Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows 7 Home Premium nach Boot nur noch weißer Screen & Abgesicherter Modus startet sofort neu

Windows 7 Home Premium nach Boot nur noch weißer Screen & Abgesicherter Modus startet sofort neu


Plagegeister aller Art und deren Bekämpfung: Windows 7 Home Premium nach Boot nur noch weißer Screen & Abgesicherter Modus startet sofort neu

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 30.10.2013, 20:35   #1
gloanaflo
 
Windows 7 Home Premium nach Boot nur noch weißer Screen & Abgesicherter Modus startet sofort neu - Standard

Windows 7 Home Premium nach Boot nur noch weißer Screen & Abgesicherter Modus startet sofort neu


Hallo zusammen,

erstmal für die Arbeit die ihr hier leistet!

Nun zu meinem Problem:

Ein Freund von mir bekam heute nach dem Booten seines Laptops einen Screen angezeigt, dass er einen bestimmten Betrag per PaySafeCard an irgendeine Organisation zahlen sollte innerhalb von 48 Stunden. Nach mehrmaligem Neustart des Laptops zeigt dieser nur noch einen weißen Screen und den Mauszeiger an. Beim Drücken von STRG + ALT + ENTF erscheint zwar der Win-Sperrscreen aber die Auswahl eines Menüpunktes führt zu keiner Reaktion (bleibt nur noch Neustart oder Herunterfahren).
Ich hatte jetzt bereits versucht in den Abgesicherten Modus zu booten. Leider vergeblich denn von dort startet das Laptop sofort wieder neu.

Ich habe jetzt bereits den FRST-Scan laufen lassen mit dem unten angehängten Ergebnis.

Ich bedanke mich im Voraus für eure Hilfe
Mit besten Grüßen
Florian

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2013
Ran by SYSTEM on MININT-4MD51EQ on 30-10-2013 21:23:32
Running from F:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet002
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7935520 2010-09-17] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\SkyTel.exe [1833504 2010-09-17] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MGSysCtrl] - C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2244608 2009-11-06] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [35760 2010-06-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Nation toolbar\vprot.exe [2403144 2013-10-29] ()
HKU\Breitenfellner\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [147456 2007-01-15] (Nero AG)
HKU\Breitenfellner\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\Breitenfellner\...\Winlogon: [Shell] explorer.exe,C:\Users\Breitenfellner\AppData\Roaming\Other.res [163328 2010-03-24] () <==== ATTENTION 

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG)
S2 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1733448 2002-02-13] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2002-02-13] (AVG Technologies)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-30 23:39 - 2013-10-30 23:39 - 00126778 _____ C:\OTL.Txt
2013-10-30 23:39 - 2013-10-30 23:39 - 00019874 _____ C:\Extras.Txt
2013-10-30 21:23 - 2013-10-30 21:23 - 00000000 ____D C:\FRST
2013-10-30 09:27 - 2013-10-30 09:27 - 00000000 ____D C:\Windows\Sun
2013-10-30 09:07 - 2013-10-30 11:18 - 00005306 _____ C:\Windows\IE9_main.log
2013-10-30 08:35 - 2012-12-16 17:52 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-10-30 08:35 - 2012-12-16 15:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-10-30 08:35 - 2012-12-16 15:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-30 08:35 - 2012-12-16 15:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-30 08:08 - 2013-10-30 08:10 - 00000000 ____D C:\Windows\System32\MRT
2013-10-30 08:03 - 2012-03-01 07:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2013-10-30 08:03 - 2012-03-01 07:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2013-10-30 08:03 - 2012-03-01 07:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\wmi.dll
2013-10-30 08:03 - 2012-03-01 06:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-10-30 08:03 - 2012-03-01 06:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-10-29 14:23 - 2013-10-29 14:23 - 00000000 ____D C:\Windows\SysWOW64\cache
2013-10-29 14:23 - 2013-10-29 14:23 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-10-29 14:23 - 2013-10-29 14:23 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-10-29 11:00 - 2013-10-29 11:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-29 10:24 - 2012-11-09 06:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-10-29 10:24 - 2012-11-09 05:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-10-29 10:24 - 2012-03-03 07:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-10-29 10:24 - 2012-03-03 07:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-10-29 10:24 - 2012-03-03 07:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-10-29 10:24 - 2012-03-03 07:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-10-29 10:24 - 2012-03-03 07:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-10-29 10:24 - 2012-03-03 06:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-10-29 10:24 - 2012-03-03 06:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-10-29 10:24 - 2012-03-03 06:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-10-29 10:24 - 2012-03-03 06:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-10-29 10:24 - 2012-03-03 06:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-10-29 10:24 - 2011-06-15 10:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2013-10-29 10:24 - 2011-06-15 10:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2013-10-29 10:24 - 2011-06-15 10:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2013-10-29 10:24 - 2011-06-15 10:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2013-10-29 10:24 - 2011-06-15 10:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2013-10-29 10:24 - 2011-06-15 10:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2013-10-29 10:24 - 2011-06-15 10:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2013-10-29 10:24 - 2011-06-15 10:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2013-10-29 10:24 - 2011-06-15 10:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2013-10-29 10:24 - 2011-04-27 03:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2013-10-29 10:23 - 2013-02-12 16:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-10-29 10:23 - 2013-02-12 16:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-10-29 10:23 - 2013-02-12 16:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-10-29 10:23 - 2013-02-12 16:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-10-29 10:23 - 2013-02-12 16:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-10-29 10:23 - 2013-02-12 14:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-10-29 10:23 - 2012-11-09 06:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-10-29 10:23 - 2012-11-09 05:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-10-29 10:23 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2013-10-29 10:23 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-10-29 10:22 - 2013-03-01 04:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-10-29 10:22 - 2011-11-17 08:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\System32\webio.dll
2013-10-29 10:22 - 2011-11-17 06:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-10-29 10:22 - 2011-10-26 06:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\System32\quartz.dll
2013-10-29 10:22 - 2011-10-26 06:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2013-10-29 10:22 - 2011-10-26 05:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2013-10-29 10:22 - 2011-10-26 05:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-10-29 10:22 - 2011-07-09 03:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2013-10-29 10:22 - 2011-05-04 03:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-10-29 10:22 - 2011-05-04 03:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-10-29 10:22 - 2010-12-23 07:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\System32\sbe.dll
2013-10-29 10:22 - 2010-12-23 07:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2013-10-29 10:22 - 2010-12-23 07:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax
2013-10-29 10:22 - 2010-12-23 06:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2013-10-29 10:22 - 2010-12-23 06:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2013-10-29 10:22 - 2010-12-23 06:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2013-10-29 10:21 - 2013-04-12 15:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-10-29 10:21 - 2013-02-12 15:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-10-29 10:21 - 2012-11-02 06:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-10-29 10:21 - 2012-11-02 06:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-10-29 10:21 - 2012-11-02 06:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-10-29 10:21 - 2012-11-02 05:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-10-29 10:21 - 2012-11-02 05:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-10-29 10:21 - 2012-11-02 05:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-10-29 10:21 - 2012-06-09 06:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-10-29 10:21 - 2012-06-09 05:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-29 10:21 - 2012-06-02 06:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-10-29 10:21 - 2012-06-02 06:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-10-29 10:21 - 2012-06-02 06:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-10-29 10:21 - 2012-06-02 06:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-10-29 10:21 - 2012-06-02 05:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-10-29 10:21 - 2012-06-02 05:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-10-29 10:21 - 2012-06-02 05:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-10-29 10:21 - 2012-04-26 06:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2013-10-29 10:21 - 2012-04-26 06:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2013-10-29 10:21 - 2012-04-26 06:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2013-10-29 10:21 - 2011-11-17 08:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-10-29 10:21 - 2011-11-17 08:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-10-29 10:21 - 2011-11-17 08:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2013-10-29 10:21 - 2011-11-17 08:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-10-29 10:21 - 2011-11-17 08:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-10-29 10:21 - 2011-03-11 07:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2013-10-29 10:21 - 2011-03-11 07:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2013-10-29 10:21 - 2011-03-11 06:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2013-10-29 10:21 - 2011-03-11 06:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2013-10-29 10:21 - 2011-03-03 07:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2013-10-29 10:21 - 2011-03-03 07:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2013-10-29 10:21 - 2011-03-03 07:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2013-10-29 10:21 - 2011-03-03 06:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-10-29 10:21 - 2011-03-03 06:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2013-10-29 10:19 - 2013-01-04 06:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-10-29 10:19 - 2013-01-04 06:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-10-29 10:19 - 2013-01-04 06:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-10-29 10:19 - 2013-01-04 06:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-10-29 10:19 - 2013-01-04 06:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-10-29 10:19 - 2013-01-04 06:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-10-29 10:19 - 2013-01-04 06:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-10-29 10:19 - 2013-01-04 06:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-10-29 10:19 - 2013-01-04 06:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-10-29 10:19 - 2013-01-04 06:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-10-29 10:19 - 2013-01-04 05:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-10-29 10:19 - 2013-01-04 05:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 04:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-10-29 10:19 - 2013-01-04 03:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-29 10:19 - 2013-01-04 03:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-29 10:19 - 2013-01-04 03:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-29 10:19 - 2013-01-04 03:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-29 10:19 - 2013-01-04 03:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 03:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 03:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-10-29 10:19 - 2013-01-04 03:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-10-29 10:19 - 2012-11-20 06:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-10-29 10:19 - 2012-11-20 06:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-10-29 10:19 - 2012-09-06 18:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2013-10-29 10:19 - 2012-08-24 19:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-10-29 10:19 - 2012-08-24 18:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-10-29 10:19 - 2012-04-28 04:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2013-10-29 10:19 - 2011-08-17 06:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2013-10-29 10:19 - 2011-08-17 06:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2013-10-29 10:19 - 2011-08-17 06:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2013-10-29 10:19 - 2011-08-17 06:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2013-10-29 10:19 - 2011-08-17 06:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2013-10-29 10:19 - 2011-08-17 05:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2013-10-29 10:19 - 2011-08-17 05:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2013-10-29 10:19 - 2011-08-17 05:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2013-10-29 10:19 - 2011-08-17 05:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2013-10-29 10:19 - 2011-08-17 05:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2013-10-29 10:19 - 2011-04-29 04:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2013-10-29 10:19 - 2011-04-29 04:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-10-29 10:19 - 2011-04-29 04:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-10-29 10:18 - 2013-03-02 06:49 - 01499648 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-10-29 10:18 - 2013-03-02 06:49 - 01198080 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-10-29 10:18 - 2013-03-02 06:49 - 00134144 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-10-29 10:18 - 2013-03-02 06:44 - 01026560 _____ (Microsoft Corporation) C:\Windows\System32\mstime.dll
2013-10-29 10:18 - 2013-03-02 06:43 - 09377280 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-10-29 10:18 - 2013-03-02 06:43 - 00735744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-10-29 10:18 - 2013-03-02 06:43 - 00097792 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-10-29 10:18 - 2013-03-02 06:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-10-29 10:18 - 2013-03-02 06:43 - 00064512 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-10-29 10:18 - 2013-03-02 06:43 - 00057856 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-10-29 10:18 - 2013-03-02 06:42 - 12405760 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-10-29 10:18 - 2013-03-02 06:42 - 02463744 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-10-29 10:18 - 2013-03-02 06:42 - 00445952 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-10-29 10:18 - 2013-03-02 06:42 - 00256000 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-10-29 10:18 - 2013-03-02 06:42 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-10-29 10:18 - 2013-03-02 06:06 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-29 10:18 - 2013-03-02 06:05 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-29 10:18 - 2013-03-02 06:05 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-10-29 10:18 - 2013-03-02 06:02 - 06032384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-29 10:18 - 2013-03-02 06:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-29 10:18 - 2013-03-02 06:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2013-10-29 10:18 - 2013-03-02 06:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-10-29 10:18 - 2013-03-02 06:02 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-10-29 10:18 - 2013-03-02 06:01 - 11019776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-29 10:18 - 2013-03-02 06:01 - 02077184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-29 10:18 - 2013-03-02 06:01 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-10-29 10:18 - 2013-03-02 06:01 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-10-29 10:18 - 2013-03-02 06:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-29 10:18 - 2013-03-02 06:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-29 10:18 - 2013-03-02 05:38 - 00482816 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-10-29 10:18 - 2013-03-02 05:03 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-10-29 10:18 - 2013-03-02 04:56 - 01638912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-10-29 10:18 - 2013-03-02 04:56 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-10-29 10:18 - 2013-03-02 04:30 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-10-29 10:18 - 2013-03-02 04:29 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-29 10:18 - 2013-03-02 04:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-10-29 10:18 - 2012-09-25 23:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\synceng.dll
2013-10-29 10:18 - 2012-09-25 22:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-10-29 10:18 - 2012-08-11 01:53 - 00714752 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-10-29 10:18 - 2012-08-11 00:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-10-29 10:18 - 2012-06-16 06:25 - 00850944 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-10-29 10:18 - 2012-06-16 06:25 - 00609792 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-10-29 10:18 - 2012-06-16 05:37 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-10-29 10:18 - 2012-06-16 05:36 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-29 10:18 - 2012-03-17 08:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-10-29 10:18 - 2011-12-28 04:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-10-29 10:18 - 2011-05-24 12:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2013-10-29 10:18 - 2011-05-24 11:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2013-10-29 10:18 - 2011-05-24 11:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2013-10-29 10:18 - 2011-05-24 11:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2013-10-29 10:18 - 2011-05-24 11:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-10-29 10:18 - 2011-02-05 13:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-10-29 10:18 - 2011-02-05 13:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-10-29 10:18 - 2011-02-05 13:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2013-10-29 10:18 - 2011-02-05 13:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2013-10-29 10:18 - 2011-02-05 13:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2013-10-29 10:18 - 2011-02-05 13:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-10-29 10:18 - 2011-02-05 13:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-10-29 10:18 - 2010-12-18 07:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-10-29 10:18 - 2010-12-18 06:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-10-29 10:17 - 2013-03-19 07:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-10-29 10:17 - 2013-03-19 06:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-10-29 10:17 - 2013-03-19 06:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-29 10:17 - 2013-03-19 06:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-29 10:17 - 2013-03-19 05:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-10-29 10:17 - 2013-03-19 04:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-10-29 10:17 - 2012-07-04 23:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2013-10-29 10:17 - 2012-07-04 23:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\browser.dll
2013-10-29 10:17 - 2012-07-04 23:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\System32\browcli.dll
2013-10-29 10:17 - 2012-07-04 22:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-10-29 10:17 - 2012-07-04 22:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-10-29 10:17 - 2012-05-14 06:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-10-29 10:17 - 2011-12-16 09:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2013-10-29 10:17 - 2011-12-16 08:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2013-10-29 10:17 - 2011-11-17 08:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-10-29 10:17 - 2011-11-17 06:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-29 10:17 - 2011-10-15 07:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2013-10-29 10:17 - 2011-10-15 06:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2013-10-29 10:17 - 2011-08-27 06:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2013-10-29 10:17 - 2011-08-27 06:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2013-10-29 10:17 - 2011-08-27 05:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-10-29 10:17 - 2011-08-27 05:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2013-10-29 10:17 - 2011-05-03 06:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2013-10-29 10:17 - 2011-05-03 05:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2013-10-29 10:17 - 2011-02-23 06:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2013-10-29 10:17 - 2011-02-12 07:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2013-10-29 10:17 - 2010-10-16 06:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\System32\odbc32.dll
2013-10-29 10:17 - 2010-10-16 05:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2013-10-29 09:59 - 2012-06-02 06:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-10-29 09:59 - 2012-06-02 06:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-10-29 09:59 - 2012-06-02 06:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-10-29 09:59 - 2012-06-02 05:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-10-29 09:59 - 2012-06-02 05:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-10-29 09:59 - 2012-06-02 05:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-10-29 09:59 - 2011-11-19 16:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\packager.dll
2013-10-29 09:59 - 2011-11-19 15:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2013-10-29 09:56 - 2012-02-15 07:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2013-10-29 09:56 - 2012-02-15 06:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-10-29 09:56 - 2012-02-15 05:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys

==================== One Month Modified Files and Folders =======

2013-10-30 23:39 - 2013-10-30 23:39 - 00126778 _____ C:\OTL.Txt
2013-10-30 23:39 - 2013-10-30 23:39 - 00019874 _____ C:\Extras.Txt
2013-10-30 23:33 - 2010-09-17 15:39 - 00000000 ___RD C:\users\Breitenfellner
2013-10-30 21:23 - 2013-10-30 21:23 - 00000000 ____D C:\FRST
2013-10-30 21:19 - 2010-09-17 20:31 - 01856675 _____ C:\Windows\WindowsUpdate.log
2013-10-30 21:19 - 2009-07-14 05:51 - 00057724 _____ C:\Windows\setupact.log
2013-10-30 21:19 - 2009-07-14 05:45 - 00015504 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-30 21:19 - 2009-07-14 05:45 - 00015504 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-30 21:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-30 17:15 - 2002-02-13 18:39 - 00000000 ____D C:\ProgramData\MFAData
2013-10-30 15:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2013-10-30 11:22 - 2010-09-20 08:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-30 11:18 - 2013-10-30 09:07 - 00005306 _____ C:\Windows\IE9_main.log
2013-10-30 11:11 - 2009-07-14 03:34 - 00000513 _____ C:\Windows\win.ini
2013-10-30 10:27 - 2010-09-17 15:43 - 00112360 _____ C:\Users\Breitenfellner\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-30 10:18 - 2009-07-14 05:45 - 02346264 _____ C:\Windows\System32\FNTCACHE.DAT
2013-10-30 10:17 - 2011-01-22 13:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-30 10:10 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-10-30 10:09 - 2009-07-14 19:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-30 09:48 - 2012-12-10 13:02 - 01590506 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-30 09:48 - 2009-07-14 18:58 - 00696902 _____ C:\Windows\System32\perfh007.dat
2013-10-30 09:48 - 2009-07-14 18:58 - 00148166 _____ C:\Windows\System32\perfc007.dat
2013-10-30 09:47 - 2009-07-14 06:13 - 01590506 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-30 09:27 - 2013-10-30 09:27 - 00000000 ____D C:\Windows\Sun
2013-10-30 09:09 - 2012-03-08 18:11 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2013-10-30 08:16 - 2010-09-20 08:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-10-30 08:10 - 2013-10-30 08:08 - 00000000 ____D C:\Windows\System32\MRT
2013-10-29 15:30 - 2002-02-13 18:39 - 00000000 ____D C:\Users\Breitenfellner\AppData\Local\Avg2014
2013-10-29 14:23 - 2013-10-29 14:23 - 00000000 ____D C:\Windows\SysWOW64\cache
2013-10-29 14:23 - 2013-10-29 14:23 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-10-29 14:23 - 2013-10-29 14:23 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-10-29 14:23 - 2002-02-13 18:44 - 00000000 ____D C:\Program Files (x86)\AVG Nation toolbar
2013-10-29 11:00 - 2013-10-29 11:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-29 09:48 - 2002-02-13 18:44 - 00000000 ____D C:\ProgramData\AVG Nation toolbar

Some content of TEMP:
====================
C:\Users\Breitenfellner\AppData\Local\Temp\oi_{BCD93568-206C-48C2-97F0-C4CB16153587}.exe
C:\Users\Breitenfellner\AppData\Local\Temp\ose00000.exe
C:\Users\Breitenfellner\AppData\Local\Temp\p1OCxzD.exe
C:\Users\Breitenfellner\AppData\Local\Temp\p1OCxzD0.exe
C:\Users\Breitenfellner\AppData\Local\Temp\uninst1.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

11
Restore point made on: 2002-02-13 17:35:44
Restore point made on: 2002-02-13 18:41:30
Restore point made on: 2002-02-13 18:41:58
Restore point made on: 2012-12-10 12:45:46
Restore point made on: 2012-12-10 12:46:22
Restore point made on: 2012-12-22 12:18:55
Restore point made on: 2013-02-03 09:41:12
Restore point made on: 2013-10-29 10:03:50
Restore point made on: 2013-10-29 10:59:55
Restore point made on: 2013-10-30 07:51:48
Restore point made on: 2013-10-30 11:08:24

==================== Memory info =========================== 

Percentage of memory in use: 16%
Total physical RAM: 3839.3 MB
Available physical RAM: 3217.06 MB
Total Pagefile: 3837.45 MB
Available Pagefile: 3200.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:211.06 GB) NTFS
Drive f: () (Removable) (Total:7.44 GB) (Free:7.44 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 12C2E065)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7 GB) (Disk ID: CDFFF7E3)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)


LastRegBack: 2013-02-03 09:34

==================== End Of Log ============================

 

Themen zu Windows 7 Home Premium nach Boot nur noch weißer Screen & Abgesicherter Modus startet sofort neu
adobe, association, avg, booten, explorer, explorer.exe, farbar, farbar recovery scan tool, herunterfahren, home, micro, microsoft, neu, neustart, nmbgmonitor.exe, problem, realtek, registry, secure, secure search, services.exe, software, svchost.exe, system, temp, usb, vtoolbarupdater, windows, winlogon, winlogon.exe


« ZerOAccess im Papierkorb | eGdpSvc.exe und BKA trojaner »


Ähnliche Themen: Windows 7 Home Premium nach Boot nur noch weißer Screen & Abgesicherter Modus startet sofort neu


  1. Windows 7 Home Premium startet sehr langsam, problem mit Netzwerkadapter?
    Alles rund um Windows - 18.06.2015 (1)
  2. weißer Bildschirm unter Windows 7 Home Premium
    Log-Analyse und Auswertung - 15.11.2013 (7)
  3. windows 7 home premium sp1 startet immer um 0 uhr +/- 10 minuten ohne grund
    Alles rund um Windows - 06.11.2013 (4)
  4. Windows 7 Home Premium startet extrem langsam
    Alles rund um Windows - 05.11.2013 (17)
  5. Windows 7: BKA? Grauer Screen beim Start, abgesicherter Modus nicht möglich.
    Log-Analyse und Auswertung - 01.11.2013 (9)
  6. Weißer Bildschirm nach Windows-Start (Windows 7 Premium Home)
    Plagegeister aller Art und deren Bekämpfung - 28.08.2013 (13)
  7. Windows 7: weißer Bildschirm nach Systemstart (auch im abgesicherter Modus)
    Plagegeister aller Art und deren Bekämpfung - 05.08.2013 (7)
  8. XP- Home GVU-Trojaner, abgesicherter Modus startet in jeder Variante den rechner sofort neu
    Plagegeister aller Art und deren Bekämpfung - 07.06.2013 (22)
  9. weißer Bildschirm bei Windowsstart; abgesicherter Modus mit Eingabefunktion funktioniert nur noch
    Plagegeister aller Art und deren Bekämpfung - 03.06.2013 (21)
  10. WinXP - weißer Startscreen (Maus da) - abgesicherter Modus nicht möglich, startet neu - OTLpe Scan ok, was nun
    Log-Analyse und Auswertung - 29.05.2013 (13)
  11. WinXP - weißer Startscreen (Maus da) - abgesicherter Modus nicht möglich, startet neu - Fix.txt erstellen
    Log-Analyse und Auswertung - 29.05.2013 (9)
  12. Weißer-Bildschirm mit Zahlungsaufforderung, Abgesicherter Modus fährt sofort runter
    Plagegeister aller Art und deren Bekämpfung - 16.05.2013 (20)
  13. Windows Vista: Weißer Bildschirm nach Start (ohne Text)! - abgesicherter Modus geht.
    Log-Analyse und Auswertung - 11.05.2013 (22)
  14. 2x Windows Vista: Weißer Bildschirm nach Start (ohne Text, abgesicherter Modus geht)!
    Mülltonne - 04.05.2013 (1)
  15. Weißer Bildschirm Virus, abgesicherter modus startet und fährt sofort runter
    Plagegeister aller Art und deren Bekämpfung - 01.05.2013 (11)
  16. Polizei Trojaner weder abgesicherter Modus noch Boot von USB/CD
    Plagegeister aller Art und deren Bekämpfung - 18.12.2012 (26)
  17. Bundespolizei Windows XP Home (abgesicherter Modus nicht möglich)
    Log-Analyse und Auswertung - 21.03.2012 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7 Home Premium nach Boot nur noch weißer Screen & Abgesicherter Modus startet sofort neu - Hallo zusammen, erstmal für die Arbeit die ihr hier leistet! Nun zu meinem Problem: Ein Freund von mir bekam heute nach dem Booten seines Laptops einen Screen angezeigt, dass er - Windows 7 Home Premium nach Boot nur noch weißer Screen & Abgesicherter Modus startet sofort neu...
Archiv
Du betrachtest: Windows 7 Home Premium nach Boot nur noch weißer Screen & Abgesicherter Modus startet sofort neu auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131