Weißer Bildschirm nach dem Hochfahren, Windows 7

Ronnie2002 · 15.07.2013, 15:49

so, hat alles geklappt, danke schonmal :-) hier die "Ergebnisse":

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by SYSTEM on 15-07-2013 16:46:05
Running from H:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RunDLLEntry] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry [17920 2009-02-26] (Creative Technology Ltd.)
HKLM\...\Run: [lxeamon.exe] - "C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe" [770728 2011-01-23] ()
HKLM\...\Run: [EzPrint] - "C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe" [148280 2011-01-23] ()
HKLM-x32\...\Winlogon: [Shell] C:\PROGRA~3\w74z6.bat [x ] () <=== ATTENTION
HKLM-x32\...\Run: [NUSB3MON] - "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [CTSyncService] - C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe /StartRunKey [1233195 2009-07-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [VolPanel] - "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r [241789 2009-05-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [1904640 2009-03-20] (AVM Berlin)
HKLM-x32\...\Run: [G Data AntiVirus Tray Application] - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [963144 2010-03-31] (G Data Software AG)
HKLM-x32\...\Run: [GDFirewallTray] - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1499720 2010-03-31] (G Data Software AG)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]
HKLM-x32\...\Run: [iTunesHelper] - "D:\Program Files (x86)\iTunes\iTunesHelper.exe" [x]
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKLM-x32\...\Run: [SweetIM] - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-10-04] (SweetIM Technologies Ltd.)
HKU\Schuler\...\Run: [ASRockOCTuner] -  [x]
HKU\Schuler\...\Run: [ASRockIES] -  [x]
HKU\Schuler\...\Run: [zASRockInstantBoot] -  [x]
HKU\Schuler\...\Run: [SDP] - C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto  [201808 2013-01-31] (Somoto)
HKU\Schuler\...\Winlogon: [Shell] explorer.exe,C:\Users\Schuler\AppData\Roaming\cache.dat [59392 2011-11-17] () <==== ATTENTION 
Startup: C:\Users\Schuler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) =================

S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136544 2010-03-12] ()
S2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1146440 2010-04-07] (G Data Software AG)
S2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [410696 2010-03-31] (G Data Software AG)
S2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [1778336 2010-03-15] (G Data Software AG)
S2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [368640 2009-03-20] (AVM Berlin)
S2 DeviceMonitorService; C:\Program Files (x86)\Motorola Media Link\NServiceEntry.exe [87336 2009-10-12] (Nero AG)
S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-05-30] (Freemake)
S3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [1666096 2010-03-22] (G Data Software AG)
S3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [330824 2010-03-16] (G Data Software AG)
S4 IBUpdaterService; C:\Windows\system32\dmwu.exe [1277744 2013-05-16] ()
S2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
S4 lxea_device; C:\Windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )
S4 mfevtp; C:\Windows\system32\mfevtps.exe [158832 2011-03-13] (McAfee, Inc.)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2009-03-20] (AVM Berlin)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
S0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [40392 2011-06-05] (G Data Software AG)
S1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [84936 2011-06-05] (G Data Software AG)
S3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [57288 2011-06-05] (G DATA Software AG)
S1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [48584 2011-06-05] (G DATA Software AG)
S1 GRD; C:\Windows\system32\drivers\GRD.sys [106224 2011-06-05] (G Data Software)
S1 GRD; C:\Windows\system32\drivers\GRD.sys [106224 2011-06-05] (G Data Software)
S3 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [49096 2011-06-05] (G Data Software AG)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [156792 2011-03-13] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [639216 2011-03-13] (McAfee, Inc.)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
S2 X5XSEx; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 16:45 - 2013-07-15 16:45 - 00000000 ____D C:\FRST
2013-07-13 18:26 - 2013-07-13 19:12 - 00000004 _____ C:\Users\Schuler\AppData\Roaming\cache.ini
2013-07-13 10:51 - 2013-07-13 10:51 - 00000000 ____D C:\Users\Schuler\Desktop\Alte Firefox-Daten-1
2013-07-13 10:50 - 2013-07-13 19:11 - 00000616 _____ C:\Windows\setupact.log
2013-07-13 10:50 - 2013-07-13 10:50 - 00000000 _____ C:\Windows\setuperr.log
2013-07-11 17:08 - 2013-07-11 17:08 - 00000000 ____D C:\Users\Schuler\Desktop\Alte Firefox-Daten
2013-07-10 14:46 - 2013-06-12 00:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 14:46 - 2013-06-12 00:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 14:46 - 2013-06-12 00:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 14:46 - 2013-06-12 00:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 14:46 - 2013-06-12 00:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 14:46 - 2013-06-12 00:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 14:46 - 2013-06-12 00:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 14:46 - 2013-06-12 00:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 14:46 - 2013-06-12 00:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 14:46 - 2013-06-12 00:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 14:46 - 2013-06-12 00:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 14:46 - 2013-06-12 00:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 14:46 - 2013-06-12 00:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 14:46 - 2013-06-12 00:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-10 14:46 - 2013-06-12 00:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-10 14:46 - 2013-06-12 00:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-10 14:46 - 2013-06-12 00:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-10 14:46 - 2013-06-12 00:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-10 14:46 - 2013-06-12 00:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-10 14:46 - 2013-06-12 00:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-10 14:46 - 2013-06-12 00:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-10 14:46 - 2013-06-12 00:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-10 14:46 - 2013-06-12 00:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-10 14:46 - 2013-06-12 00:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-10 14:46 - 2013-06-12 00:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-10 14:46 - 2013-06-12 00:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-10 14:46 - 2013-06-12 00:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-10 14:46 - 2013-06-11 23:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 14:46 - 2013-06-11 23:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-10 14:46 - 2013-06-07 04:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-10 14:46 - 2013-06-07 03:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 14:39 - 2013-06-05 04:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-07-10 14:39 - 2013-06-04 07:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-07-10 14:39 - 2013-06-04 05:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 14:39 - 2013-05-06 07:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-07-10 14:39 - 2013-05-06 05:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 14:39 - 2013-04-10 00:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 14:39 - 2013-04-02 23:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-07-06 19:42 - 2013-07-06 19:42 - 00012751 _____ C:\Users\Schuler\Documents\~WRD0000.tmp
2013-07-06 09:15 - 2013-07-06 09:16 - 00000000 ____D C:\Users\Schuler\Documents\Fax
2013-07-03 20:53 - 2013-07-03 20:53 - 00940427 _____ C:\Users\Schuler\Desktop\1.odt
2013-07-03 20:28 - 2013-07-03 20:34 - 02039247 _____ C:\Users\Schuler\Desktop\Technik GFS.pptx
2013-07-03 20:01 - 2013-07-03 20:02 - 02108928 _____ C:\Users\Schuler\Desktop\Präsentation.pot
2013-07-03 17:55 - 2013-07-03 20:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-29 13:37 - 2013-06-29 13:37 - 00002119 _____ C:\Users\Schuler\AppData\Local\recently-used.xbel
2013-06-28 23:23 - 2013-06-29 13:37 - 00000000 ____D C:\Users\Schuler\AppData\Local\gtk-2.0
2013-06-28 23:08 - 2013-06-28 23:11 - 90116160 _____ (The GIMP Team                                               ) C:\Users\Schuler\Downloads\gimp-2.8.6-setup.exe
2013-06-28 16:23 - 2013-06-28 16:23 - 00004355 _____ C:\Users\Schuler\Downloads\youtube_unblocker-0.4.4-fx.zip
2013-06-25 17:24 - 2013-07-13 18:24 - 00068174 _____ C:\ProgramData\lxea.log
2013-06-24 19:40 - 2013-06-25 17:08 - 95023320 ____T C:\ProgramData\w74z6.pad
2013-06-24 19:40 - 2013-06-25 17:08 - 00000000 _____ C:\ProgramData\g252qs.txt
2013-06-24 19:40 - 2013-06-24 21:32 - 00044544 _____ (Microsoft Corporation) C:\ProgramData\sdaksda.txt
2013-06-24 19:40 - 2013-06-24 19:40 - 00044544 _____ (Microsoft Corporation) C:\ProgramData\rundll32.exe
2013-06-24 19:40 - 2013-06-24 19:40 - 00002653 _____ C:\ProgramData\w74z6.js
2013-06-24 19:40 - 2013-06-24 19:40 - 00000151 _____ C:\ProgramData\w74z6.reg
2013-06-24 19:40 - 2013-06-24 19:40 - 00000056 _____ C:\ProgramData\w74z6.bat
2013-06-24 18:59 - 2013-06-24 19:03 - 00000000 ____D C:\Users\Schuler\AppData\Roaming\dvdcss
2013-06-23 13:33 - 2013-07-10 17:51 - 00000000 ____D C:\Program Files\Windows Defender
2013-06-21 15:14 - 2013-06-21 15:14 - 00003352 ____N C:\bootsqm.dat

==================== One Month Modified Files and Folders =======

2013-07-15 16:45 - 2013-07-15 16:45 - 00000000 ____D C:\FRST
2013-07-13 19:12 - 2013-07-13 18:26 - 00000004 _____ C:\Users\Schuler\AppData\Roaming\cache.ini
2013-07-13 19:12 - 2013-01-04 15:49 - 00400051 _____ C:\ProgramData\lxeascan.log
2013-07-13 19:12 - 2011-08-19 13:39 - 00000000 ____D C:\Program Files (x86)\Motorola Media Link
2013-07-13 19:12 - 2011-07-21 14:15 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-13 19:11 - 2013-07-13 10:50 - 00000616 _____ C:\Windows\setupact.log
2013-07-13 19:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-13 19:02 - 2012-06-10 15:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-13 19:02 - 2010-11-21 23:30 - 01946829 _____ C:\Windows\WindowsUpdate.log
2013-07-13 19:02 - 2009-07-14 05:45 - 00015120 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-13 19:02 - 2009-07-14 05:45 - 00015120 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-13 18:59 - 2012-06-17 17:00 - 00000000 ____D C:\Users\Schuler\AppData\Local\CrashDumps
2013-07-13 18:24 - 2013-06-25 17:24 - 00068174 _____ C:\ProgramData\lxea.log
2013-07-13 18:22 - 2011-07-21 14:15 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-13 13:28 - 2011-06-09 17:16 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8AD056EC-7150-425D-8F42-19545E6219A1}
2013-07-13 11:24 - 2011-07-21 14:16 - 00002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-13 10:51 - 2013-07-13 10:51 - 00000000 ____D C:\Users\Schuler\Desktop\Alte Firefox-Daten-1
2013-07-13 10:50 - 2013-07-13 10:50 - 00000000 _____ C:\Windows\setuperr.log
2013-07-12 22:37 - 2011-09-19 12:53 - 00000000 ____D C:\Windows\Minidump
2013-07-12 22:17 - 2011-07-21 14:15 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-12 22:17 - 2011-07-21 14:15 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-11 17:08 - 2013-07-11 17:08 - 00000000 ____D C:\Users\Schuler\Desktop\Alte Firefox-Daten
2013-07-11 16:30 - 2010-12-13 22:52 - 00000116 _____ C:\Windows\NeroDigital.ini
2013-07-10 19:45 - 2009-07-14 18:58 - 00657438 _____ C:\Windows\System32\perfh007.dat
2013-07-10 19:45 - 2009-07-14 18:58 - 00130810 _____ C:\Windows\System32\perfc007.dat
2013-07-10 19:45 - 2009-07-14 06:13 - 01507106 _____ C:\Windows\System32\PerfStringBackup.INI
2013-07-10 17:53 - 2009-07-14 05:45 - 00517792 _____ C:\Windows\System32\FNTCACHE.DAT
2013-07-10 17:51 - 2013-06-23 13:33 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 17:51 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 16:31 - 2009-07-14 19:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 14:53 - 2010-11-21 17:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 14:47 - 2011-06-08 20:55 - 78185248 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-07-06 19:42 - 2013-07-06 19:42 - 00012751 _____ C:\Users\Schuler\Documents\~WRD0000.tmp
2013-07-06 09:16 - 2013-07-06 09:15 - 00000000 ____D C:\Users\Schuler\Documents\Fax
2013-07-06 09:15 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-07-03 20:53 - 2013-07-03 20:53 - 00940427 _____ C:\Users\Schuler\Desktop\1.odt
2013-07-03 20:36 - 2013-07-03 17:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-03 20:34 - 2013-07-03 20:28 - 02039247 _____ C:\Users\Schuler\Desktop\Technik GFS.pptx
2013-07-03 20:02 - 2013-07-03 20:01 - 02108928 _____ C:\Users\Schuler\Desktop\Präsentation.pot
2013-07-03 14:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-29 18:02 - 2013-05-09 21:00 - 00000000 ____D C:\Users\Schuler\Desktop\KLeinies
2013-06-29 13:39 - 2012-07-07 11:08 - 00005120 ____H C:\Users\Schuler\Desktop\photothumb.db
2013-06-29 13:38 - 2012-07-22 13:06 - 00000000 ____D C:\Users\Schuler\.gimp-2.8
2013-06-29 13:37 - 2013-06-29 13:37 - 00002119 _____ C:\Users\Schuler\AppData\Local\recently-used.xbel
2013-06-29 13:37 - 2013-06-28 23:23 - 00000000 ____D C:\Users\Schuler\AppData\Local\gtk-2.0
2013-06-28 23:11 - 2013-06-28 23:08 - 90116160 _____ (The GIMP Team                                               ) C:\Users\Schuler\Downloads\gimp-2.8.6-setup.exe
2013-06-28 16:23 - 2013-06-28 16:23 - 00004355 _____ C:\Users\Schuler\Downloads\youtube_unblocker-0.4.4-fx.zip
2013-06-25 17:47 - 2012-02-29 20:30 - 00000000 ____D C:\Windows\pss
2013-06-25 17:32 - 2012-12-23 16:47 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2013-06-25 17:08 - 2013-06-24 19:40 - 95023320 ____T C:\ProgramData\w74z6.pad
2013-06-25 17:08 - 2013-06-24 19:40 - 00000000 _____ C:\ProgramData\g252qs.txt
2013-06-24 21:32 - 2013-06-24 19:40 - 00044544 _____ (Microsoft Corporation) C:\ProgramData\sdaksda.txt
2013-06-24 19:40 - 2013-06-24 19:40 - 00044544 _____ (Microsoft Corporation) C:\ProgramData\rundll32.exe
2013-06-24 19:40 - 2013-06-24 19:40 - 00002653 _____ C:\ProgramData\w74z6.js
2013-06-24 19:40 - 2013-06-24 19:40 - 00000151 _____ C:\ProgramData\w74z6.reg
2013-06-24 19:40 - 2013-06-24 19:40 - 00000056 _____ C:\ProgramData\w74z6.bat
2013-06-24 19:03 - 2013-06-24 18:59 - 00000000 ____D C:\Users\Schuler\AppData\Roaming\dvdcss
2013-06-24 19:03 - 2012-02-26 18:59 - 00000000 ____D C:\Users\Schuler\AppData\Roaming\vlc
2013-06-21 15:25 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-21 15:14 - 2013-06-21 15:14 - 00003352 ____N C:\bootsqm.dat

Files to move or delete:
====================
C:\ProgramData\rundll32.exe
C:\ProgramData\w74z6.bat
C:\ProgramData\w74z6.pad
C:\ProgramData\w74z6.reg

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 4095.24 MB
Available physical RAM: 3456.82 MB
Total Pagefile: 4093.39 MB
Available Pagefile: 3452.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Betriebsystem(keine Programme)) (Fixed) (Total:48.73 GB) (Free:4.37 GB) NTFS (Disk=0 Partition=2)
Drive e: (Programme) (Fixed) (Total:146.48 GB) (Free:3.61 GB) NTFS (Disk=0 Partition=3)
Drive f: (Datenmüll) (Fixed) (Total:270.45 GB) (Free:87.82 GB) NTFS (Disk=0 Partition=4)
Drive h: () (Removable) (Total:3.76 GB) (Free:1.45 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: A7D881C5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=49 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=270 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 009A67A6)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)


LastRegBack: 2013-06-04 23:17

==================== End Of Log ============================

--- --- ---

Weißer Bildschirm nach dem Hochfahren, Windows 7

Plagegeister aller Art und deren Bekämpfung: Weißer Bildschirm nach dem Hochfahren, Windows 7

Weißer Bildschirm nach dem Hochfahren, Windows 7

Ähnliche Themen: Weißer Bildschirm nach dem Hochfahren, Windows 7