Zurück   Trojaner-Board > Web/PC > Alles rund um Windows
FRST Scan nach Windows 7 Reboot-Dauerschleife

FRST Scan nach Windows 7 Reboot-Dauerschleife


Alles rund um Windows: FRST Scan nach Windows 7 Reboot-Dauerschleife

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 24.01.2017, 12:58   #1
NJ90
 
FRST Scan nach Windows 7 Reboot-Dauerschleife - Standard

Problem: FRST Scan nach Windows 7 Reboot-Dauerschleife


Guten Tag,

ich habe hier ein Log-File von FRST.
Genutzt habe ich FRST aus folgendem Grund:

Mein Windows 7 64 bit System bootet nicht mehr.
ES kommt zu einer Windows Starthilfe / Windows Normal starten Dauerschleife.
Da ich auf einer anderen Festplatte Windows 10 habe kann ich von dort zugreifen und die andere Platte abscannen.
Aber bevor ich dort mit einer Software alles abscanne habe ich mit FRST im Recovery-Modus von Windows 7 einen Scan durchgeführt welches ich hier gerne präsentieren möchte.
In der Log-Datei habe ich meinen Benutzernamen mit ***** ersetzt!!!


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2017
Ran by SYSTEM on MININT-5JA955D (24-01-2017 11:53:16)
Running from G:\
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17361016 2016-12-19] (Logitech Inc.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454656 2016-01-21] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [157696 2016-01-21] (Saitek)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16717832 2016-10-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [298776 2015-11-19] (Intel Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218248 2016-11-08] (Geek Software GmbH)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2016-12-06] (Avira Operations GmbH & Co. KG)
GroupPolicy: Restriction <======= ATTENTION

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2218712 2016-12-12] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2016-12-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2016-12-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2016-12-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2016-12-06] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-12] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [389392 2016-11-02] (EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [284224 2016-12-23] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-12-07] (GOG.com)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2016-12-19] (Logitech Inc.)
S2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [3877768 2016-12-12] (Paramount Software UK Ltd)
S2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-25] (Nitro PDF Software)
S2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-05] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-05] (NVIDIA Corporation)
S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
S2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-01-05] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-13] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-13] (Electronic Arts)
S3 OVRLibraryService; C:\Program Files (x86)\Oculus\Support\oculus-librarian\OVRLibraryService.exe [207656 2016-12-13] (Oculus VR, LLC)
S2 OVRService; C:\program files (x86)\Oculus_0800\Service\OVRServiceLauncher.exe [328840 2015-10-21] (Oculus VR)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [218248 2016-11-08] (Geek Software GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-10-17] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2017-01-23] ()
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [321032 2016-10-21] (Realtek Semiconductor)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2012-06-04] (Google Inc)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-06] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148032 2016-12-06] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2016-12-06] (Avira Operations GmbH & Co. KG)
S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-12-06] (Avira Operations GmbH & Co. KG)
S0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35864 2016-12-06] (Avira Operations GmbH & Co. KG)
S3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [511952 2016-07-26] (Intel Corporation)
S3 KinectCamera; C:\Windows\System32\Drivers\kinectcamera.sys [192512 2013-02-27] (Microsoft Corporation)
S2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2016-12-19] (Logitech Inc.)
S3 lgLowAudio; C:\Windows\System32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-28] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-28] (Visicom Media Inc.)
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [177952 2015-06-11] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-01-05] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47672 2017-01-05] (NVIDIA Corporation)
S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [59448 2017-01-05] (NVIDIA Corporation)
S3 OCUSBVID; C:\Windows\System32\DRIVERS\ocusbvid109.sys [68664 2016-08-26] (Oculus VR, LLC)
S1 RiftEnabler; C:\Windows\System32\DRIVERS\RiftEnabler.sys [55880 2015-10-21] (Oculus VR, LLC)
S3 SaiK075C; C:\Windows\System32\DRIVERS\SaiK075C.sys [181920 2016-02-02] (Saitek)
S3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [23968 2016-02-02] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [51616 2016-02-02] (Saitek)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [42760 2016-02-21] (Microsoft Corporation)
S3 libusb0; system32\drivers\libusb0.sys [X]
S3 PCASp60; System32\Drivers\PCASp60.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-24 11:52 - 2017-01-24 11:53 - 00000000 ____D C:\FRST
2017-01-23 12:33 - 2017-01-23 05:18 - 00000000 ____D C:\Windows\System32\config\myregbackup
2017-01-23 10:26 - 2017-01-23 10:26 - 02434856 _____ C:\Windows\SysWOW64\pbsvc_bc2.exe
2017-01-23 10:26 - 2017-01-23 10:26 - 00215128 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2017-01-23 06:13 - 2017-01-23 06:13 - 172228608 _____ C:\Rescue.iso
2017-01-23 05:40 - 2017-01-23 05:40 - 00000000 ____D C:\Users\*****\Downloads\Win7
2017-01-23 04:58 - 2017-01-23 04:58 - 00000000 _____ C:\Users\*****\wmic
2017-01-23 04:58 - 2017-01-23 04:58 - 00000000 _____ C:\Users\*****\root
2017-01-23 04:58 - 2017-01-23 04:58 - 00000000 _____ C:\Users\*****\DeviceID
2017-01-23 04:58 - 2017-01-23 04:58 - 00000000 _____ C:\Users\*****\cd
2017-01-23 04:58 - 2017-01-23 04:58 - 00000000 _____ C:\Users\*****\bootrec
2017-01-22 06:55 - 2017-01-23 10:26 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2017-01-17 01:32 - 2017-01-17 01:32 - 05253240 _____ (Logitech Inc.) C:\Users\*****\Downloads\G900Update_1.3.21.exe
2017-01-17 01:30 - 2017-01-17 01:30 - 05020280 _____ (Logitech Inc.) C:\Users\*****\Downloads\G910R2Update_106.1.2.exe
2017-01-15 11:44 - 2017-01-05 17:10 - 00158264 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap64v.dll
2017-01-15 11:44 - 2017-01-05 17:10 - 00126008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-01-15 11:44 - 2017-01-05 17:10 - 00059448 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvhci.sys
2017-01-15 11:44 - 2017-01-05 17:10 - 00047672 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2017-01-13 07:39 - 2017-01-13 07:39 - 00000000 ____D C:\Users\*****\Desktop\Onlineshop
2017-01-12 02:36 - 2017-01-12 02:36 - 00001520 _____ C:\Users\*****\Documents\cc_20170112_113627.reg
2017-01-11 02:02 - 2017-01-05 10:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2017-01-11 02:02 - 2017-01-05 10:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2017-01-11 02:02 - 2017-01-05 10:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\System32\certcli.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\System32\rpchttp.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\System32\bcrypt.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2017-01-11 02:02 - 2017-01-05 10:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-11 02:02 - 2017-01-05 09:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-11 02:02 - 2017-01-05 09:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-11 02:02 - 2017-01-05 09:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2017-01-11 02:02 - 2017-01-05 09:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2017-01-11 02:02 - 2017-01-05 09:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2017-01-11 02:02 - 2017-01-05 09:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2017-01-11 02:02 - 2017-01-05 09:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2017-01-11 02:02 - 2017-01-05 09:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-11 02:02 - 2017-01-05 09:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-10 10:21 - 2017-01-10 10:21 - 08803648 _____ (Piriform Ltd) C:\Users\*****\Downloads\ccsetup525.exe
2017-01-07 07:13 - 2017-01-07 07:13 - 00005176 _____ C:\Users\*****\Documents\cc_20170107_161350.reg
2017-01-02 12:26 - 2017-01-02 12:27 - 02807777 _____ C:\Users\*****\Downloads\INF(v10.1.1.9).zip
2017-01-01 05:02 - 2017-01-01 05:02 - 00000000 ____D C:\Users\*****\Documents\vorpX
2017-01-01 05:02 - 2017-01-01 05:02 - 00000000 ____D C:\ProgramData\Animation Labs
2017-01-01 04:20 - 2017-01-01 04:20 - 00000000 ____D C:\Users\*****\AppData\Local\ADR1FT
2016-12-28 13:56 - 2016-12-28 13:57 - 00000000 ____D C:\Users\*****\Documents\Need For Speed
2016-12-27 06:40 - 2016-12-27 06:40 - 00000000 ____D C:\Users\*****\AppData\Local\Unravel

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-24 00:11 - 2016-09-14 10:54 - 00589824 _____ C:\Windows\System32\Ikeext.etl
2017-01-24 00:11 - 2014-12-22 15:07 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-23 23:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\tracing
2017-01-23 19:47 - 2009-07-13 20:45 - 00025872 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-23 19:47 - 2009-07-13 20:45 - 00025872 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-23 12:59 - 2014-12-23 10:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\TS3Client
2017-01-23 12:56 - 2014-12-23 02:21 - 00000000 ____D C:\Users\*****\AppData\Roaming\Origin
2017-01-23 12:56 - 2014-12-23 02:21 - 00000000 ____D C:\ProgramData\Origin
2017-01-23 11:28 - 2015-01-07 02:52 - 00000000 ____D C:\Users\*****\AppData\Local\ElevatedDiagnostics
2017-01-23 10:26 - 2015-08-11 10:27 - 00215128 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-01-23 10:26 - 2015-08-11 10:27 - 00075064 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2017-01-23 10:23 - 2014-12-23 02:22 - 00000000 ____D C:\Users\*****\AppData\Local\Ubisoft Game Launcher
2017-01-23 09:36 - 2014-12-22 21:18 - 00713790 _____ C:\Windows\System32\perfh007.dat
2017-01-23 09:36 - 2014-12-22 21:18 - 00153906 _____ C:\Windows\System32\perfc007.dat
2017-01-23 09:36 - 2009-07-13 21:13 - 01647984 _____ C:\Windows\System32\PerfStringBackup.INI
2017-01-23 09:36 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2017-01-23 09:33 - 2016-12-15 02:26 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-23 09:33 - 2016-09-21 10:04 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-23 09:33 - 2016-09-09 03:05 - 00003742 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-23 09:33 - 2016-09-09 03:05 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-23 09:33 - 2016-09-09 03:05 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-23 09:33 - 2016-09-09 03:05 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-23 09:33 - 2016-09-09 03:05 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-23 09:33 - 2014-12-22 13:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-01-23 09:33 - 2014-12-22 13:28 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-23 09:33 - 2014-12-22 13:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-01-23 09:33 - 2014-12-22 13:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-01-23 07:23 - 2015-12-23 05:32 - 00000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2017-01-23 07:23 - 2015-07-18 12:03 - 00000000 ____D C:\Users\*****\AppData\Local\Oculus
2017-01-23 07:21 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-23 06:52 - 2016-12-15 02:26 - 00005481 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2017-01-23 06:09 - 2016-12-15 02:05 - 00000000 ____D C:\ProgramData\Macrium
2017-01-23 05:56 - 2014-12-22 15:06 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2017-01-23 05:12 - 2014-12-22 12:23 - 00000000 ____D C:\users\*****
2017-01-23 05:09 - 2016-09-03 00:42 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-01-23 05:09 - 2016-04-13 10:43 - 00000000 ____D C:\Users\*****\AppData\Roaming\Audacity
2017-01-23 05:09 - 2016-03-29 09:31 - 00000000 ____D C:\users\OVRLibraryService
2017-01-23 05:09 - 2015-08-06 13:35 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2017-01-23 05:09 - 2015-04-01 22:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2017-01-23 05:09 - 2015-01-05 13:19 - 00000000 ____D C:\ProgramData\HP
2017-01-23 05:09 - 2014-12-31 17:33 - 00000000 ____D C:\Users\*****\AppData\Roaming\DVDVideoSoft
2017-01-23 05:09 - 2014-12-27 05:10 - 00000000 ____D C:\Program Files\CCleaner
2017-01-23 05:09 - 2014-12-23 14:25 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2017-01-23 05:09 - 2014-12-23 02:22 - 00000000 ____D C:\Users\*****\Documents\My Games
2017-01-23 05:09 - 2014-12-22 15:07 - 00000000 ____D C:\ProgramData\LogiShrd
2017-01-23 05:09 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2017-01-23 04:44 - 2014-12-23 03:04 - 00000000 ____D C:\Users\*****\AppData\Roaming\Nitro PDF
2017-01-20 01:14 - 2015-04-19 22:42 - 00007600 _____ C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2017-01-17 07:11 - 2015-01-05 13:33 - 00000000 ____D C:\Users\*****\Documents\Eigene Scans
2017-01-17 03:23 - 2014-12-22 15:07 - 00000000 ____D C:\Users\*****\AppData\Local\Logitech
2017-01-17 03:23 - 2014-12-22 15:06 - 00000000 ____D C:\Users\*****\AppData\Roaming\Logitech
2017-01-17 03:23 - 2014-12-22 15:06 - 00000000 ____D C:\Users\*****\AppData\Roaming\Logishrd
2017-01-16 11:40 - 2016-03-29 09:33 - 00000000 ____D C:\Users\*****\AppData\Roaming\Oculus
2017-01-16 07:43 - 2016-03-22 08:07 - 00000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2017-01-13 10:38 - 2014-12-23 02:21 - 00000000 ____D C:\Program Files (x86)\Origin
2017-01-13 03:19 - 2016-07-03 23:48 - 00000000 ____D C:\Users\*****\Documents\FreeReign
2017-01-11 13:37 - 2014-12-22 13:02 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-11 13:30 - 2015-11-25 01:37 - 00000000 ____D C:\Program Files\Controller Companion
2017-01-11 05:13 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2017-01-11 02:04 - 2014-12-22 14:20 - 00000000 ____D C:\Windows\System32\MRT
2017-01-11 02:02 - 2014-12-22 14:20 - 135657872 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2017-01-11 01:02 - 2013-05-20 06:14 - 00000000 ___RD C:\Users\*****\Desktop\European Services Managment KFT
2017-01-05 17:10 - 2016-09-09 03:05 - 01855544 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2017-01-05 17:10 - 2016-09-09 03:05 - 01756728 _____ (NVIDIA Corporation) C:\Windows\System32\nvspbridge64.dll
2017-01-05 17:10 - 2016-09-09 03:05 - 01454136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-01-05 17:10 - 2016-09-09 03:05 - 01318968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-01-05 17:10 - 2016-09-09 03:05 - 00121912 _____ C:\Windows\System32\NvRtmpStreamer64.dll
2017-01-05 16:09 - 2016-12-15 02:26 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-01-05 15:42 - 2016-09-09 03:05 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-01-04 01:27 - 2016-11-23 04:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-01-04 01:27 - 2014-12-22 15:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-01 09:34 - 2013-06-01 00:55 - 00000000 ____D C:\Users\*****\Desktop\Raiffeisenbank Kontoauszüge + 1&1 + KFZ Haftpflicht
2017-01-01 05:17 - 2015-01-17 08:38 - 00000000 ____D C:\Users\*****\AppData\Local\Arma 3 Launcher
2017-01-01 05:12 - 2014-12-23 09:57 - 00000000 ____D C:\Users\*****\AppData\Local\Arma 3
2017-01-01 05:09 - 2015-04-08 13:47 - 00000000 ____D C:\Program Files\Rockstar Games
2017-01-01 05:09 - 2015-04-08 13:47 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-01-01 05:02 - 2015-10-28 00:04 - 00000000 ____D C:\Users\*****\AppData\Local\Animation Labs
2017-01-01 04:48 - 2015-05-07 07:07 - 00000000 ____D C:\Users\*****\Documents\Project CARS
2016-12-28 11:17 - 2016-11-26 16:39 - 00000000 ____D C:\Users\*****\AppData\Roaming\obs-studio

Some files in TEMP:
====================
2016-09-09 03:05 - 2017-01-05 17:10 - 0255032 _____ (NVIDIA Corporation) C:\Users\*****\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-09-09 03:05 - 2017-01-05 17:10 - 0335928 _____ (NVIDIA Corporation) C:\Users\*****\AppData\Local\Temp\NvTelemetryAPI64.dll

==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2016-09-20 22:38] - [2016-08-29 07:04] - 3229696 ____A (Microsoft Corporation) 38AE1B3C38FAEF56FE4907922F0385BA

C:\Windows\SysWOW64\explorer.exe
[2016-09-20 22:38] - [2016-08-29 06:55] - 2972672 ____A (Microsoft Corporation) 6DDCA324434FFA506CF7DC4E51DB7935

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2016-12-14 02:34] - [2016-11-10 08:32] - 1009152 ____A (Microsoft Corporation) 34BA256FBF83457F9D5E51A56DB54542

C:\Windows\SysWOW64\User32.dll
[2016-12-14 02:34] - [2016-11-10 08:19] - 0833024 ____A (Microsoft Corporation) 3CB074875AC88A7C1010A2A7F9881A8C

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============


==================== Restore Points =========================


==================== Memory info =========================== 

Percentage of memory in use: 8%
Total physical RAM: 16335.05 MB
Available physical RAM: 14929.72 MB
Total Virtual: 16333.25 MB
Available Virtual: 15026.2 MB

==================== Drives ================================

Drive c: (Sandisk) (Fixed) (Total:223.57 GB) (Free:52.04 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:465.76 GB) (Free:432.53 GB) NTFS
Drive e: (OS) (Fixed) (Total:3725.89 GB) (Free:1865.28 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Removable) (Total:1.87 GB) (Free:1.87 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 16281627)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D668FC77)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 56F496E0)

Partition: GPT.

========================================================
Disk: 3 (Size: 1.9 GB) (Disk ID: 6E652072)
No partition Table on disk 3.

LastRegBack: 2017-01-23 11:20

==================== End of FRST.txt ============================
--- --- ---
Geändert von NJ90 (24.01.2017 um 13:06 Uhr)

 

Themen zu FRST Scan nach Windows 7 Reboot-Dauerschleife
andere, anderen, arten, benutzer, benutzername, benutzernamen, bootet, bootet nicht, ccsetup, durchgeführt, ersetzt, festplatte, folge, grund, guten, launch, log-file, nvcontainer.exe, platte, scan, software, starte, starten, system, tiere, windows, windows 7, zugreifen


« USB Treiber ausversehen gelöscht,nix geht mehr | IPv4 und Ipv6 kein Internezugriff (Win 10) »


Ähnliche Themen: FRST Scan nach Windows 7 Reboot-Dauerschleife


  1. Ist es weg? FRST-Scan bei BrowseFox-FAD-Fehler
    Log-Analyse und Auswertung - 30.04.2016 (2)
  2. Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan
    Log-Analyse und Auswertung - 18.10.2015 (23)
  3. Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt.
    Plagegeister aller Art und deren Bekämpfung - 21.08.2015 (16)
  4. FRST Scan und nun?
    Diskussionsforum - 31.07.2015 (3)
  5. Nach Virenfund FRST Scan
    Log-Analyse und Auswertung - 11.06.2014 (3)
  6. Windows 7: Interpol-Trojaner, FRST-Scan angefügt
    Log-Analyse und Auswertung - 02.04.2014 (10)
  7. FRST Scan bei Bka Virus
    Plagegeister aller Art und deren Bekämpfung - 09.12.2013 (14)
  8. WIN 7 / Sperrbildschirm(interpol trojaner) / FRST-Scan
    Log-Analyse und Auswertung - 10.10.2013 (14)
  9. GUV Trojaner mit Sperrbildschirm --> Schritte nach FRST Scan
    Log-Analyse und Auswertung - 01.10.2013 (9)
  10. Windows XP - Nach System-Start weißer Screen - FRST Logfile
    Log-Analyse und Auswertung - 13.08.2013 (13)
  11. GVU Trojaner auf Asus EEE PC Windows 7 Starter - FRST Scan
    Log-Analyse und Auswertung - 06.08.2013 (13)
  12. Weißer Bildschirm nach Neustart, scan via FRST.exe --> FRST.txt
    Log-Analyse und Auswertung - 06.08.2013 (5)
  13. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2013 Ran by Verena (administrator) on 24-07-2013 20:57:45 Running f
    Mülltonne - 24.07.2013 (1)
  14. GVU-Trojaner Scan-Ergebnis mit Frst.exe
    Log-Analyse und Auswertung - 18.05.2013 (5)
  15. Nach Acer eRecovery startet Windows 7 nicht ständiger reboot
    Alles rund um Windows - 27.11.2010 (1)
  16. unangemeldeter PC Reboot nach Kaspersky AV 2010 Scan
    Alles rund um Windows - 06.01.2010 (36)
  17. Nach Windows Logo kurzer Bluescreen und dan Reboot
    Alles rund um Windows - 04.05.2007 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema FRST Scan nach Windows 7 Reboot-Dauerschleife - Guten Tag, ich habe hier ein Log-File von FRST. Genutzt habe ich FRST aus folgendem Grund: Mein Windows 7 64 bit System bootet nicht mehr. ES kommt zu einer Windows - FRST Scan nach Windows 7 Reboot-Dauerschleife...
Archiv
Du betrachtest: FRST Scan nach Windows 7 Reboot-Dauerschleife auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131