15:38:55 | 000,471,040 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\Pe3do32b.ocx
[2013.03.24 15:38:55 | 000,466,944 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\Pepso32b.ocx
[2013.03.24 15:38:55 | 000,409,600 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\Pesgo32a.ocx
[2013.03.24 15:38:55 | 000,405,504 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\Pego32a.ocx
[2013.03.24 15:38:55 | 000,397,312 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\Pepco32b.ocx
[2013.03.24 15:38:55 | 000,376,832 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\Pe3do32a.ocx
[2013.03.24 15:38:55 | 000,375,864 | ---- | C] (Data Dynamics) -- C:\Windows\SysWow64\pdfexpt.dll
[2013.03.24 15:38:55 | 000,362,576 | ---- | C] (Data Dynamics) -- C:\Windows\SysWow64\ActBar.ocx
[2013.03.24 15:38:55 | 000,355,384 | ---- | C] (Data Dynamics) -- C:\Windows\SysWow64\exclexpt.dll
[2013.03.24 15:38:55 | 000,335,872 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\Pepco32a.ocx
[2013.03.24 15:38:55 | 000,253,952 | ---- | C] (Inner Media, Inc.) -- C:\Windows\SysWow64\dzactx.dll
[2013.03.24 15:38:55 | 000,229,376 | ---- | C] (Inner Media, Inc.) -- C:\Windows\SysWow64\duzactx.dll
[2013.03.24 15:38:55 | 000,209,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TABCTL32.OCX
[2013.03.24 15:38:55 | 000,207,928 | ---- | C] (Data Dynamics) -- C:\Windows\SysWow64\rtfexpt.dll
[2013.03.24 15:38:55 | 000,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX
[2013.03.24 15:38:55 | 000,130,104 | ---- | C] (Data Dynamics) -- C:\Windows\SysWow64\textexpt.dll
[2013.03.24 15:38:55 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL
[2013.03.24 15:38:55 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2013.03.24 15:38:54 | 002,411,008 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\PEGRP32B.DLL
[2013.03.24 15:38:54 | 001,427,456 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\Pegrp32a.dll
[2013.03.24 15:38:53 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mfc42loc.dll
[2013.03.24 15:38:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\mh-software shared
[2013.03.24 15:38:12 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2013.03.24 15:38:12 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2013.03.24 15:38:12 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB5DB.DLL
[2013.03.24 15:37:05 | 000,000,000 | ---D | C] -- C:\Berechnungen
[2013.03.21 22:42:11 | 000,000,000 | ---D | C] -- C:\Users\Chris\Qtrax
[2013.03.21 22:42:11 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QTRAX
[2013.03.21 22:41:37 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013.03.21 22:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013.03.21 22:41:30 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\BabSolution
[2013.03.21 22:41:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
[2013.03.21 22:41:26 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Delta
[2013.03.21 22:41:23 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\PC Speed Maximizer
[2013.03.21 22:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
[2013.03.21 22:41:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Speed Maximizer
[2013.03.21 22:41:20 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\DealPly
[2013.03.21 22:41:15 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
[2013.03.21 22:41:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DealPly
[2013.03.21 22:41:12 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Babylon
[2013.03.21 22:41:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.03.21 22:38:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.19 23:54:27 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Macromedia
[2013.03.19 22:14:08 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.19 22:14:08 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.19 22:14:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013.03.17 15:18:22 | 000,106,496 | ---- | C] (Syntek Ltd.) -- C:\Windows\SysNative\drivers\STK02NW2.sys
[2013.03.17 15:18:22 | 000,101,520 | ---- | C] (Syntek Ltd.) -- C:\Windows\SysWow64\drivers\STK02NW2.sys
[2013.03.17 15:18:22 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\STK02NP.ax
[2013.03.17 15:18:22 | 000,033,728 | ---- | C] (Syntek Ltd.) -- C:\Windows\SysWow64\drivers\STK02NW1.sys
[2013.03.17 15:18:22 | 000,028,416 | ---- | C] (Syntek Ltd.) -- C:\Windows\SysNative\drivers\STK02NW1.sys
[2013.03.17 15:18:21 | 000,000,000 | ---D | C] -- C:\Windows\STK02N
[2013.03.17 15:17:46 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\InstallShield
[2013.03.15 12:09:06 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.15 12:09:06 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.15 12:09:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.15 12:09:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.15 12:09:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.15 12:09:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.15 12:09:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.15 12:09:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.15 12:09:04 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.15 12:09:04 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.15 12:09:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.15 12:09:04 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.15 12:09:03 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.15 12:09:03 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.15 12:09:03 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.15 12:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.14 20:23:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.14 20:23:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.06 15:54:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.06 15:54:30 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.06 15:53:46 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.06 14:47:03 | 002,653,550 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.06 14:47:03 | 001,392,694 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.06 14:47:03 | 000,793,498 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.06 14:47:03 | 000,402,544 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat
[2013.04.06 14:47:03 | 000,374,426 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013.04.06 14:47:03 | 000,252,008 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2013.04.06 14:47:03 | 000,062,698 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat
[2013.04.06 14:47:03 | 000,053,986 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013.04.06 14:47:03 | 000,046,144 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2013.04.06 14:47:03 | 000,030,700 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2013.04.06 14:47:03 | 000,030,472 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2013.04.06 14:47:03 | 000,029,924 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2013.04.06 14:47:03 | 000,029,170 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2013.04.06 14:47:03 | 000,027,296 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.06 14:47:03 | 000,017,460 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2013.04.06 14:47:03 | 000,016,518 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2013.04.06 14:47:03 | 000,016,222 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2013.04.06 14:47:03 | 000,016,164 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2013.04.06 14:47:03 | 000,013,980 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2013.04.06 14:47:03 | 000,013,980 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.06 14:47:03 | 000,013,334 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2013.04.06 14:33:03 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 14:33:03 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 14:28:35 | 000,003,352 | ---- | M] () -- C:\bootsqm.dat
[2013.04.05 15:37:24 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.04.04 22:34:50 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.04 22:34:50 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.02 13:18:50 | 000,001,536 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013.03.31 16:31:39 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.03.30 18:57:29 | 000,002,082 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013.03.29 23:12:53 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini
[2013.03.29 23:01:25 | 000,002,227 | ---- | M] () -- C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
[2013.03.29 23:01:25 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\AVG PC TuneUp.lnk
[2013.03.26 07:48:47 | 000,001,021 | ---- | M] () -- C:\Users\Chris\Desktop\Dropbox.lnk
[2013.03.25 22:00:32 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.03.24 15:39:40 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\mh-Viewer.lnk
[2013.03.24 15:39:40 | 000,001,901 | ---- | M] () -- C:\Users\Public\Desktop\mh-software.lnk
[2013.03.21 22:51:21 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.21 22:51:21 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.19 22:14:58 | 000,002,257 | ---- | M] () -- C:\Users\Chris\Desktop\Internetbrowser.lnk
 
========== Files Created - No Company Name ==========
 
[2013.04.06 14:28:35 | 000,003,352 | ---- | C] () -- C:\bootsqm.dat
[2013.03.29 23:01:25 | 000,002,227 | ---- | C] () -- C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
[2013.03.29 23:01:25 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\AVG PC TuneUp.lnk
[2013.03.29 23:01:24 | 000,002,197 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
[2013.03.25 22:00:32 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.03.24 15:39:40 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\mh-Viewer.lnk
[2013.03.24 15:39:40 | 000,001,901 | ---- | C] () -- C:\Users\Public\Desktop\mh-software.lnk
[2013.03.24 15:39:05 | 000,000,696 | ---- | C] () -- C:\Windows\SysWow64\jetodbc.rsp
[2013.03.24 15:38:54 | 000,450,560 | ---- | C] () -- C:\Windows\SysWow64\PEGRC32B.dll
[2013.03.24 15:38:54 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\PEGRC32A.dll
[2013.03.24 15:38:52 | 019,046,912 | ---- | C] () -- C:\Windows\SysWow64\Mh3dGlob10.dll
[2013.03.24 15:38:51 | 001,283,072 | ---- | C] () -- C:\Windows\SysWow64\MhCglobal10.dll
[2013.03.21 22:42:15 | 000,002,385 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
[2013.03.19 22:14:10 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011.12.14 00:29:07 | 000,000,000 | ---- | C] () -- C:\Users\Chris\AppData\Local\{43BDCD5B-9FA8-4D4C-81D0-542B03A53EC7}
[2011.10.18 00:55:32 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.07.02 20:50:08 | 000,608,792 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2010.09.17 03:58:59 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:A724744F

< End of report >

 

Themen zu Blackscreen nach Boot
adobe, avg, avg secure search, avg security toolbar, bho, bingbar, browserprotect.dll, cid, dealply, defender, explorer, fehlermeldung, firefox, flash player, format, frage, helper, home, logfile, mozilla, object, plug-in, registry, scan, schließen, secure search, security, software, stick, systemüberprüfung, temp, vtoolbarupdater, windows


« Schadesoftware auf virtuellen Server bei Host Europe während Reise in Asien | Sperrbildschirm, Ukash 100€, kein Taskmngr, Abgesicherter Modus fährt sofort runter »


Ähnliche Themen: Blackscreen nach Boot


  1. Windows 10 bootet nicht (Reboot and select proper boot device or insert boot media in selected boot device and press a key)
    Alles rund um Windows - 18.10.2015 (4)
  2. Blackscreen nach dem Einloggen
    Log-Analyse und Auswertung - 29.04.2015 (18)
  3. Windows 7 nach Start Blackscreen, keine Taskleiste , kein desktop NUR Arbeitsplatz offen
    Plagegeister aller Art und deren Bekämpfung - 03.12.2014 (3)
  4. BlackScreen nach Windows 8 Update
    Alles rund um Windows - 15.11.2014 (10)
  5. Blackscreen mit beweglicher Maus nach Systemstart
    Alles rund um Windows - 20.10.2014 (2)
  6. Blackscreen beim boot
    Alles rund um Windows - 24.02.2014 (6)
  7. Weißer Bildschirm kurz nach Boot
    Log-Analyse und Auswertung - 03.10.2013 (9)
  8. Blackscreen nach "Windowszeichen"
    Plagegeister aller Art und deren Bekämpfung - 06.04.2013 (16)
  9. Windows 7 32Bit, Nach Grafiktreiber-Installation Blackscreen-Computer startet neu
    Alles rund um Windows - 04.04.2013 (7)
  10. Boot-Probleme Win 7 nach TR/Rootkit.Gen
    Plagegeister aller Art und deren Bekämpfung - 08.03.2012 (2)
  11. Nach Boot, Bildschirm mit Bezahlbutton
    Plagegeister aller Art und deren Bekämpfung - 16.01.2012 (3)
  12. Blackscreen nach Win7-Bootvorgang
    Alles rund um Windows - 17.11.2011 (11)
  13. Nach Trojanner (HackerAngriff) BOOT.mgr probleme
    Alles rund um Windows - 13.07.2011 (73)
  14. System sauber nach resycled\boot.com ?
    Mülltonne - 02.12.2008 (0)
  15. nach Boot > restart
    Plagegeister aller Art und deren Bekämpfung - 01.11.2008 (12)
  16. Nach Virenentfernung "Blackscreen"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2008 (2)
  17. Arbeitsplatz + Explorer stürzen nach dem Boot ab
    Alles rund um Windows - 01.03.2007 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Blackscreen nach Boot - Hallo zusammen, habe vorhin mein Notebook gestartet, Anfrage zur Systemüberprüfung beim Boot durchgeführt, seitdem Blackscreen nach dem Login + weißer Mauszeiger. Malwarebytes hat im abgesicherten Modus nichts ergeben. Taskmanager lässt - Blackscreen nach Boot...
Archiv
Du betrachtest: Blackscreen nach Boot auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19