Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Weißer Bildschirm, Windows startet nicht mehr

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 05.07.2013, 05:46   #1
Bullet207
 
Weißer Bildschirm, Windows startet nicht mehr - Standard

Weißer Bildschirm, Windows startet nicht mehr



Hallo liebe Helfer,
Trotz aktueller Virensoftware hat es mich wohl erwischt. Der Pc startet nicht mehr der Bildschirm bleibt weiß, ebenso fährt sich das System im abgesicherten Modus sofort selbstständig wieder herunter. Einzig der abgesicherte Modus mit Eingabeaufforderung funktioniert noch. Habe schon durchs Forum geschaut, haben ja viele das Problem. Soweit ich das gelesen habe habe ich schon Frst64l laufen lassen. Das Logfile dazu weiter unten. Bei dem Betriebssystem handelt es sich um Windows 7. Habe mir in der Zwischenzeit noch Windows Unlocker von Kaspersky geladen, mach es Sinn das zu verwenden um zumindest erstmal wieder zugriff auf den Desktop zu bekommen?

Was muss ich tun um mein System wieder sauber zu bekommen? Bitte detaillierte Hilfe bin nicht ganz so fit mit den systemsachen.
Danke schon vorab für eure Hilfe



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by SYSTEM on 04-07-2013 21:04:11
Running from K:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [PLD_FrameworkRun] c:\Windows\System32\oem\RunCMD_X64.exe c:\Windows\System32\oem\OKTOLaunch_PLD_Framework.cmd [133 2009-08-26] ()
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [588648 2009-07-24] (Symantec Corporation)
HKLM-x32\...\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1124424 2009-09-24] (G DATA Software AG)
HKLM-x32\...\Run: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [924232 2009-09-18] (G Data Software AG)
HKLM-x32\...\Run: [SBMBActivation] "C:\Program Files (x86)\Creative\ALchemy SB MB\CTActMgr.exe" /activate [1402392 2008-03-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1230704 2011-03-21] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKU\Alex\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-09-07] (Google Inc.)
HKU\Alex\...\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 [133432 2011-01-05] (ICQ, LLC.)
HKU\Alex\...\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized [x]
HKU\Alex\...\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
HKU\Alex\...\Winlogon: [Shell] explorer.exe,C:\Users\Alex\AppData\Roaming\skype.dat [69632 2011-11-16] () <==== ATTENTION 
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [162336 2009-07-21] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [162336 2009-07-21] ()
HKU\UpdatusUser\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [162336 2009-07-21] ()

==================== Services (Whitelisted) =================

S2 AVKProxy; C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe [1128008 2009-12-07] (G Data Software AG)
S2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [397896 2009-08-08] (G Data Software AG)
S2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [1731504 2009-11-24] (G Data Software AG)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
S3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [1664560 2009-11-24] (G Data Software AG)
S3 GDScan; C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe [302152 2009-11-26] (G Data Software AG)
S2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2011-11-26] ()
S3 Sound Blaster MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\SBMBLicensing.exe [79360 2009-09-23] (Creative Labs)
S2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-03] (Acer)

==================== Drivers (Whitelisted) ====================

S0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [34760 2010-08-10] (G Data Software AG)
S3 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [74184 2010-08-10] (G Data Software AG)
S3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [57288 2010-08-10] (G DATA Software AG)
S1 gdwfpcd; C:\Windows\System32\DRIVERS\gdwfpcd64.sys [48584 2010-08-10] (G DATA Software AG)
S1 GRD; C:\Windows\system32\drivers\GRD.sys [106224 2009-09-23] (G Data Software)
S1 GRD; C:\Windows\system32\drivers\GRD.sys [106224 2009-09-23] (G Data Software)
S3 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [42952 2009-09-07] (G Data Software AG)
S3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [34472 2009-06-23] (Intel Corporation )

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-04 21:04 - 2013-07-04 21:04 - 00000000 ____D C:\FRST
2013-07-04 05:06 - 2013-07-04 11:00 - 00000004 ____A C:\Users\Alex\AppData\Roaming\skype.ini
2013-06-15 08:27 - 2013-05-16 17:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-15 08:27 - 2013-05-16 17:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-15 08:27 - 2013-05-16 17:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-15 08:27 - 2013-05-16 17:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-15 08:27 - 2013-05-16 17:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-15 08:27 - 2013-05-16 17:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-15 08:27 - 2013-05-16 17:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-15 08:27 - 2013-05-16 17:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-15 08:27 - 2013-05-16 16:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 08:27 - 2013-05-16 16:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-15 08:27 - 2013-05-16 16:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 08:27 - 2013-05-16 16:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 08:27 - 2013-05-16 16:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 08:27 - 2013-05-16 16:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-15 08:27 - 2013-05-16 16:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-15 08:27 - 2013-05-16 16:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 08:27 - 2013-05-16 16:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-15 08:27 - 2013-05-14 04:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-15 08:27 - 2013-05-14 00:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-15 08:26 - 2013-06-08 06:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 08:26 - 2013-06-08 06:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 08:26 - 2013-06-08 06:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 08:26 - 2013-06-08 06:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 08:26 - 2013-06-08 06:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 08:26 - 2013-06-08 04:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 08:26 - 2013-06-08 03:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 08:26 - 2013-06-08 03:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 08:26 - 2013-06-08 03:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 08:26 - 2013-06-08 03:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 08:26 - 2013-06-08 03:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 08:26 - 2013-06-08 03:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 03:43 - 2013-05-07 22:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-15 03:39 - 2013-04-25 21:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-15 03:39 - 2013-04-25 20:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-15 03:38 - 2013-05-09 21:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-15 03:38 - 2013-05-09 19:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-15 03:38 - 2013-04-16 23:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-15 03:38 - 2013-04-16 22:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-15 03:37 - 2013-05-12 21:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-15 03:37 - 2013-05-12 21:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-15 03:37 - 2013-05-12 21:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-15 03:37 - 2013-05-12 21:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-15 03:37 - 2013-05-12 20:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-15 03:37 - 2013-05-12 20:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-15 03:37 - 2013-05-12 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-15 03:37 - 2013-05-12 19:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-15 03:37 - 2013-05-12 19:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-15 03:37 - 2013-05-12 19:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-15 03:36 - 2013-04-25 15:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-15 03:36 - 2013-03-31 14:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-08 21:59 - 2013-06-08 21:59 - 00001014 ____A C:\Users\Alex\Desktop\Emergency 2012.lnk
2013-06-08 21:58 - 2013-06-08 21:58 - 00000000 ____D C:\Users\Alex\AppData\Local\Quadriga Games

==================== One Month Modified Files and Folders =======

2013-07-04 21:04 - 2013-07-04 21:04 - 00000000 ____D C:\FRST
2013-07-04 20:55 - 2010-08-10 05:52 - 00000000 __SHD C:\Recovery
2013-07-04 11:00 - 2013-07-04 05:06 - 00000004 ____A C:\Users\Alex\AppData\Roaming\skype.ini
2013-07-04 11:00 - 2010-08-10 08:26 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-04 11:00 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-04 10:59 - 2009-09-23 15:27 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-04 10:59 - 2009-07-13 20:51 - 00117925 ____A C:\Windows\setupact.log
2013-07-04 05:56 - 2009-09-24 01:13 - 00654150 ____A C:\Windows\System32\perfh007.dat
2013-07-04 05:56 - 2009-09-24 01:13 - 00130022 ____A C:\Windows\System32\perfc007.dat
2013-07-04 05:56 - 2009-07-13 21:13 - 01498742 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-04 05:53 - 2009-09-23 15:21 - 01984940 ____A C:\Windows\WindowsUpdate.log
2013-07-04 04:24 - 2010-08-10 08:26 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-04 04:17 - 2012-04-07 03:33 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-03 23:17 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2013-07-03 23:14 - 2010-09-03 22:21 - 00000000 ____D C:\Users\Alex\AppData\Roaming\ICQ
2013-07-03 23:10 - 2009-07-13 20:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-03 23:10 - 2009-07-13 20:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 06:08 - 2010-11-05 07:05 - 00000205 ____A C:\Users\Alex\Desktop\Handy IMEI.txt
2013-07-01 22:14 - 2010-08-10 06:04 - 00000000 ____D C:\Users\Alex\AppData\Local\Google
2013-07-01 00:20 - 2011-06-07 06:20 - 00000040 ____A C:\ProgramData\ra3.ini
2013-06-29 04:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-06-15 08:30 - 2009-09-07 16:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-15 08:28 - 2010-08-10 19:09 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-15 05:17 - 2012-04-07 03:32 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-15 05:17 - 2011-05-13 21:34 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-08 21:59 - 2013-06-08 21:59 - 00001014 ____A C:\Users\Alex\Desktop\Emergency 2012.lnk
2013-06-08 21:58 - 2013-06-08 21:58 - 00000000 ____D C:\Users\Alex\AppData\Local\Quadriga Games
2013-06-08 21:43 - 2009-09-23 15:37 - 00331060 ____A C:\Windows\DirectX.log
2013-06-08 21:25 - 2010-08-10 08:22 - 00000000 ____D C:\Games
2013-06-08 06:08 - 2013-06-15 08:26 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 06:07 - 2013-06-15 08:26 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 06:06 - 2013-06-15 08:26 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 06:06 - 2013-06-15 08:26 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 06:06 - 2013-06-15 08:26 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 04:28 - 2013-06-15 08:26 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 03:42 - 2013-06-15 08:26 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 03:40 - 2013-06-15 08:26 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 03:40 - 2013-06-15 08:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 03:40 - 2013-06-15 08:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 03:40 - 2013-06-15 08:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 03:13 - 2013-06-15 08:26 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

Files to move or delete:
====================
C:\Users\Alex\AppData\Roaming\skype.dat
C:\Users\Alex\AppData\Roaming\skype.ini
C:\ProgramData\FullRemove.exe

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info =========================== 

Percentage of memory in use: 11%
Total physical RAM: 6135.08 MB
Available physical RAM: 5402.58 MB
Total Pagefile: 6133.23 MB
Available Pagefile: 5406.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:911.41 GB) (Free:669.02 GB) NTFS (Disk=0 Partition=3)
Drive e: (PQSERVICE) (Fixed) (Total:20 GB) (Free:8 GB) NTFS (Disk=0 Partition=1)
Drive k: () (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32 (Disk=5 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D82CFC90)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=911 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 4 GB) (Disk ID: 59830965)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)


LastRegBack: 2013-07-03 01:21

==================== End Of Log ============================
         
--- --- ---

Geändert von Bullet207 (05.07.2013 um 05:58 Uhr)

Alt 05.07.2013, 06:56   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm, Windows startet nicht mehr - Standard

Weißer Bildschirm, Windows startet nicht mehr



Hi,
Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
ATTFilter
HKU\Alex\...\Winlogon: [Shell] explorer.exe,C:\Users\Alex\AppData\Roaming\skype.dat [69632 2011-11-16] () <==== ATTENTION 
C:\Users\Alex\AppData\Roaming\skype.dat
C:\Users\Alex\AppData\Roaming\skype.ini
C:\ProgramData\FullRemove.exe
         
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Fix Button.
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________

__________________

Alt 05.07.2013, 08:02   #3
Bullet207
 
Weißer Bildschirm, Windows startet nicht mehr - Standard

Weißer Bildschirm, Windows startet nicht mehr



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-07-2013
Ran by SYSTEM at 2013-07-05 09:00:22 Run:1
Running from K:\
Boot Mode: Recovery
==============================================

HKU\Alex\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
C:\Users\Alex\AppData\Roaming\skype.dat => Moved successfully.
C:\Users\Alex\AppData\Roaming\skype.ini => Moved successfully.
C:\ProgramData\FullRemove.exe => Moved successfully.

==== End of Fixlog ====
         
__________________

Alt 05.07.2013, 09:35   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm, Windows startet nicht mehr - Standard

Weißer Bildschirm, Windows startet nicht mehr



Neu booten, freuen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.07.2013, 11:47   #5
Bullet207
 
Weißer Bildschirm, Windows startet nicht mehr - Standard

Weißer Bildschirm, Windows startet nicht mehr



Super Danke funktioniert wieder. Gibt es noch irgend eine Möglichkeit zu überprüfen ob noch irgendwelche schädlichen Reste drauf sind oder kann ich davon ausgehen das dass System wieder sicher ist


Alt 05.07.2013, 17:07   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm, Windows startet nicht mehr - Standard

Weißer Bildschirm, Windows startet nicht mehr



Machen wir jetzt, alles im normalen Windows bitte

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
__________________
--> Weißer Bildschirm, Windows startet nicht mehr

Alt 05.07.2013, 17:47   #7
Bullet207
 
Weißer Bildschirm, Windows startet nicht mehr - Standard

Weißer Bildschirm, Windows startet nicht mehr



Adw Cleaner:
Code:
ATTFilter
# AdwCleaner v2.304 - Datei am 05/07/2013 um 18:24:59 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Alex - ALEX-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Alex\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\Alex\AppData\Local\Temp\boost_interprocess

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v9.0.1 (de)

Datei : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fl33aulf.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [934 octets] - [05/07/2013 18:24:59]

########## EOF - C:\AdwCleaner[S1].txt - [993 octets] ##########
         

JRT File:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Alex on 05.07.2013 at 18:29:37,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Alex\appdata\local\{1F0EF2CD-F01B-4BE7-B209-6BD51058261C}



~~~ FireFox

Emptied folder: C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\fl33aulf.default\minidumps [34 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.07.2013 at 18:32:12,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST.txt


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Alex (administrator) on 05-07-2013 18:33:27
Running from C:\Users\Alex\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Windows\System32\OEM\RunCmd_X64.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
() c:\windows\system32\oem\setEvent.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\system32\consent.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [PLD_FrameworkRun] c:\Windows\System32\oem\RunCMD_X64.exe c:\Windows\System32\oem\OKTOLaunch_PLD_Framework.cmd [133 2009-08-26] ()
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-09-08] (Google Inc.)
HKCU\...\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 [133432 2011-01-05] (ICQ, LLC.)
HKCU\...\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [SBMBActivation] "C:\Program Files (x86)\Creative\ALchemy SB MB\CTActMgr.exe" /activate [1402392 2008-03-10] (Creative Technology Ltd)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1230704 2011-03-21] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [162336 2009-07-22] ()
HKU\UpdatusUser\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [162336 2009-07-22] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ipower_i9098_ge&r=173608105409p0324v175y47610201
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fl33aulf.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Alex\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa

==================== Services (Whitelisted) =================

R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2011-11-26] ()
S3 Sound Blaster MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\SBMBLicensing.exe [79360 2009-09-24] (Creative Labs)
S2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)

==================== Drivers (Whitelisted) ====================

S3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [34472 2009-06-24] (Intel Corporation )

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-05 18:32 - 2013-07-05 18:32 - 00001726 ____A C:\Users\Alex\Desktop\JRT.txt
2013-07-05 18:29 - 2013-07-05 18:29 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 18:27 - 2013-07-05 18:27 - 00001061 ____A C:\Users\Alex\Desktop\AdwCleaner[S1].txt
2013-07-05 18:26 - 2013-07-05 18:26 - 00000056 ____A C:\Windows\setupact.log
2013-07-05 18:26 - 2013-07-05 18:26 - 00000000 ____A C:\Windows\setuperr.log
2013-07-05 18:24 - 2013-07-05 18:25 - 00001061 ____A C:\AdwCleaner[S1].txt
2013-07-05 18:24 - 2013-07-05 18:24 - 01934636 ____A (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2013-07-05 18:23 - 2013-07-05 18:29 - 00000000 ____D C:\JRT
2013-07-05 18:23 - 2013-07-05 18:23 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Alex\Desktop\JRT.exe
2013-07-05 18:22 - 2013-07-05 18:22 - 00650027 ____A C:\Users\Alex\Desktop\adwcleaner.exe
2013-07-05 13:49 - 2013-07-05 13:49 - 00217056 ____A C:\Users\Alex\Documents\cc_20130705_134928.reg
2013-07-05 13:49 - 2013-07-05 13:49 - 00009506 ____A C:\Users\Alex\Documents\cc_20130705_134953.reg
2013-07-05 12:58 - 2013-07-05 13:02 - 00000834 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-07-05 12:58 - 2013-07-05 13:02 - 00000000 ____D C:\Program Files\CCleaner
2013-07-05 07:04 - 2013-07-05 07:04 - 00000000 ____D C:\FRST
2013-06-15 18:27 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-15 18:27 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 18:27 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-15 18:27 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 18:27 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 18:27 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 18:27 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-15 18:27 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-15 18:27 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 18:27 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-15 18:27 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-15 18:27 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-15 18:26 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 18:26 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 18:26 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 18:26 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 18:26 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 18:26 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 18:26 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 18:26 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 18:26 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 18:26 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 18:26 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 18:26 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 13:43 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-15 13:39 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-15 13:39 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-15 13:38 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-15 13:38 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-15 13:38 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-15 13:38 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-15 13:37 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-15 13:37 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-15 13:37 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-15 13:37 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-15 13:37 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-15 13:37 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-15 13:37 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-15 13:37 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-15 13:37 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-15 13:37 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-15 13:36 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-15 13:36 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 07:59 - 2013-06-09 07:59 - 00001014 ____A C:\Users\Alex\Desktop\Emergency 2012.lnk
2013-06-09 07:58 - 2013-06-09 07:58 - 00000000 ____D C:\Users\Alex\AppData\Local\Quadriga Games


==================== One Month Modified Files and Folders =======

2013-07-05 18:32 - 2013-07-05 18:32 - 00001726 ____A C:\Users\Alex\Desktop\JRT.txt
2013-07-05 18:32 - 2009-09-24 11:13 - 00654150 ____A C:\Windows\System32\perfh007.dat
2013-07-05 18:32 - 2009-09-24 11:13 - 00130022 ____A C:\Windows\System32\perfc007.dat
2013-07-05 18:32 - 2009-07-14 07:13 - 01498742 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-05 18:29 - 2013-07-05 18:29 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 18:29 - 2013-07-05 18:23 - 00000000 ____D C:\JRT
2013-07-05 18:27 - 2013-07-05 18:27 - 00001061 ____A C:\Users\Alex\Desktop\AdwCleaner[S1].txt
2013-07-05 18:26 - 2013-07-05 18:26 - 00000056 ____A C:\Windows\setupact.log
2013-07-05 18:26 - 2013-07-05 18:26 - 00000000 ____A C:\Windows\setuperr.log
2013-07-05 18:26 - 2010-08-10 18:26 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-05 18:26 - 2009-09-24 01:27 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-05 18:26 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-05 18:25 - 2013-07-05 18:24 - 00001061 ____A C:\AdwCleaner[S1].txt
2013-07-05 18:25 - 2009-09-24 01:21 - 02087951 ____A C:\Windows\WindowsUpdate.log
2013-07-05 18:24 - 2013-07-05 18:24 - 01934636 ____A (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2013-07-05 18:24 - 2010-08-10 18:26 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-05 18:23 - 2013-07-05 18:23 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Alex\Desktop\JRT.exe
2013-07-05 18:22 - 2013-07-05 18:22 - 00650027 ____A C:\Users\Alex\Desktop\adwcleaner.exe
2013-07-05 18:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-07-05 18:17 - 2012-04-07 13:33 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-05 18:03 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-05 18:03 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-05 13:49 - 2013-07-05 13:49 - 00217056 ____A C:\Users\Alex\Documents\cc_20130705_134928.reg
2013-07-05 13:49 - 2013-07-05 13:49 - 00009506 ____A C:\Users\Alex\Documents\cc_20130705_134953.reg
2013-07-05 13:47 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2013-07-05 13:02 - 2013-07-05 12:58 - 00000834 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-07-05 13:02 - 2013-07-05 12:58 - 00000000 ____D C:\Program Files\CCleaner
2013-07-05 12:53 - 2009-09-08 03:24 - 00000000 ____D C:\ProgramData\G DATA
2013-07-05 12:53 - 2009-09-08 03:24 - 00000000 ____D C:\Program Files (x86)\G Data
2013-07-05 07:04 - 2013-07-05 07:04 - 00000000 ____D C:\FRST
2013-07-05 06:55 - 2010-08-10 15:52 - 00000000 __SHD C:\Recovery
2013-07-04 09:14 - 2010-09-04 08:21 - 00000000 ____D C:\Users\Alex\AppData\Roaming\ICQ
2013-07-02 16:08 - 2010-11-05 17:05 - 00000205 ____A C:\Users\Alex\Desktop\Handy IMEI.txt
2013-07-02 12:56 - 2013-07-02 12:51 - 32172789 ____A 
2013-07-02 08:14 - 2010-08-10 16:04 - 00000000 ____D C:\Users\Alex\AppData\Local\Google
2013-07-01 10:20 - 2011-06-07 16:20 - 00000040 ____A C:\ProgramData\ra3.ini
2013-06-29 14:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-15 18:30 - 2009-09-08 02:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-15 18:28 - 2010-08-11 05:09 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-15 15:17 - 2012-04-07 13:32 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-15 15:17 - 2011-05-14 07:34 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-09 07:59 - 2013-06-09 07:59 - 00001014 ____A C:\Users\Alex\Desktop\Emergency 2012.lnk
2013-06-09 07:58 - 2013-06-09 07:58 - 00000000 ____D C:\Users\Alex\AppData\Local\Quadriga Games
2013-06-09 07:25 - 2010-08-10 18:22 - 00000000 ____D C:\Games
2013-06-08 16:08 - 2013-06-15 18:26 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 18:26 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 18:26 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 18:26 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 18:26 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 18:26 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 18:26 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 18:26 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 18:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 18:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 18:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 18:26 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 11:21

==================== End Of Log ============================
         
--- --- ---

--- --- ---



Adddition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2013
Ran by Alex at 2013-07-05 18:34:38
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 2.0.3.13070)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1.3)
Adobe Reader 9.5.1 MUI (x32 Version: 9.5.1)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.0.626)
Advertising Center (x32 Version: 0.0.0.1)
Alice Greenfingers (x32)
Amazonia (x32)
ANNO 2070 (x32 Version: 1.0.0.0)
Apple Software Update (x32 Version: 1.1.0.3)
Battlefield 3™ (x32 Version: 1.0.0.0)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0)
Birth of the Federation (x32)
CCleaner (Version: 4.03)
Chicken Invaders 2 (x32)
Command & Conquer™ 4 Tiberian Twilight (x32 Version: 1.0.0.0)
Command & Conquer™ Alarmstufe Rot 3 (x32 Version: 1.0.1.0)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
Creative ALchemy (SB MB Edition) (x32)
Creative Sound Blaster MB (x32 Version: 1.0)
D3DX10 (x32 Version: 15.4.2368.0902)
Dairy Dash (x32)
Defcon v1.6 (x32)
Der VerkehrsGigant (x32)
Die Sims™ 3 (x32 Version: 1.29.55)
DivX-Setup (x32 Version: 2.5.0.8)
Dream Day First Home (x32)
EAX4 Unified Redist (x32 Version: 4.001)
eBay Worldwide (x32 Version: 2.1.0703)
Elevated Installer (x32 Version: 2.1.13)
Emergency 2012 (x32)
Emergency4 (x32 Version: 1.03.001)
ESN Sonar (x32 Version: 0.70.4)
F1 2002 (x32)
F1 2010 (x32 Version: 1.0.0000.132)
F1 2010 (x32 Version: 1.0.0001.132)
Farm Frenzy 2 (x32)
FIFA Fussball-Weltmeisterschaft 2006 (TM) (x32)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.23.0)
Garmin Communicator Plugin (x32 Version: 2.9.3)
Garmin Express (x32 Version: 2.1.13)
Garmin Express Tray (x32 Version: 2.1.13)
Garmin Update Service (x32 Version: 2.1.13)
Garmin USB Drivers (x32 Version: 2.3.0.0)
GIMP 2.6.10 (x32 Version: 2.6.10)
Google Earth (x32 Version: 7.0.3.8542)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4209.2358)
Google Update Helper (x32 Version: 1.3.21.149)
Granny In Paradise (x32)
Heroes of Hellas (x32)
ICQ7.2 (x32 Version: 7.2)
Identity Card (x32 Version: 1.00.3001)
ImagXpress (x32 Version: 7.0.74.0)
Indeo® software (x32)
Intel(R) Network Connections 14.3.100.0 (Version: 14.3.100.0)
Intel® Matrix Storage Manager
Java Auto Updater (x32 Version: 2.0.6.1)
Java(TM) 6 Update 29 (x32 Version: 6.0.290)
Jetfighter 5 (x32 Version: 1.00.0000)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Lidl-Fotos (x32)
Loksim3D (x32 Version: 2.7.2)
MAGIX Foto Manager 8 (x32 Version: 6.0.1.499)
MAGIX Fotobuch 3.6 (x32 Version: 3.6)
MAGIX Media Suite (x32 Version: 1.13.0.112)
MAGIX Online Druck Service (x32 Version: 3.4.3.0)
MAGIX Ringtone Maker SE (x32 Version: 3.1.0.5)
Merriam Websters Spell Jam (x32)
Metaboli (x32 Version: 1.00.0006)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Works (x32 Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 9.0.1 (x86 de) (x32 Version: 9.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
mufin player (x32 Version: 1.0.0.98)
MyTube Internet Recorder (x32 Version: 2.08.1115)
Need for Speed(TM) Hot Pursuit (x32 Version: 1.0.0.0)
Need for Speed™ SHIFT (x32 Version: 1.0.0.0)
Nero 9 Essentials (x32)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero DiscSpeed (x32 Version: 5.4.7.201)
Nero DiscSpeed Help (x32 Version: 5.4.4.100)
Nero DriveSpeed (x32 Version: 4.4.7.201)
Nero DriveSpeed Help (x32 Version: 4.4.4.100)
Nero Express Help (x32 Version: 9.4.9.100)
Nero InfoTool (x32 Version: 6.4.7.201)
Nero InfoTool Help (x32 Version: 6.4.4.100)
Nero Installer (x32 Version: 4.4.8.1)
Nero Move it (x32 Version: 1.2.0.0)
Nero Move it Essentials (x32)
Nero Move it Help (x32 Version: 1.0.0.0)
Nero Online Upgrade (x32 Version: 1.3.0.0)
Nero StartSmart (x32 Version: 9.4.11.201)
Nero StartSmart Help (x32 Version: 9.4.11.100)
Nero StartSmart OEM (x32 Version: 9.4.10.100)
NeroExpress (x32 Version: 9.4.9.201)
neroxml (x32 Version: 1.0.0)
Norton Online Backup (x32 Version: 1.2.0.36)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (x32 Version: 9.10.0513)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenAL (x32)
OpenOffice.org 3.2 (x32 Version: 3.2.9502)
Origin (x32 Version: 8.5.0.4554)
Packard Bell GameZone Console (x32 Version: 5.1.2.3)
Packard Bell InfoCentre (x32 Version: 3.02.3000)
Packard Bell Recovery Management (x32 Version: 4.05.3003)
Packard Bell Registration (x32 Version: 1.02.3006)
Packard Bell ScreenSaver (x32 Version: 1.1.0812)
Packard Bell Updater (x32 Version: 1.01.3014)
Pando Media Booster (x32 Version: 2.6.0.8)
PunkBuster Services (x32 Version: 0.991)
PVSonyDll (Version: 1.00.0001)
QuickTime (x32 Version: 7.1.6.200)
Rapture3D 2.4.4 Game (x32)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5898)
Samsung_MonSetup (x32 Version: 1.00.0000)
Serif DrawPlus X2 (x32 Version: 9.0.4.024)
Serif PhotoPlus X2 (x32 Version: 12.0.2.011)
Serif WebPlus X2 (x32 Version: 11.0.5.029)
SHIFT 2 UNLEASHED™ (x32 Version: 1.0.0.0)
Silent Hunter 4 Wolves of the Pacific (x32 Version: 1.04.0000)
Star Defender 4 (x32)
Star Trek Bridge Commander (x32)
Star Trek Online (x32)
StarCraft II (x32 Version: 1.3.4.18701)
Tom Clancy's Rainbow Six Vegas 2 (x32 Version: 1.00)
Tom Clancy's Splinter Cell Double Agent (x32 Version: 1.00.0000)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0)
VLC media player 1.1.2 (x32 Version: 1.1.2)
Welcome Center (x32 Version: 1.00.3006)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8064.206)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR
X3: Reunion v2.0.02 (x32)
You Don't Know Jack 4 1.00 (x32 Version: 1.00)

==================== Restore Points  =========================

05-07-2013 10:45:55 Windows Update
05-07-2013 10:49:39 G Data InternetSecurity SE wurde entfernt.
05-07-2013 12:04:43 Windows-Sicherung
05-07-2013 15:54:41 Windows-Sicherung
05-07-2013 16:08:19 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0198DB66-626D-4BA2-92CD-65D7B0CE94D4} - System32\Tasks\{BECE4FF7-68C6-4B89-9998-290FB9F6220B} => C:\setup.exe No File
Task: {1671C3CF-6031-4840-BB79-CBD639005093} - System32\Tasks\{D80DE456-D805-44AA-9A0B-9284BF2EA714} => C:\setup.exe No File
Task: {1CD1D2B8-1C3E-40F5-85B2-801163D91DA9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {1E4EAF20-4313-4083-8933-45462776E479} - System32\Tasks\{404F125E-1E43-4152-92BB-D8ED2BD25FD5} => C:\Program Files (x86)\Ubisoft\SilentHunterIII\sh3.exe No File
Task: {23504127-829C-41A4-9AE4-E60B4EC9D004} - System32\Tasks\{4902CB15-5CF8-49C3-AB79-F3A2743A5236} => C:\setup.exe No File
Task: {280E8F27-EEDB-4001-BF45-420F71B8C3C3} - System32\Tasks\{709F9F2E-EA5C-4882-A91C-F5055B5D3E6C} => C:\Program Files (x86)\Ubisoft\SilentHunterIII\sh3.exe No File
Task: {2C1A382D-AB28-4093-8A56-EAAF6F1B7D71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-15] (Adobe Systems Incorporated)
Task: {2E4E01A8-7974-4B83-A593-5F5F04E1096C} - System32\Tasks\{0FBFC819-3C1E-4A24-9FFC-D9BD99C2C053} => C:\Program Files (x86)\Ubisoft\SilentHunterIII\sh3.exe No File
Task: {31BD90A9-6EEE-4BA1-8818-2AC9FB9E7AC3} - System32\Tasks\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2007-01-11] (Apple Computer, Inc.)
Task: {325523A9-BD59-4FD2-A092-FC4E659E0950} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {3277E963-44A7-4809-B02C-096A97EC44D2} - System32\Tasks\{9702E72F-D5CB-49E1-864D-8A3A1E4D14D5} => C:\setup.exe No File
Task: {35743958-8EFE-4C1E-88B3-C2D750A474E6} - System32\Tasks\{602CBC3E-A0F8-456A-975B-FDB388D08512} => C:\Games\You dont know Jack 2\setup.exe No File
Task: {36E7D2C1-76CE-49A0-9377-8DE1016969D7} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {3AFD10E9-FAD2-4824-97DD-F0867B05021C} - System32\Tasks\{4F18E923-38CE-4748-92B5-9E34EC7FCBAB} => C:\Games\You dont know Jack 2\setup.exe No File
Task: {3BDC2C68-1DB3-4E1C-8AA0-E872F3307274} - System32\Tasks\{A2F03ECD-95AE-4754-B37A-6179B676FE3C} => C:\Games\You Don't Know Jack 4\YDKJ 4.exe [2003-08-27] (Jellyivision, Inc)
Task: {3CB44190-4D30-46B1-9C89-17B91C0F0230} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe No File
Task: {42B45709-CC86-4C40-9446-CBD8C32CA6A7} - System32\Tasks\{C50B6469-B79B-4D1F-AD9B-0633F5E88DD6} => C:\Program Files (x86)\Ubisoft\SilentHunterIII\sh3.exe No File
Task: {49E07D8C-49EC-4727-8482-C5EFE5FCE6C8} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09] (Sun Microsystems, Inc.)
Task: {4BF75BD7-5642-42C2-863C-2D49DDF6D87A} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03] (Adobe Systems Incorporated)
Task: {5A17FFB1-CD42-42DC-80B2-7F2191821B3D} - System32\Tasks\{CA47CD84-E322-4970-BC54-E379870DB48F} => C:\Program Files (x86)\Ubisoft\SilentHunterIII\sh3.exe No File
Task: {5B983AFE-75F1-444F-9FC8-A188A327B053} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-10] (Google Inc.)
Task: {5CD613BB-79C6-4255-8D31-59DC97CF7AFC} - System32\Tasks\{F527AB1E-64E7-4E8E-A15C-F5FA873FB061} => C:\Program Files (x86)\Ubisoft\SilentHunterIII\sh3.exe No File
Task: {64FE417F-5F24-47FE-8504-83EEB203602E} - System32\Tasks\{8257F25E-04B9-4FDC-BA89-FF02F21F4B0F} => C:\Program Files (x86)\Ubisoft\SilentHunterIII\sh3.exe No File
Task: {668D637E-751F-43BE-9011-C9CCED5AF763} - System32\Tasks\{8BF1877C-FAD1-44A0-A3ED-CA833F55DC79} => C:\Games\You dont know Jack 2\AUTOPLAY.EXE No File
Task: {69CE574C-30C8-4027-A75A-28320848BDEB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {6C4AA1FA-EFEC-4754-A704-B9B8644C006C} - System32\Tasks\{D2276625-69C5-4F6E-99E6-57B8F5A31641} => C:\setup.exe No File
Task: {7031551B-7225-4FF5-AE0D-62646EA567AE} - System32\Tasks\{11B5B5DE-A00E-4F7E-A338-8C4679A5B0A1} => C:\Program Files (x86)\Ubisoft\SilentHunterIII\sh3.exe No File
Task: {805FC837-FA6E-4319-AC01-9DB1EA87268B} - System32\Tasks\{C571D891-F01D-476B-B040-7FE1BA23AFEF} => C:\Games\You dont know Jack 2\setup.exe No File
Task: {90CBD689-4EC6-4D4B-9347-BC41831091F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-10] (Google Inc.)
Task: {90FA2955-2D7D-4936-8D95-56031DD9D5DB} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {92004C21-8465-4C63-99AD-21458156CCAD} - System32\Tasks\{720139FC-17C4-4C11-B94C-8A53F2FFFBA6} => C:\Games\You dont know Jack 2\jg2_32.exe No File
Task: {9364523C-24A8-4D5B-A3AF-A047103C8328} - System32\Tasks\{B199D4C2-AFBA-431A-80C5-EBE8BF07BC31} => C:\Games\You Don't Know Jack 4\YDKJ 4.exe [2003-08-27] (Jellyivision, Inc)
Task: {9458F889-6804-402D-B885-1970D9D67C45} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {982A0640-ED46-4153-8873-14D1C4F01D2E} - System32\Tasks\{3EBD86DD-BF7E-455A-AEBE-1AC8498CC449} => C:\setup.exe No File
Task: {9EAD71F4-BABA-4BE0-8D69-323460C80B05} - System32\Tasks\{DACED536-2EE3-4794-A80C-33B50CBC5781} => C:\Games\You dont know Jack 2\setup.exe No File
Task: {AEA8CB50-DA4F-4CCF-9DA0-FE52D69C0E74} - System32\Tasks\{73B6976A-FC4F-4DFA-9269-640CA2E0AD1B} => C:\setup.exe No File
Task: {AEF3DC2D-65C1-414F-A037-336ACB469328} - System32\Tasks\{FAD22F58-2CB9-42AC-AA6C-E1B0F4DECEE0} => C:\Program Files (x86)\Ubisoft\SilentHunterIII\sh3.exe No File
Task: {BC7010A8-FD9D-4A41-BF0C-73718268964C} - System32\Tasks\{59E2E809-EF42-43E3-A1B1-6D85AE55B6A0} => C:\Program Files (x86)\Ubisoft\SilentHunterIII\sh3.exe No File
Task: {BDB9B28E-24A4-4694-924D-5BECE0F498BE} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {C103B3BE-F34A-4922-9949-0E0D6808D733} - System32\Tasks\{4494591B-8BD1-4A5B-8E9E-C48270870483} => C:\setup.exe No File
Task: {D3E7580A-6C2D-4A70-A843-99722D4DA208} - System32\Tasks\{C4AFF8C1-A799-489F-8F77-A910AA4FDE10} => C:\setup.exe No File
Task: {D8BE2FFC-6195-4D3B-BF2A-D502773F35B0} - System32\Tasks\{93A3CE47-E9B8-4DA0-8BEA-63F77A2DAA9D} => C:\Games\You dont know Jack 2\AUTOPLAY.EXE No File
Task: {E229705D-1E09-45A0-896F-05D7162AD58D} - System32\Tasks\{31DA533E-B495-416D-BBB5-B43849E54DBC} => C:\setup.exe No File
Task: {E6824B82-226D-436A-BA67-7518B8A961EF} - System32\Tasks\{EBD49069-0137-48EF-A25C-C022CB73D5E8} => C:\Games\You Don't Know Jack 4\YDKJ 4.exe [2003-08-27] (Jellyivision, Inc)
Task: {EE44D4A0-0AA2-43BF-A5EB-0E8E1C63F11E} - System32\Tasks\{1317271C-9A47-4251-B110-7E8F5A3846E3} => C:\Games\You dont know Jack 2\setup.exe No File
Task: {FC55D004-4A71-4FB4-8949-EFA660480D0A} - System32\Tasks\{C4095ABE-F88D-4D60-843B-2EF8B4309FC7} => C:\Program Files (x86)\Ubisoft\SilentHunterIII\sh3.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 22%
Total physical RAM: 6135.08 MB
Available physical RAM: 4761.84 MB
Total Pagefile: 12268.34 MB
Available Pagefile: 10777.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:911.41 GB) (Free:675.81 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D82CFC90)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=911 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 05.07.2013, 17:57   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm, Windows startet nicht mehr - Standard

Weißer Bildschirm, Windows startet nicht mehr



Supi, Onlinescan und wir sind durch


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST Log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.07.2013, 20:41   #9
Bullet207
 
Weißer Bildschirm, Windows startet nicht mehr - Standard

Weißer Bildschirm, Windows startet nicht mehr



Also ESET ist fündig gewurden. bei 4 Dateien

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3203f33cc0223b4daff99cde8d9bdabb
# engine=14283
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-05 07:29:16
# local_time=2013-07-05 09:29:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 10205 124682406 0 0
# scanned=393570
# found=4
# cleaned=0
# scan_time=7002
sh=7BD674E6976004DF518A0117B3874016AEDC8FDC ft=1 fh=ae879e8bd8c5267a vn="a variant of Win32/Kryptik.BEZJ trojan" ac=I fn="C:\FRST\Quarantine\skype.dat"
sh=7BD674E6976004DF518A0117B3874016AEDC8FDC ft=1 fh=ae879e8bd8c5267a vn="a variant of Win32/Kryptik.BEZJ trojan" ac=I fn="C:\Users\Alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\dea5eb0-4827d01f"
sh=536B6BC8AD79A7E3226FA067EEFD982367F4022D ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-1723.AT trojan" ac=I fn="C:\Users\Alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\7e0277f6-772cde3f"
sh=7341D8867525EEC52015DA8437CBF131C9488546 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\21d4943c-32e02648"
         
Security Check funktinoiert nicht

Code:
ATTFilter
 UNSUPPORTED OPERATING SYSTEM! ABORTED!
         
Und zum Schluss das Aktuelle FRST


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Alex (administrator) on 05-07-2013 21:33:56
Running from C:\Users\Alex\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Windows\System32\OEM\RunCmd_X64.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
() c:\windows\system32\oem\setEvent.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [PLD_FrameworkRun] c:\Windows\System32\oem\RunCMD_X64.exe c:\Windows\System32\oem\OKTOLaunch_PLD_Framework.cmd [133 2009-08-26] ()
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-09-08] (Google Inc.)
HKCU\...\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 [133432 2011-01-05] (ICQ, LLC.)
HKCU\...\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [SBMBActivation] "C:\Program Files (x86)\Creative\ALchemy SB MB\CTActMgr.exe" /activate [1402392 2008-03-10] (Creative Technology Ltd)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1230704 2011-03-21] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [162336 2009-07-22] ()
HKU\UpdatusUser\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [162336 2009-07-22] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ipower_i9098_ge&r=173608105409p0324v175y47610201
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fl33aulf.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Alex\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa

==================== Services (Whitelisted) =================

R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2011-11-26] ()
S3 Sound Blaster MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\SBMBLicensing.exe [79360 2009-09-24] (Creative Labs)
S2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)

==================== Drivers (Whitelisted) ====================

S3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [34472 2009-06-24] (Intel Corporation )

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-05 21:33 - 2013-07-05 21:33 - 00000041 ____A C:\Users\Alex\Desktop\checkup.txt
2013-07-05 19:17 - 2013-07-05 19:17 - 00890988 ____A C:\Users\Alex\Desktop\SecurityCheck.exe
2013-07-05 19:16 - 2013-07-05 19:16 - 02347384 ____A (ESET) C:\Users\Alex\Desktop\esetsmartinstaller_enu.exe
2013-07-05 18:34 - 2013-07-05 18:34 - 00021590 ____A C:\Users\Alex\Desktop\Addition.txt
2013-07-05 18:32 - 2013-07-05 18:32 - 00001726 ____A C:\Users\Alex\Desktop\JRT.txt
2013-07-05 18:29 - 2013-07-05 18:29 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 18:27 - 2013-07-05 18:27 - 00001061 ____A C:\Users\Alex\Desktop\AdwCleaner[S1].txt
2013-07-05 18:26 - 2013-07-05 18:26 - 00000056 ____A C:\Windows\setupact.log
2013-07-05 18:26 - 2013-07-05 18:26 - 00000000 ____A C:\Windows\setuperr.log
2013-07-05 18:24 - 2013-07-05 18:25 - 00001061 ____A C:\AdwCleaner[S1].txt
2013-07-05 18:24 - 2013-07-05 18:24 - 01934636 ____A (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2013-07-05 18:23 - 2013-07-05 18:29 - 00000000 ____D C:\JRT
2013-07-05 18:23 - 2013-07-05 18:23 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Alex\Desktop\JRT.exe
2013-07-05 18:22 - 2013-07-05 18:22 - 00650027 ____A C:\Users\Alex\Desktop\adwcleaner.exe
2013-07-05 13:49 - 2013-07-05 13:49 - 00217056 ____A C:\Users\Alex\Documents\cc_20130705_134928.reg
2013-07-05 13:49 - 2013-07-05 13:49 - 00009506 ____A C:\Users\Alex\Documents\cc_20130705_134953.reg
2013-07-05 12:58 - 2013-07-05 13:02 - 00000834 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-07-05 12:58 - 2013-07-05 13:02 - 00000000 ____D C:\Program Files\CCleaner
2013-07-05 07:04 - 2013-07-05 07:04 - 00000000 ____D C:\FRST
2013-06-15 18:27 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-15 18:27 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-15 18:27 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 18:27 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-15 18:27 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 18:27 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 18:27 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 18:27 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-15 18:27 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-15 18:27 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 18:27 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-15 18:27 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-15 18:27 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-15 18:26 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 18:26 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 18:26 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 18:26 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 18:26 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 18:26 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 18:26 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 18:26 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 18:26 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 18:26 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 18:26 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 18:26 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 13:43 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-15 13:39 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-15 13:39 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-15 13:38 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-15 13:38 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-15 13:38 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-15 13:38 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-15 13:37 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-15 13:37 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-15 13:37 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-15 13:37 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-15 13:37 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-15 13:37 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-15 13:37 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-15 13:37 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-15 13:37 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-15 13:37 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-15 13:36 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-15 13:36 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 07:59 - 2013-06-09 07:59 - 00001014 ____A C:\Users\Alex\Desktop\Emergency 2012.lnk
2013-06-09 07:58 - 2013-06-09 07:58 - 00000000 ____D C:\Users\Alex\AppData\Local\Quadriga Games
2013-06-08 14:58 - 2013-06-08 14:59 - 28023137 ____A 

==================== One Month Modified Files and Folders =======

2013-07-05 21:33 - 2013-07-05 21:33 - 00000041 ____A C:\Users\Alex\Desktop\checkup.txt
2013-07-05 21:24 - 2010-08-10 18:26 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-05 21:17 - 2012-04-07 13:33 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-05 20:07 - 2009-09-24 01:21 - 02096300 ____A C:\Windows\WindowsUpdate.log
2013-07-05 19:19 - 2009-09-24 11:13 - 00654150 ____A C:\Windows\System32\perfh007.dat
2013-07-05 19:19 - 2009-09-24 11:13 - 00130022 ____A C:\Windows\System32\perfc007.dat
2013-07-05 19:19 - 2009-07-14 07:13 - 01498742 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-05 19:17 - 2013-07-05 19:17 - 00890988 ____A C:\Users\Alex\Desktop\SecurityCheck.exe
2013-07-05 19:16 - 2013-07-05 19:16 - 02347384 ____A (ESET) C:\Users\Alex\Desktop\esetsmartinstaller_enu.exe
2013-07-05 19:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-07-05 18:34 - 2013-07-05 18:34 - 00021590 ____A C:\Users\Alex\Desktop\Addition.txt
2013-07-05 18:34 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-05 18:34 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-05 18:32 - 2013-07-05 18:32 - 00001726 ____A C:\Users\Alex\Desktop\JRT.txt
2013-07-05 18:29 - 2013-07-05 18:29 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 18:29 - 2013-07-05 18:23 - 00000000 ____D C:\JRT
2013-07-05 18:27 - 2013-07-05 18:27 - 00001061 ____A C:\Users\Alex\Desktop\AdwCleaner[S1].txt
2013-07-05 18:26 - 2013-07-05 18:26 - 00000056 ____A C:\Windows\setupact.log
2013-07-05 18:26 - 2013-07-05 18:26 - 00000000 ____A C:\Windows\setuperr.log
2013-07-05 18:26 - 2010-08-10 18:26 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-05 18:26 - 2009-09-24 01:27 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-05 18:26 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-05 18:25 - 2013-07-05 18:24 - 00001061 ____A C:\AdwCleaner[S1].txt
2013-07-05 18:24 - 2013-07-05 18:24 - 01934636 ____A (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2013-07-05 18:23 - 2013-07-05 18:23 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Alex\Desktop\JRT.exe
2013-07-05 18:22 - 2013-07-05 18:22 - 00650027 ____A C:\Users\Alex\Desktop\adwcleaner.exe
2013-07-05 13:49 - 2013-07-05 13:49 - 00217056 ____A C:\Users\Alex\Documents\cc_20130705_134928.reg
2013-07-05 13:49 - 2013-07-05 13:49 - 00009506 ____A C:\Users\Alex\Documents\cc_20130705_134953.reg
2013-07-05 13:47 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2013-07-05 13:02 - 2013-07-05 12:58 - 00000834 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-07-05 13:02 - 2013-07-05 12:58 - 00000000 ____D C:\Program Files\CCleaner
2013-07-05 12:53 - 2009-09-08 03:24 - 00000000 ____D C:\ProgramData\G DATA
2013-07-05 12:53 - 2009-09-08 03:24 - 00000000 ____D C:\Program Files (x86)\G Data
2013-07-05 07:04 - 2013-07-05 07:04 - 00000000 ____D C:\FRST
2013-07-05 06:55 - 2010-08-10 15:52 - 00000000 __SHD C:\Recovery
2013-07-04 09:14 - 2010-09-04 08:21 - 00000000 ____D C:\Users\Alex\AppData\Roaming\ICQ
2013-07-02 16:08 - 2010-11-05 17:05 - 00000205 ____A C:\Users\Alex\Desktop\Handy IMEI.txt
2013-07-02 08:14 - 2010-08-10 16:04 - 00000000 ____D C:\Users\Alex\AppData\Local\Google
2013-07-01 10:20 - 2011-06-07 16:20 - 00000040 ____A C:\ProgramData\ra3.ini
2013-06-29 14:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-15 18:30 - 2009-09-08 02:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-15 18:28 - 2010-08-11 05:09 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-15 15:17 - 2012-04-07 13:32 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-15 15:17 - 2011-05-14 07:34 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-09 07:59 - 2013-06-09 07:59 - 00001014 ____A C:\Users\Alex\Desktop\Emergency 2012.lnk
2013-06-09 07:58 - 2013-06-09 07:58 - 00000000 ____D C:\Users\Alex\AppData\Local\Quadriga Games
2013-06-09 07:25 - 2010-08-10 18:22 - 00000000 ____D C:\Games
2013-06-08 16:08 - 2013-06-15 18:26 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 18:26 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 18:26 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 18:26 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 18:26 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 18:26 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 18:26 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 18:26 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 18:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 18:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 18:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 18:26 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 11:21

==================== End Of Log ============================
         
--- --- ---

Alt 06.07.2013, 08:50   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm, Windows startet nicht mehr - Standard

Weißer Bildschirm, Windows startet nicht mehr



ESET findet nur was schon in Quarantäne ist oder nur Tepms

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.07.2013, 10:50   #11
Bullet207
 
Weißer Bildschirm, Windows startet nicht mehr - Standard

Weißer Bildschirm, Windows startet nicht mehr



Alles erledigt, werde jetzt wohl endgültig auf Firefox umsteigen hatte ich zwar schon immer als zweit-Browser hab aber meistens IE benutzt.
Vielen lieben Dank für die Hilfe und die abschließenden Tipps zur Zusätzlichen Systemsicherung. Riesen Danke...echt Top!

Alt 07.07.2013, 11:20   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm, Windows startet nicht mehr - Standard

Weißer Bildschirm, Windows startet nicht mehr



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Weißer Bildschirm, Windows startet nicht mehr
adobe, adobe flash player, antivirus, association, bildschirm, bildschirm bleibt weiß, desktop, explorer, farbar, farbar recovery scan tool, flash player, frst.txt, google, home, icq, kaspersky, logfile, microsoft, packard bell, pc startet nicht mehr, realtek, registry, scan, security, services.exe, software, svchost.exe, symantec, system, windows, windows startet nicht, winlogon, winlogon.exe




Ähnliche Themen: Weißer Bildschirm, Windows startet nicht mehr


  1. Windows 7 startet nicht mehr - Schwarzer Bildschirm mit Mauszeiger
    Log-Analyse und Auswertung - 19.08.2014 (25)
  2. Windows 7 startet nicht mehr, schwarzer Bildschirm
    Log-Analyse und Auswertung - 24.06.2014 (7)
  3. Nach download von Qtranslate startet Windows 7 nicht mehr- Bildschirm schwarz
    Log-Analyse und Auswertung - 29.01.2014 (15)
  4. Hilfe!! Weißer Bildschirm beim einschalten, Maus geht nicht mehr, alles sehr langsam, Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 17.09.2013 (1)
  5. Win 7, Rechner bootete nicht mehr nach Befall - u.a. weißer Bildschirm
    Log-Analyse und Auswertung - 17.09.2013 (28)
  6. Windows 7 startet nicht mehr, schwarzer Bildschirm beim Booten mit weißem Mauszeiger
    Log-Analyse und Auswertung - 19.03.2013 (0)
  7. Laptop bootet nicht mehr (schwarzer Bildschirm, weißer Mauszeiger)
    Plagegeister aller Art und deren Bekämpfung - 25.02.2013 (15)
  8. weißer Bildschirm na windows start -gar nichts geht mehr
    Log-Analyse und Auswertung - 26.11.2012 (5)
  9. Windows startet nicht - weißer Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 18.06.2012 (31)
  10. Windows startet nicht - erscheint nur weißer Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 28.05.2012 (6)
  11. Win Firewall startet nicht automatisch. Weißer Bildschirm (Symptom selbst gefixed). Wieder i.O.?
    Plagegeister aller Art und deren Bekämpfung - 04.04.2012 (13)
  12. Windows startet nicht, stattdessen weißer Bildschirm mit Nachricht!
    Log-Analyse und Auswertung - 01.04.2012 (7)
  13. Windows startet nicht, stattdessen weißer Bildschirm mit Nachricht!
    Plagegeister aller Art und deren Bekämpfung - 30.03.2012 (11)
  14. Windows startet nicht mehr! Nur schwarzer Bildschirm mit Cursor oben links!
    Plagegeister aller Art und deren Bekämpfung - 19.10.2011 (11)
  15. Lustige Farben (Grafikfehler), Bildschirm tot (kein Signal), Windows tot (startet nicht mehr)
    Alles rund um Windows - 11.07.2011 (2)
  16. Windows XP startet nicht mehr->nur blauer Bildschirm
    Alles rund um Windows - 22.08.2009 (9)
  17. Windows Vista startet nicht mehr->nur blauer Bildschirm
    Alles rund um Windows - 24.05.2009 (1)

Zum Thema Weißer Bildschirm, Windows startet nicht mehr - Hallo liebe Helfer, Trotz aktueller Virensoftware hat es mich wohl erwischt. Der Pc startet nicht mehr der Bildschirm bleibt weiß, ebenso fährt sich das System im abgesicherten Modus sofort selbstständig - Weißer Bildschirm, Windows startet nicht mehr...
Archiv
Du betrachtest: Weißer Bildschirm, Windows startet nicht mehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.