Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows XP mit weissem Bildschirm

Windows XP mit weissem Bildschirm


Plagegeister aller Art und deren Bekämpfung: Windows XP mit weissem Bildschirm

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 11.07.2013, 10:29   #1
Hrwaldr
 
Windows XP mit weissem Bildschirm - Standard

Windows XP mit weissem Bildschirm


Hallo liebe Mitglieder,

Bin ein absoluter Neuling hier, daher entschuldigt bitte falls ich was falsch gemacht habe.

Ich habe heute einen Notebook von einem Mitarbeiter gekriegt welcher nach dem anmelden am PC nur noch einen weissen Screen hat. Habe mir bereits den Artikel (http://www.trojaner-board.de/137791-...indows-xp.html
durchgelesen. Aber da mein Laptop ein neuer Einzelfall ist habe ich ein neues Thema aufgemacht. Ich habe das OTLPE Tool bereits durchlaufen lassen und nun folgendes erhalten, da ich nicht genau weiss nach was ich suchen muss, habe ich mich an euch gewendet :-)
Ich hoffe ihr könnt mir weiterhelfen?


Code:
ATTFilter
OTL logfile created on: 7/11/2013 11:22:44 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000100C | Country: Suisse | Language: FRS | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.78 Gb Total Space | 77.02 Gb Free Space | 51.77% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto] --  -- (swusageservice)
SRV - File not found [On_Demand] --  -- (Smcinst)
SRV - File not found [Disabled] --  -- (HidServ)
SRV - [2013/07/11 04:05:30 | 000,017,920 | ---- | M] () [Auto] -- C:\WINDOWS\system32\rpcnetp.exe -- (rpcnetp)
SRV - [2013/06/12 08:05:41 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/19 04:06:40 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto] -- C:\WINDOWS\system32\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2012/04/18 20:59:48 | 001,671,424 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\Smc.exe -- (SmcService)
SRV - [2012/04/18 20:59:48 | 000,282,032 | ---- | M] (Symantec Corporation) [Disabled] -- C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\snac.exe -- (SNAC)
SRV - [2012/04/18 20:59:44 | 000,137,208 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exe -- (SepMasterService)
SRV - [2012/04/13 04:52:36 | 000,010,752 | ---- | M] (Volvo AB) [On_Demand] -- C:\Program Files\CommunicationServer\CommunicationServer.exe -- (CommunicationServer.exe)
SRV - [2012/01/10 14:44:24 | 000,038,400 | ---- | M] (UpTime Solutions AB) [Auto] -- C:\Program Files\PROSIS\PROSIS Offline\UpTime Windows Service Offline.exe -- (UpTimeServiceOffline)
SRV - [2011/11/28 08:11:00 | 000,024,576 | ---- | M] (Volvo Information Technology AB) [On_Demand] -- C:\Program Files\Tech Tool\Tech Tool\Framework\VolvoIt.Waf.Core.Ui\ServiceHost\VolvoIt.Waf.Core.WcfStartupServices.exe -- (Tech Tool Service Host Service)
SRV - [2011/09/28 09:32:08 | 000,179,120 | -H-- | M] (Absolute Software Corp.) [Auto] -- C:\Documents and Settings\All Users\Application Data\Rpcnet\Bin\rpcld.exe -- (rpcld) Remote Procedure Call (RPC)
SRV - [2011/02/22 13:54:58 | 000,472,472 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Symantec\Backup Exec\DLO\DLOChangeLogSvcu.exe -- (DLOChangeJournalSvc)
SRV - [2010/11/23 03:20:26 | 000,024,576 | ---- | M] (Volvo Information Technology AB) [Auto] -- C:\Program Files\Network Update Agent\NetworkUpdateService.exe -- (NetworkUpdateAgentService)
SRV - [2010/05/07 00:13:22 | 000,218,616 | ---- | M] (FrontRange Solutions Deutschland GmbH) [Auto] -- C:\Program Files\NetInst\mgmtagnt.exe -- (esiCore)
SRV - [2010/05/07 00:13:22 | 000,218,616 | ---- | M] (FrontRange Solutions Deutschland GmbH) [Auto] -- C:\Program Files\NetInst\mgmtagnt.exe -- (ersupext)
SRV - [2009/12/10 13:40:08 | 000,128,296 | R--- | M] (Swisscom) [Auto] -- C:\Program Files\Swisscom\Unlimited Data Manager\DashBoardS.exe -- (UDM Service)
SRV - [2009/11/16 06:41:02 | 001,414,440 | ---- | M] (Swisscom) [Auto] -- C:\Program Files\Swisscom\Sesam\BIN\SecMIPService.exe -- (SesamService)
SRV - [2009/07/13 07:06:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/05/21 09:28:38 | 000,874,768 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2009/05/21 08:54:58 | 000,348,160 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2009/05/21 08:23:04 | 000,909,312 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2009/05/21 08:04:14 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2009/01/16 08:12:22 | 000,074,392 | R--- | M] (MicroVision Development, Inc.) [On_Demand] -- C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2008/09/09 05:51:16 | 000,069,632 | ---- | M] (Smith Micro Software, Inc.) [Auto] -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe -- (SMManager)
SRV - [2008/09/04 08:58:42 | 000,406,808 | ---- | M] (Dell Inc.) [Auto] -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc32)
SRV - [2008/07/31 16:41:50 | 000,808,296 | ---- | M] (Broadcom Corporation) [Auto] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2008/07/31 16:41:50 | 000,021,352 | ---- | M] (Broadcom Corporation) [Auto] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2008/05/22 09:02:08 | 000,221,273 | ---- | M] (IDT, Inc.) [Auto] -- C:\Program Files\IDT\DellXPM09B_6017v022\WDM\stacsv.exe -- (STacSV)
SRV - [2006/02/01 18:51:06 | 000,045,056 | ---- | M] () [On_Demand] -- C:\OracleXE\OracleXE\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe -- (OracleXEClrAgent)
SRV - [2006/02/01 18:49:14 | 000,204,800 | ---- | M] () [Auto] -- C:\OracleXE\OracleXE\app\oracle\product\10.2.0\server\BIN\TNSLSNR.EXE -- (OracleXETNSListener)
SRV - [2006/02/01 18:47:28 | 000,057,616 | ---- | M] (Oracle Corporation) [On_Demand] -- C:\OracleXE\OracleXE\app\oracle\product\10.2.0\server\BIN\omtsreco.exe -- (OracleMTSRecoveryService)
SRV - [2006/02/01 18:44:06 | 000,102,400 | ---- | M] () [Disabled] -- C:\oraclexe\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe -- (OracleJobSchedulerXE)
SRV - [2006/02/01 18:43:44 | 059,064,320 | ---- | M] (Oracle Corporation) [Auto] -- C:\oraclexe\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE -- (OracleServiceXE)
SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 15:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (unkantdr)
DRV - File not found [Kernel | On_Demand] --  -- (PUMA)
DRV - File not found [Adapter | Unavailable] --  -- (PnSson)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] --  -- (COH_Mon)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2013/06/13 05:26:07 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\BASHDefs\20130620.011\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/06/05 04:33:09 | 000,009,472 | ---- | M] (Volvo) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\unkant.sys -- (unkant)
DRV - [2013/05/22 04:31:30 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\VirusDefs\20130703.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/05/22 04:31:30 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\VirusDefs\20130703.002\NAVENG.SYS -- (NAVENG)
DRV - [2013/01/24 10:21:42 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/01/24 10:20:37 | 000,092,080 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\SysPlant.sys -- (SysPlant)
DRV - [2013/01/15 11:37:54 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\IPSDefs\20130702.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012/08/28 05:11:16 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/15 04:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/04/18 20:59:48 | 000,759,416 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\SEP\0C01044D\0191.105\x86\SymEFA.sys -- (SymEFA)
DRV - [2012/04/18 20:59:48 | 000,522,872 | ---- | M] (Symantec Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\SEP\0C01044D\0191.105\x86\srtsp.sys -- (SRTSP)
DRV - [2012/04/18 20:59:48 | 000,370,552 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\SEP\0C01044D\0191.105\x86\symtdi.sys -- (SYMTDI)
DRV - [2012/04/18 20:59:48 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SEP\0C01044D\0191.105\x86\SymDS.sys -- (SymDS)
DRV - [2012/04/18 20:59:48 | 000,137,336 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\SEP\0C01044D\0191.105\x86\Ironx86.sys -- (SymIRON)
DRV - [2012/04/18 20:59:48 | 000,121,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\teefer.sys -- (Teefer2)
DRV - [2012/04/18 20:59:48 | 000,031,864 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\SEP\0C01044D\0191.105\x86\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2012/04/18 20:59:48 | 000,023,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\SyDvCtrl32.sys -- (SyDvCtrl)
DRV - [2010/09/28 02:44:31 | 000,863,616 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mosuport.sys -- (mosuport)
DRV - [2009/12/10 13:39:32 | 000,061,440 | R--- | M] (Swisscom) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\wtengine.sys -- (wtengine)
DRV - [2009/12/10 12:06:28 | 000,112,640 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/12/10 12:06:28 | 000,102,656 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009/12/10 12:06:28 | 000,102,400 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/07/20 10:32:06 | 000,286,760 | ---- | M] (Swisscom) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wtsmpflt.sys -- (WtSmpFlt)
DRV - [2009/07/20 10:32:06 | 000,039,720 | ---- | M] (Swisscom) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wtsmpadap.sys -- (wtsmpadap)
DRV - [2009/07/13 21:10:20 | 000,009,176 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\WNTHW.SYS -- (WNTHW)
DRV - [2009/07/13 10:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/05/28 17:23:24 | 004,203,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2008/09/10 13:32:54 | 000,049,008 | ---- | M] (Citrix Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\net6im51.sys -- (Net6IM)
DRV - [2008/08/13 12:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008/07/31 16:39:26 | 000,032,808 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2008/07/30 08:14:18 | 000,110,080 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008/07/24 10:12:48 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/05/22 09:02:50 | 001,381,914 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008/05/20 07:51:26 | 000,108,160 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/04/04 07:40:50 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel(R)
DRV - [2008/03/13 09:51:52 | 000,057,536 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2008/03/13 09:50:02 | 000,072,000 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2008/01/07 15:57:44 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2007/05/02 06:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007/05/02 06:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007/05/02 06:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007/04/19 05:11:18 | 000,009,888 | ---- | M] (Pico Technology) [Kernel | Auto] -- C:\WINDOWS\System32\Drivers\Pico.sys -- (Pico)
DRV - [2007/02/24 06:12:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/07/24 11:05:00 | 000,005,632 | ---- | M] () [File_System | System] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/06/14 06:53:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\ASPNET_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\exadmin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\roy_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =  [binary data]
IE - HKU\roy_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKU\roy_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/defaultf.aspx?lang=fr-ch&ocid=iehp
IE - HKU\roy_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-ch
IE - HKU\roy_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 82 8E 0E 70 DE 69 CA 01  [binary data]
IE - HKU\roy_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\techtoolclient.PC420.000_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{E4D8AFFF-DA7C-412F-A976-05ED142C7806}: C:\Program Files\Swisscom\Unlimited Data Manager\FireFox_Remote\ [2012/10/05 07:15:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\IPSFFPlgn\ [2013/07/11 04:06:11 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2001/09/28 07:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Communication Unit Monitor] C:\Program Files\88890020 Adapter\Communication Unit Monitor.exe ()
O4 - HKLM..\Run: [Dashboard]  File not found
O4 - HKLM..\Run: [DellConnectionManager] C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)
O4 - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell, Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [NetInstall NiTray] C:\Program Files\NetInst\eTray.exe (FrontRange Solutions Deutschland GmbH)
O4 - HKLM..\Run: [NiAgnt]  File not found
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UDM] C:\Program Files\Swisscom\Unlimited Data Manager\LscaGui.exe (Swisscom)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2]  File not found
O4 - HKU\ASPNET_ON_C..\RunOnce: [_nltide_2]  File not found
O4 - HKU\exadmin_ON_C..\RunOnce: [_nltide_2]  File not found
O4 - HKU\LocalService_ON_C..\RunOnce: [_nltide_2]  File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [_nltide_2]  File not found
O4 - HKU\techtoolclient.PC420.000_ON_C..\RunOnce: [_nltide_2]  File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\CommunicationServerServiceStart.bat ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\EPMReplicate.lnk = C:\EPM\Service\EPMReplicate.exe (Langner GmbH)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Symantec Backup Exec Desktop Agent.lnk = C:\Program Files\Symantec\Backup Exec\DLO\DLOClientu.exe (Symantec Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\TechToolServiceStart.bat ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDisconnect = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\ASPNET_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\exadmin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\roy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\techtoolclient.PC420.000_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {00140000-B1BA-11CE-ABC6-F5B2E79D9E3F} hxxp://localhost/Prosis/imageviewer/wmfview.cab (LEAD Main Control (14.0))
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258704050322 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258715130046 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.26 192.168.0.28
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = robert-aebi.com
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\NetInst\NiAMH.dll) - C:\Program Files\NetInst\NiAMH.dll (FrontRange Solutions Deutschland GmbH)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\roy_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\roy_ON_C Winlogon: Shell - (C:\Documents and Settings\roy\Application Data\data.dat) - C:\Documents and Settings\roy\Application Data\data.dat ()
O20 - Winlogon\Notify\SEP: DllName - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\WinLogoutNotifier.dll -  File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/10/03 05:54:29 | 000,000,012 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\reatogoMenu.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/06/12 08:05:36 | 008,610,696 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013/06/12 08:03:51 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/04/05 03:01:40 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.ADOX.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/07/11 04:10:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/11 04:07:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/11 04:05:30 | 000,017,920 | ---- | M] () -- C:\WINDOWS\System32\rpcnetp.exe
[2013/07/11 03:47:29 | 000,618,586 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013/07/11 03:47:28 | 000,546,442 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/07/11 03:47:28 | 000,120,394 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013/07/11 03:47:28 | 000,104,184 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/07/11 03:43:20 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\WINDOWS\System32\rpcnet.dll
[2013/07/11 03:33:00 | 000,000,556 | ---- | M] () -- C:\WINDOWS\tasks\Send Concern Reports.job
[2013/07/11 03:31:51 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\roy\Application Data\settings.ini
[2013/07/11 03:29:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/11 02:48:00 | 000,000,532 | ---- | M] () -- C:\WINDOWS\tasks\Resume Transfer of Reports.job
[2013/07/11 02:43:10 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/11 02:43:00 | 000,000,548 | ---- | M] () -- C:\WINDOWS\tasks\Send LVD Reports.job
[2013/07/11 02:28:00 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\Send Application Reports.job
[2013/07/11 02:18:26 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/07/03 15:28:00 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\Send Improvement Reports.job
[2013/07/03 15:15:37 | 002,574,920 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-8533442-1461087815-1202159320-3953-0.dat
[2013/07/03 15:15:35 | 000,133,158 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/07/03 15:05:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/03 13:55:19 | 000,000,143 | RHS- | M] () -- C:\Documents and Settings\All Users\Application Data\3002.xml
[2013/06/27 09:29:46 | 000,000,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\waflogin.cfg
[2013/06/27 09:28:07 | 000,000,554 | ---- | M] () -- C:\WINDOWS\tasks\Check Feedback Access Rights.job
[2013/06/27 09:28:00 | 000,000,560 | ---- | M] () -- C:\WINDOWS\tasks\Send Exception Reports.job
[2013/06/21 04:41:37 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2013/06/12 08:14:49 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\roy\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk
[2013/06/12 08:05:40 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/12 08:05:40 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/12 08:05:37 | 008,610,696 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013/06/12 08:01:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/06/12 04:21:57 | 000,003,369 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\UpdateInfoViewedVersions.xml
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/07/03 15:10:48 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\roy\Application Data\settings.ini
[2013/06/05 04:33:45 | 000,000,046 | ---- | C] () -- C:\WINDOWS\RP121032.INI
[2013/04/15 09:01:16 | 000,004,614 | ---- | C] () -- C:\WINDOWS\v3puwa32.ini
[2013/04/15 09:01:16 | 000,001,185 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2013/02/04 03:15:00 | 000,002,731 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate
[2012/11/05 05:41:22 | 002,201,931 | ---- | C] () -- C:\WINDOWS\System32\libfftw3-3.dll
[2012/08/24 07:15:06 | 000,000,143 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\3002.xml
[2012/06/14 07:26:30 | 000,018,208 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\3002.abs
[2012/05/02 06:17:52 | 000,133,158 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-18-0.dat
[2012/02/15 06:19:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/31 17:28:09 | 002,574,920 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-8533442-1461087815-1202159320-3953-0.dat
[2012/01/31 17:28:09 | 000,133,158 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/07/06 07:15:21 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/06/10 18:01:46 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\roy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/28 02:37:00 | 000,002,035 | ---- | C] () -- C:\WINDOWS\System32\3315433317-100.DLL
[2010/04/14 09:02:17 | 000,003,368 | RHS- | C] () -- C:\Documents and Settings\roy\ntuser.pol
[2010/02/22 14:26:26 | 000,863,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\mosuport.sys
[2010/02/22 14:26:26 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\MosUsbSerial.exe
[2010/02/22 14:26:26 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\MosUnst.exe
[2010/02/22 14:26:26 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\MosUSBParallel.exe
[2010/02/22 14:26:26 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\MosUSBSerPropPage.dll
[2010/02/22 14:26:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\MosUSBParPropPage.dll
[2010/02/22 14:26:26 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\dbgmsgcfg.dll
[2010/02/22 14:26:26 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\ppspCoInst.dll
[2010/01/21 15:07:57 | 010,485,098 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\gui.bak
[2009/12/02 11:19:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/12/02 11:18:08 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009/12/02 10:31:31 | 000,001,859 | ---- | C] () -- C:\Documents and Settings\roy\intlname.ols
[2009/11/30 11:21:51 | 000,009,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\WNTHW.SYS
[2009/11/30 10:44:47 | 000,003,369 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\UpdateInfoViewedVersions.xml
[2009/11/30 10:44:45 | 000,000,072 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\waflogin.cfg
[2009/11/30 08:25:00 | 000,872,448 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2009/11/30 08:25:00 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2009/11/24 04:34:15 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/11/23 10:18:51 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2009/11/23 10:18:51 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2009/11/23 08:59:07 | 000,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/11/20 11:09:43 | 000,157,008 | ---- | C] () -- C:\WINDOWS\System32\brcmbsp.dll
[2009/11/20 11:09:28 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2009/11/20 04:53:58 | 002,026,604 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2009/11/20 04:53:58 | 000,442,964 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2009/11/20 04:53:58 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4980.dll
[2009/11/20 04:08:10 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/11/20 04:06:56 | 000,140,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/20 04:06:48 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.exe
[2009/11/20 03:29:27 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.dll
[2009/11/20 03:28:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/11/20 03:23:16 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/08/03 10:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 10:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/03/17 13:33:00 | 001,683,456 | ---- | C] () -- C:\WINDOWS\System32\LTCLR13n.dll
[2009/03/17 13:33:00 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7_TMP.dll
[2009/03/17 13:33:00 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2009/03/17 13:33:00 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2008/09/09 05:47:12 | 000,652,800 | ---- | C] () -- C:\WINDOWS\System32\SMgina.dll
[2008/04/13 13:50:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/13 13:33:54 | 000,625,152 | ---- | C] () -- C:\WINDOWS\System32\autochk.exe
[2008/04/13 13:33:04 | 000,106,496 | ---- | C] () -- C:\Documents and Settings\roy\Application Data\data.dat
[2008/03/18 04:32:52 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\preflib.dll
[2007/09/24 06:38:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\regocx.exe
[2006/12/30 13:27:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/06/30 07:58:44 | 000,176,128 | R--- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2006/06/30 07:58:44 | 000,126,976 | R--- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2005/02/15 04:48:10 | 000,254,017 | ---- | C] () -- C:\WINDOWS\System32\abgsp.dll
[2003/04/01 05:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/08/01 11:52:10 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\sctapi.dll
[2001/09/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/09/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/09/28 07:00:00 | 000,618,586 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2001/09/28 07:00:00 | 000,546,442 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/09/28 07:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2001/09/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/09/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/09/28 07:00:00 | 000,120,394 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2001/09/28 07:00:00 | 000,104,184 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/09/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/09/28 07:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2001/09/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/09/28 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/09/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999/10/08 05:18:26 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\VB32_c_fkt.dll
[1999/03/25 12:01:50 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\VB32CFKT.DLL
 
========== LOP Check ==========
 
[2013/04/26 03:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\roy\Application Data\Camoc
[2011/10/03 06:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\roy\Application Data\Framework_Uninstalled_DB_10-3-2011
[2010/09/28 02:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\roy\Application Data\Framework_Uninstalled_DB_9-28-2010
[2009/11/23 05:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\roy\Application Data\ICAClient
[2013/04/26 03:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\roy\Application Data\Nyroso
[2009/12/02 11:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\roy\Application Data\Samsung
[2011/06/10 02:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\roy\Application Data\Sierra Wireless
[2009/11/20 08:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2011/10/03 07:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DataReader
[2011/02/03 05:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\flashit
[2010/01/21 15:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Local
[2011/10/05 08:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LvdController
[2013/06/27 10:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Matris
[2013/01/24 10:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1992_12.com.symantec
[2012/07/05 07:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReportedVersions
[2012/03/15 05:14:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Rpcnet
[2013/07/11 02:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDM
[2012/10/05 07:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDM_17491
[2009/11/24 06:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2011/10/03 07:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Waf-Feedback
[2013/07/11 02:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WtDashboard
[2012/05/10 07:30:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{80CAA1E7-E0B0-4B49-8C1E-768F5776E466}
[2013/06/27 09:28:07 | 000,000,554 | ---- | M] () -- C:\WINDOWS\Tasks\Check Feedback Access Rights.job
[2013/07/11 02:48:00 | 000,000,532 | ---- | M] () -- C:\WINDOWS\Tasks\Resume Transfer of Reports.job
[2013/06/03 09:28:00 | 000,000,550 | ---- | M] () -- C:\WINDOWS\Tasks\Scavenge old Reports.job
[2013/07/11 02:28:00 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\Send Application Reports.job
[2013/07/11 03:33:00 | 000,000,556 | ---- | M] () -- C:\WINDOWS\Tasks\Send Concern Reports.job
[2013/06/27 09:28:00 | 000,000,560 | ---- | M] () -- C:\WINDOWS\Tasks\Send Exception Reports.job
[2013/07/03 15:28:00 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\Send Improvement Reports.job
[2013/07/11 02:43:00 | 000,000,548 | ---- | M] () -- C:\WINDOWS\Tasks\Send LVD Reports.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 23040 bytes -> C:\WINDOWS\System32\autochk.exe:BAK
< End of report >
Mit freundlichen Grüssen
Hrwaldr

 

Themen zu Windows XP mit weissem Bildschirm
192.168.0.2, adobe, adobe flash player, bho, bildschirm, desktop, error, explorer, feedback, firefox, flash player, format, helper, launch, logfile, monitor, monitor.exe, notebook, plug-in, registry, scan, server, sierra, software, sttray.exe, suche, symantec, wallpaper, windows, windows xp, winlogon


« Deinstallation von Iminent und SpyHunter | file is encrypted »


Ähnliche Themen: Windows XP mit weissem Bildschirm


  1. Windows 7 Bildschirm bei hochfahren an / beim Einlog-Bildschirm kein Bild
    Alles rund um Windows - 23.08.2015 (1)
  2. Windows 7: Nach Windows-Update schwarzer Bildschirm beim Hochfahren
    Plagegeister aller Art und deren Bekämpfung - 29.05.2015 (3)
  3. Windows 7 nach Anmelden Schwarzer Bildschirm mit Maus / nach einer Zeit Windows Funktioniert nicht mehr
    Alles rund um Windows - 09.02.2015 (1)
  4. Windows 7 Startet nicht/ hängt an der Pw Eingabe/ Bildschirm bleibt schwarz nach Windows Logo
    Plagegeister aller Art und deren Bekämpfung - 27.09.2014 (7)
  5. Windows 7 hp-Laptop hat nach Start von windows BKA Bildschirm mit 100 Euro Zahlungsaufforderung
    Log-Analyse und Auswertung - 06.06.2014 (9)
  6. [Windows 7] Nach Login bei Windows erscheint nur noch ein schwarzer Bildschirm mit Mauszeiger
    Plagegeister aller Art und deren Bekämpfung - 12.03.2014 (1)
  7. Windows 8 Grauer Bildschirm verhindert Windows Start
    Alles rund um Windows - 27.02.2014 (11)
  8. Windows 8 64-Bit: Grauer Bildschirm verhindert Windows-Start
    Log-Analyse und Auswertung - 06.11.2013 (11)
  9. Weißer Bildschirm nach Windows-Start (Windows 7 Premium Home)
    Plagegeister aller Art und deren Bekämpfung - 28.08.2013 (13)
  10. Weißer Bildschirm nach Windows Start WINDOWS 8!
    Plagegeister aller Art und deren Bekämpfung - 26.08.2013 (9)
  11. Windows Vista weißer Bildschirm nach Windows Start
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (17)
  12. Polizeitrojaner mit weissem Bildschirm
    Log-Analyse und Auswertung - 02.07.2013 (21)
  13. Weißer Bildschirm nach Windows-Start (Windows 7)
    Plagegeister aller Art und deren Bekämpfung - 12.05.2013 (21)
  14. (müll)Bekannter Trojaner mit weissem Bildschirm der warte-Aufforderung
    Mülltonne - 01.06.2012 (0)
  15. windows 7, weißer Bildschirm, Meldung: windows security center, Achtung! Ihr Computer wurde gesperrt
    Log-Analyse und Auswertung - 06.02.2012 (11)
  16. Desktop blockiert mit weissem Bildschirm und Meldung "Internetverbindung ist nicht vorhanden"
    Plagegeister aller Art und deren Bekämpfung - 03.02.2012 (18)
  17. Rechner befallen, schwarzer Bildschirm mit weissem Textfenster: zu viel geladen....
    Plagegeister aller Art und deren Bekämpfung - 02.02.2012 (16)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows XP mit weissem Bildschirm - Hallo liebe Mitglieder, Bin ein absoluter Neuling hier, daher entschuldigt bitte falls ich was falsch gemacht habe. Ich habe heute einen Notebook von einem Mitarbeiter gekriegt welcher nach dem anmelden - Windows XP mit weissem Bildschirm...
Archiv
Du betrachtest: Windows XP mit weissem Bildschirm auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131