| |
| |||||||
Log-Analyse und Auswertung: Win 7 started nicht! Nur schwarzer Bildschirm mit Cursor oben links!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
06.12.2013, 19:04
| #1 |
| |  Win 7 started nicht! Nur schwarzer Bildschirm mit Cursor oben links! Hallo  Ich habe das Problem das beim starten von windows 7 nur ein schwarzer Bildschirm mit Cursor oben links! Ich habe mein pc schon auseinandergebaut und habe mir identische Foren durchgelesen! Auf der Seite http://www.trojaner-board.de/104065-...ben-links.html habe ich eine ausführlich Anleitung gefunden! Ich habe alles gemacht was der Herr Cosinus geschrieben hat Ich habe grade einen Run Scan gemacht! OTL Logfile:Code:
ATTFilter OTL logfile created on: 12/5/2013 6:13:12 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 73.50 Mb Free Space | 73.50% Space Free | Partition Type: NTFS
Drive D: | 288.09 Gb Total Space | 111.77 Gb Free Space | 38.80% Space Free | Partition Type: NTFS
Drive E: | 97.56 Gb Total Space | 32.59 Gb Free Space | 33.41% Space Free | Partition Type: NTFS
Drive F: | 545.77 Gb Total Space | 17.55 Gb Free Space | 3.22% Space Free | Partition Type: NTFS
Drive G: | 29.67 Gb Total Space | 29.67 Gb Free Space | 99.98% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2013/09/21 03:36:28 | 000,239,616 | ---- | M] (AMD) [Auto] -- E:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/09/20 20:58:34 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto] -- E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/10/08 07:17:48 | 003,032,032 | ---- | M] () [Auto] -- E:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe -- (BitGuard)
SRV - [2013/10/07 13:48:17 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand] -- E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/30 23:50:46 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- E:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/09/30 23:50:25 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- E:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013/09/30 23:50:19 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- E:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/09/30 10:20:17 | 000,076,888 | ---- | M] () [Auto] -- E:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/09/23 20:18:26 | 000,164,816 | ---- | M] (APN LLC.) [Auto] -- E:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013/09/21 13:35:00 | 000,565,672 | ---- | M] (Valve Corporation) [On_Demand] -- E:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/08/31 03:22:55 | 003,233,806 | ---- | M] () [Auto] -- E:\Program Files (x86)\Tor\tor.exe -- (tor)
SRV - [2013/06/21 02:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto] -- E:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto] -- E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/03/20 12:45:14 | 000,746,392 | ---- | M] (Tunngle.net GmbH) [On_Demand] -- E:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013/02/05 10:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand] -- E:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/07/08 17:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/09/30 23:50:59 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- E:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013/09/30 23:50:59 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- E:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013/09/30 23:50:59 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- E:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013/09/21 04:38:34 | 012,653,568 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/09/21 03:06:04 | 000,617,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/07/05 03:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- E:\Windows\System32\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/06/18 21:39:40 | 000,034,816 | ---- | M] (Advanced Micro Devices) [Kernel | Auto] -- E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2.0)
DRV:64bit: - [2011/08/23 08:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/08/17 05:18:00 | 000,080,384 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand] -- E:\Windows\System32\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/08/17 05:18:00 | 000,057,088 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand] -- E:\Windows\System32\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/09/16 01:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand] -- E:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- E:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2007/11/22 07:48:46 | 010,733,184 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Bohne_ON_E\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.searchgol.com/?babsrc=HP_ss_Btisdt7&mntrId=8AD000FFADEDE16E&affID=121564&tsp=4956
IE - HKU\Bohne_ON_E\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=1749322d-8c8a-419b-9322-6e0d4f52d81e&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}&installDate=24/05/2013
IE - HKU\Bohne_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=1749322d-8c8a-419b-9322-6e0d4f52d81e&affid=111583&searchtype=hp&babsrc=lnkry_nt&installDate=24/05/2013
IE - HKU\Bohne_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Bohne_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Bohne_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 96 75 7F 52 BC 21 CE 01 [binary data]
IE - HKU\Bohne_ON_E\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=1749322d-8c8a-419b-9322-6e0d4f52d81e&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}&installDate=24/05/2013
IE - HKU\Bohne_ON_E\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=1749322d-8c8a-419b-9322-6e0d4f52d81e&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}&installDate=24/05/2013
IE - HKU\Bohne_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\System32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: E:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.7: E:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0: E:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: E:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: E:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: E:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll (McAfee, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2: E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: E:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/05/03 10:54:39 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\extensions
[2013/10/07 13:48:18 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/07 13:48:18 | 000,000,000 | ---D | M] (Default) -- E:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2013/12/05 18:10:05 | 000,000,098 | ---- | M]) - E:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - File not found
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - E:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - E:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - E:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (WhiteSmoke New V6 Toolbar) - {da7f5ae1-3be3-43c0-8098-c1d183616e97} - E:\Program Files (x86)\WhiteSmoke_New_V6\prxtbWhit.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - E:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - E:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (WhiteSmoke New V6 Toolbar) - {da7f5ae1-3be3-43c0-8098-c1d183616e97} - E:\Program Files (x86)\WhiteSmoke_New_V6\prxtbWhit.dll (Conduit Ltd.)
O3 - HKU\Bohne_ON_E\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - E:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] E:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp325] E:\Windows\vsnp325.exe ()
O4 - HKLM..\Run: [ApnTBMon] E:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [avgnt] E:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [FixCamera] E:\Windows\FixCamera.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] E:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [snpstd3] E:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [StartCCC] E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tsnp325] E:\Windows\tsnp325.exe ()
O4 - HKLM..\Run: [tsnpstd3] E:\Windows\tsnpstd3.exe ()
O4 - HKU\Bohne_ON_E..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] E:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\Bohne_ON_E..\Run: [Browser Infrastructure Helper] E:\Users\Bohne\AppData\Local\Smartbar\Application\Linkury.exe (Smartbar)
O4 - HKU\Bohne_ON_E..\Run: [ConduitFloatingPlugin_ibcgjcbeckcdemelifnledhihpaighfk] E:\Program Files (x86)\Conduit\CT3311268\plugins\TBVerifier.dll (Conduit Ltd.)
O4 - HKU\Bohne_ON_E..\Run: [EADM] E:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\Bohne_ON_E..\Run: [HP Officejet 6700 (NET)] E:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\Bohne_ON_E..\Run: [NTRedirect] E:\Users\Bohne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll ()
O4 - HKU\Bohne_ON_E..\Run: [Raptr] E:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKU\LocalService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - File not found
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - File not found
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - E:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O20 - AppInit_DLLs: (c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll) - E:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/12/05 18:10:04 | 000,000,000 | ---D | C] -- E:\_OTL
[2013/04/12 11:44:32 | 000,147,456 | ---- | C] ( ) -- E:\Windows\SysWow64\rsnp325.dll
[2013/04/12 11:44:32 | 000,057,344 | ---- | C] ( ) -- E:\Windows\SysWow64\vsnp325.dll
[2013/04/12 11:44:32 | 000,053,248 | ---- | C] ( ) -- E:\Windows\SysWow64\csnp325.dll
[2013/04/12 11:31:46 | 000,163,840 | ---- | C] ( ) -- E:\Windows\SysWow64\rsnpstd3.dll
[2013/04/12 11:31:46 | 000,061,440 | ---- | C] ( ) -- E:\Windows\SysWow64\vsnpstd3.dll
[2013/04/12 11:31:46 | 000,053,248 | ---- | C] ( ) -- E:\Windows\csnpstd3.dll
[2013/03/29 13:17:10 | 000,216,064 | ---- | C] ( ) -- E:\Windows\SysWow64\lagarith.dll
[3 E:\Users\Bohne\Documents\*.tmp files -> E:\Users\Bohne\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/12/05 18:10:05 | 000,000,098 | ---- | M] () -- E:\Windows\System32\drivers\etc\Hosts
[2013/11/15 16:28:11 | 000,000,618 | ---- | M] () -- E:\Users\Bohne\Desktop\Fraps.lnk
[2013/11/15 16:28:09 | 000,002,731 | ---- | M] () -- E:\Users\Bohne\Desktop\Search.lnk
[2013/11/15 16:28:09 | 000,001,842 | ---- | M] () -- E:\Users\Bohne\Desktop\DivX Movies.lnk
[2013/11/15 16:28:09 | 000,001,537 | ---- | M] () -- E:\Users\Bohne\Desktop\8-bit_ Gorillaz - Feel Good Inc. - Verknüpfung.lnk
[3 E:\Users\Bohne\Documents\*.tmp files -> E:\Users\Bohne\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/09/21 04:23:02 | 000,995,342 | ---- | C] () -- E:\Windows\SysWow64\amdocl_as32.exe
[2013/09/21 04:23:02 | 000,798,734 | ---- | C] () -- E:\Windows\SysWow64\amdocl_ld32.exe
[2013/09/21 03:00:44 | 000,204,952 | ---- | C] () -- E:\Windows\SysWow64\ativvsvl.dat
[2013/09/21 03:00:44 | 000,157,144 | ---- | C] () -- E:\Windows\SysWow64\ativvsva.dat
[2013/09/20 22:28:48 | 000,038,912 | ---- | C] () -- E:\Windows\SysWow64\kdbsdk32.dll
[2013/06/20 11:44:37 | 000,000,017 | ---- | C] () -- E:\Users\Bohne\AppData\Local\resmon.resmoncfg
[2013/04/23 12:25:03 | 000,002,623 | ---- | C] () -- E:\Windows\Irremote.ini
[2013/04/12 11:44:33 | 000,835,584 | ---- | C] () -- E:\Windows\vsnp325.exe
[2013/04/12 11:44:33 | 000,270,336 | ---- | C] () -- E:\Windows\tsnp325.exe
[2013/04/12 11:44:33 | 000,015,498 | ---- | C] () -- E:\Windows\snp325.ini
[2013/04/12 11:39:29 | 000,003,968 | ---- | C] () -- E:\Windows\SysWow64\drivers\DeNoise.sys
[2013/04/12 11:31:47 | 000,835,584 | ---- | C] () -- E:\Windows\vsnpstd3.exe
[2013/04/12 11:31:47 | 000,360,448 | ---- | C] () -- E:\Windows\tsnpstd3.exe
[2013/04/12 11:31:47 | 000,015,498 | ---- | C] () -- E:\Windows\snpstd3.ini
[2013/04/12 11:23:29 | 000,020,480 | ---- | C] () -- E:\Windows\FixCamera.exe
[2013/03/29 13:17:10 | 000,715,038 | ---- | C] () -- E:\Windows\unins000.exe
[2013/03/29 13:17:10 | 000,001,990 | ---- | C] () -- E:\Windows\unins000.dat
[2013/03/20 13:19:46 | 000,000,057 | ---- | C] () -- E:\ProgramData\Ament.ini
[2013/03/15 16:10:04 | 001,592,628 | ---- | C] () -- E:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/15 15:40:24 | 002,580,552 | ---- | C] () -- E:\Windows\SysWow64\pbsvc.exe
[2013/03/15 15:40:24 | 000,282,296 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrB.exe
[2013/03/15 15:40:24 | 000,076,888 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrA.exe
[2013/03/15 15:24:52 | 000,000,000 | ---- | C] () -- E:\Windows\ativpsrm.bin
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- E:\Windows\SysWow64\atipblag.dat
[2010/11/20 22:24:49 | 000,252,928 | ---- | C] () -- E:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- E:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- E:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:25:04 | 000,197,632 | ---- | C] () -- E:\Windows\SysWow64\ir32_32.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- E:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\SysWow64\mlang.dat
[2008/10/07 02:13:30 | 000,197,912 | ---- | C] () -- E:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 02:13:22 | 000,058,648 | ---- | C] () -- E:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\SysWow64\AgCPanelFrench.dll
========== LOP Check ==========
[2013/10/01 15:16:30 | 000,000,000 | ---D | M] -- E:\ProgramData\AMD
[2013/03/15 15:15:12 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten
[2013/09/30 23:54:07 | 000,000,000 | ---D | M] -- E:\ProgramData\APN
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2013/03/27 09:31:39 | 000,000,000 | ---D | M] -- E:\ProgramData\Ask
[2013/09/30 23:54:22 | 000,000,000 | ---D | M] -- E:\ProgramData\AskPartnerNetwork
[2013/03/15 15:52:18 | 000,000,000 | ---D | M] -- E:\ProgramData\Babylon
[2013/03/31 11:55:15 | 000,000,000 | ---D | M] -- E:\ProgramData\Battle.net
[2013/10/09 13:09:28 | 000,000,000 | ---D | M] -- E:\ProgramData\BitGuard
[2013/04/23 12:53:39 | 000,000,000 | ---D | M] -- E:\ProgramData\Canneverbe Limited
[2013/10/08 16:33:48 | 000,000,000 | ---D | M] -- E:\ProgramData\Conduit
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2013/03/15 15:15:12 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente
[2013/03/15 16:03:13 | 000,000,000 | ---D | M] -- E:\ProgramData\EA Core
[2013/03/16 03:43:38 | 000,000,000 | ---D | M] -- E:\ProgramData\EA Logs
[2013/03/15 16:03:17 | 000,000,000 | ---D | M] -- E:\ProgramData\Electronic Arts
[2013/03/15 15:15:12 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2013/10/01 12:23:11 | 000,000,000 | ---D | M] -- E:\ProgramData\Origin
[2013/10/01 13:10:49 | 000,000,000 | ---D | M] -- E:\ProgramData\Package Cache
[2013/03/16 14:22:16 | 000,000,000 | ---D | M] -- E:\ProgramData\Sony
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2013/03/15 15:15:12 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2013/03/27 11:03:11 | 000,000,000 | ---D | M] -- E:\ProgramData\Tunngle
[2013/03/15 15:15:12 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen
[2013/09/21 02:27:30 | 000,032,632 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Meine Frage ist jetzt wie es weiter gehen soll muss ich die den gleichen Run Fix wie auf der oben geposteten Seite machen oder ist das individuell? Wie ist es möglich, dass Windows wieder Fehlerfrei startet? Vielen Dank Bohne Geändert von Bohne (06.12.2013 um 19:19 Uhr) |
| Themen zu Win 7 started nicht! Nur schwarzer Bildschirm mit Cursor oben links! |
| antivir, autorun, avira, avira searchfree toolbar, bho, bildschirm, cursor, defender, desktop, error, firefox, format, frage, home, launch, logfile, mozilla, object, officejet, plug-in, problem, realtek, registry, scan, schwarzer bildschirm, security, smartbar, software, starten, windows |
Baum-Darstellung