| |
| |||||||
Log-Analyse und Auswertung: Windows 7 HP x64 startet in schwarzen Bildschirm/MauszeigerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.12.2013, 13:05
| #1 |
| |  Windows 7 HP x64 startet in schwarzen Bildschirm/Mauszeiger Sehr geehrtes Board-Team, nach langem Lesen eueres gute Forums und vielen Tipps und Infos habe ich jetzt auch ein Problem : Mein zweit Rechner verweigert leider den Dienst : Hier die tec-Daten: Acer Aspire M3870 Windows 7 HP x64 CPU : i3 RAM 4 GB 1 TB HDD Nvidia Geforce GT330 Dieser bootet ganz normal und startet dann in ein schwarzes Bild mit weißem Mauszeiger. Im Abgesicherten Modus genau das gleiche Spiel. Über diesen Thread : http://www.trojaner-board.de/131309-...auszeiger.html habe ich die FRST64 Log erzeugt, welche ich euch anhänge. Ich hoffe Ihr könnt mir helfen. Bin seit einer Woche am probieren  Vielen Dank im voraus. Gruß Golf30 Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2013 01
Ran by SYSTEM on MININT-53FQF1E on 14-12-2013 12:02:11
Running from M:\
WIN_7 Service Pack 1 (X64) OS Language: German Standard
Boot Mode: Recovery
Attention: Could not load system hive.
==================== Registry (Whitelisted) ==================
ATTENTION: Software hive is not loaded.
==================== Services (Whitelisted) =================
==================== Drivers (Whitelisted) ====================
========================== Drivers MD5 =======================
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-14 12:01 - 2013-12-14 12:01 - 00000000 ___DC C:\FRST
2013-12-12 08:40 - 2013-12-12 08:40 - 00450968 _____ C:\Windows\Minidump\121213-26925-01.dmp
2013-12-12 08:39 - 2013-12-12 08:39 - 307425428 _____ C:\Windows\MEMORY.DMP
2013-11-14 03:22 - 2013-11-14 03:22 - 00000000 _____ C:\Windows\SysWOW64\shoB35F.tmp
2013-11-14 03:04 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-11-14 03:04 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-11-14 03:04 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-11-14 03:04 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-11-14 03:04 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 03:04 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-14 03:04 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-11-14 03:04 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 03:04 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-11-14 03:04 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
==================== One Month Modified Files and Folders =======
2013-12-14 12:01 - 2013-12-14 12:01 - 00000000 ___DC C:\FRST
2013-12-13 13:11 - 2010-12-26 14:35 - 00000000 ____D C:\Windows\System32\logishrd
2013-12-13 13:10 - 2010-05-26 19:08 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-12 08:40 - 2013-12-12 08:40 - 00450968 _____ C:\Windows\Minidump\121213-26925-01.dmp
2013-12-12 08:40 - 2011-10-22 15:43 - 00000000 ____D C:\Windows\Minidump
2013-12-12 08:39 - 2013-12-12 08:39 - 307425428 _____ C:\Windows\MEMORY.DMP
2013-12-11 08:03 - 2013-09-15 01:35 - 00000000 ____D C:\Users\Daniel\Desktop\Dark-Mt2 2012
2013-12-11 08:03 - 2011-04-09 17:09 - 00000000 ___RD C:\Users\Daniel\Desktop\andere sachen
2013-12-03 18:47 - 2012-12-27 10:27 - 00015310 _____ C:\Windows\setupact.log
2013-12-03 18:47 - 2010-12-26 14:35 - 00000000 ____D C:\Windows\SysWOW64\logishrd
2013-12-03 18:47 - 2010-10-05 18:40 - 00000346 _____ C:\Windows\Tasks\RegistryBooster.job
2013-12-03 18:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-03 18:46 - 2010-05-26 19:02 - 01770302 _____ C:\Windows\WindowsUpdate.log
2013-12-03 18:40 - 2010-09-14 12:50 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-03 18:39 - 2011-10-30 14:14 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3667366086-543603560-2415944112-1000UA.job
2013-12-03 18:39 - 2011-10-30 14:14 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3667366086-543603560-2415944112-1000Core.job
2013-12-03 18:39 - 2010-09-14 12:50 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-17 17:43 - 2013-05-04 17:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify
2013-11-17 17:38 - 2012-09-01 23:52 - 00000000 ____D C:\Users\Daniel\Tracing
2013-11-14 03:29 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-14 03:29 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-14 03:28 - 2010-05-25 04:19 - 00697300 _____ C:\Windows\System32\perfh007.dat
2013-11-14 03:28 - 2010-05-25 04:19 - 00148338 _____ C:\Windows\System32\perfc007.dat
2013-11-14 03:28 - 2009-07-14 06:13 - 01614964 _____ C:\Windows\System32\PerfStringBackup.INI
2013-11-14 03:22 - 2013-11-14 03:22 - 00000000 _____ C:\Windows\SysWOW64\shoB35F.tmp
2013-11-14 03:00 - 2010-10-09 20:39 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\AutoRun.exe
C:\Users\Daniel\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Daniel\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Daniel\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Daniel\AppData\Local\Temp\EAInstall.dll
C:\Users\Daniel\AppData\Local\Temp\eauninstall.exe
C:\Users\Daniel\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Daniel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Daniel\AppData\Local\Temp\tbNCH_.dll
C:\Users\Daniel\AppData\Local\Temp\unwise.exe
C:\Users\Daniel\AppData\Local\Temp\_is7C9E.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: <===== ATTENTION!
HKLM\...\exefile\DefaultIcon: <===== ATTENTION!
HKLM\...\exefile\open\command: <===== ATTENTION!
==================== Restore Points =========================
==================== BCD ================================
==================== Memory info ===========================
Percentage of memory in use: 13%
Total physical RAM: 4023.11 MB
Available physical RAM: 3471.91 MB
Total Pagefile: 4021.31 MB
Available Pagefile: 3477.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:453.45 GB) (Free:282.86 GB) NTFS
Drive e: (DATA) (Fixed) (Total:453.96 GB) (Free:453.86 GB) NTFS
Drive f: (PQSERVICE) (Fixed) (Total:24 GB) (Free:5.81 GB) NTFS
Drive g: (GSP1RMCPRXFRER_DE_DVD) (CDROM) (Total:3.04 GB) (Free:0 GB) UDF
Drive m: () (Removable) (Total:29.67 GB) (Free:29.67 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 18EB46D9)
Partition 1: (Not Active) - (Size=24 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=454 GB) - (Type=07 NTFS)
========================================================
Disk: 6 (Size: 30 GB) (Disk ID: 6E652072)
Partition 1: (Active) - (Size=811 GB) - (Type=6E)
Partition 2: (Not Active) - (Size=468 GB) - (Type=FF)
Partition 3: (Not Active) - (Size=80 GB) - (Type=74)
Partition 4: (Not Active) - (Size=26 MB) - (Type=00)
LastRegBack: 2013-09-21 21:06
==================== End Of Log ============================
|
| Themen zu Windows 7 HP x64 startet in schwarzen Bildschirm/Mauszeiger |
| appdata, association, bild, cdrom, check, desktop, dvd, explorer.exe, free, geforce, icon, log, microsoft, minidump, problem, rechner, registry, services.exe, software, startet, svchost.exe, system, system32, temp, tipps, windows, winlogon.exe |
Baum-Darstellung