Weißer Bildschirm Windows 7 (64 bit)

andys-heaven · 05.05.2013, 14:53

Hallo,
leder bin ich auch ein Opfer des weißen Bildschirms geworden. Ich habe bereits die FRST.-exe ausgeführt und im Folgend ist der Ausdruck der TXT datei zu sehen. Kann mir jemand dabei weiter helfen umalles wieder in Ordnung zu bekommen? Danke!

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2013
Ran by SYSTEM on 05-05-2013 16:37:14
Running from F:\
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-21] (Microsoft Corporation)
HKLM-x32\...\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [411864 2010-03-05] (DeviceVM, Inc.)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1534504 2013-01-14] (McAfee, Inc.)
HKLM-x32\...\Run: [UpdReg] C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL [x]
HKLM-x32\...\Run: [CTHelper] CTHELPER.EXE [23040 2009-02-23] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [23552 2009-02-23] (Creative Technology Ltd)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NPSStartup]  [x]
HKLM-x32\...\Run: [RemoteControl11] "C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [234792 2011-04-20] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254896 2012-09-17] (Sun Microsystems, Inc.)
HKU\OEM\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\OEM\...\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\OEM\...\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [1516632 2012-06-26] (Nokia)
HKU\OEM\...\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_171_Plugin.exe -update plugin [x]
Startup: C:\ProgramData\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\PatchMix DSP Application.lnk
ShortcutTarget: PatchMix DSP Application.lnk -> C:\Program Files (x86)\Creative Professional\Digital Audio System\E-MU PatchMix DSP\EmuPMixDSP.exe (E-MU Systems)
Startup: C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Services (Whitelisted) =================

S2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-04-20] ()
S2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink)
S2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)

==================== Drivers (Whitelisted) ====================

S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
S2 ntk_PowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [75248 2011-04-20] (Cyberlink Corp.)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [127488 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [18944 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [161280 2010-04-27] (MCCI Corporation)
S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft)
S3 TTMIDICHIP; C:\Windows\System32\drivers\ttatmidi.sys [43072 2010-08-25] (Ploytec GmbH)
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-04-12] (CyberLink Corp.)
S3 mfeavfk01; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-05 16:37 - 2013-05-05 16:37 - 00000000 ____D C:\FRST
2013-05-05 13:16 - 2013-05-05 13:16 - 00000000 ___AD C:\.Trash-1000
2013-05-05 12:38 - 2013-05-05 12:38 - 00000046 ____A C:\Program Files\Result.txt
2013-05-05 12:37 - 2013-05-05 12:38 - 00001314 ____A C:\Program Files\Addition.txt

==================== One Month Modified Files and Folders =======

2013-05-05 16:37 - 2013-05-05 16:37 - 00000000 ____D C:\FRST
2013-05-05 16:31 - 2011-05-05 12:00 - 00000000 ____D C:\users\OEM
2013-05-05 16:31 - 2010-11-21 08:01 - 00000000 ____D C:\Program Files\Windows Journal
2013-05-05 16:31 - 2010-11-21 08:00 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-05-05 16:31 - 2010-11-21 08:00 - 00000000 ____D C:\Windows\ShellNew
2013-05-05 16:31 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Offline Web Pages
2013-05-05 16:31 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\addins
2013-05-05 16:31 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-05-05 16:31 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-05-05 16:31 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-05-05 16:31 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-05-05 16:31 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-05-05 16:31 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2013-05-05 16:31 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-05-05 16:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\TAPI
2013-05-05 16:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2013-05-05 16:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-05-05 16:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-05 16:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\L2Schemas
2013-05-05 16:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\IME
2013-05-05 16:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Cursors
2013-05-05 16:31 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-05-05 16:30 - 2013-01-25 23:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-05 16:30 - 2012-12-31 19:13 - 00000000 ____D C:\Users\OEM\Local Settings\Application Data\Mixxx
2013-05-05 16:30 - 2012-12-17 23:44 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-05-05 16:30 - 2012-08-13 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-05 16:30 - 2012-07-26 22:55 - 00000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2013-05-05 16:30 - 2011-12-23 19:55 - 00000000 ____D C:\Windows\Minidump
2013-05-05 16:30 - 2011-12-22 09:00 - 00000000 ____D C:\Program Files\Bonjour
2013-05-05 16:30 - 2011-12-22 09:00 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-05-05 16:30 - 2011-12-22 09:00 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-05-05 16:30 - 2011-05-17 23:01 - 00000000 ____D C:\Program Files (x86)\PDF24
2013-05-05 16:30 - 2011-05-13 23:53 - 00000000 ____D C:\Users\OEM\Documents\MAGIX_Samplitude_11_Silver
2013-05-05 16:30 - 2011-05-13 17:35 - 00000000 ____D C:\Windows\usb-audio.deTTATMIDI
2013-05-05 16:30 - 2011-05-06 16:18 - 00000000 ____D C:\Program Files (x86)\Opera
2013-05-05 16:30 - 2011-05-06 16:14 - 00000000 ____D C:\Program Files (x86)\McAfee.com
2013-05-05 16:30 - 2011-05-05 12:09 - 00000000 ____D C:\ProgramData\DeviceVm
2013-05-05 16:30 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\System32\restore
2013-05-05 16:30 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Performance
2013-05-05 16:30 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup
2013-05-05 16:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\spp
2013-05-05 16:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\Speech
2013-05-05 16:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\schemas
2013-05-05 16:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PLA
2013-05-05 16:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Globalization
2013-05-05 16:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Branding
2013-05-05 16:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-05-05 16:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-05-05 13:16 - 2013-05-05 13:16 - 00000000 ___AD C:\.Trash-1000
2013-05-05 12:38 - 2013-05-05 12:38 - 00000046 ____A C:\Program Files\Result.txt
2013-05-05 12:38 - 2013-05-05 12:37 - 00001314 ____A C:\Program Files\Addition.txt

Other Malware:
===========
C:\Users\OEM\AppData\Roaming\skype.dat

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-01-25 19:31:13
Restore point made on: 2013-02-01 18:00:27
Restore point made on: 2013-02-07 20:07:39
Restore point made on: 2013-02-14 23:08:44
Restore point made on: 2013-03-02 20:14:17
Restore point made on: 2013-03-03 21:28:34
Restore point made on: 2013-03-15 21:21:17
Restore point made on: 2013-03-16 03:00:24

==================== Memory info =========================== 

Percentage of memory in use: 9%
Total physical RAM: 8103.41 MB
Available physical RAM: 7307.4 MB
Total Pagefile: 8101.61 MB
Available Pagefile: 7362.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1584.23 GB) (Free:1534.17 GB) NTFS (Disk=0 Partition=2)
Drive e: (GRMCPRXFREO_DE_DVD) (CDROM) (Total:3.04 GB) (Free:0 GB) UDF
Drive f: (USBSTICK4GB) (Removable) (Total:3.94 GB) (Free:3.94 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]

  Datentr„ger ###  Status         Gr”áe    Frei     Dyn  GPT
  ---------------  -------------  -------  -------  ---  ---
  Datentr„ger 0    Online         1863 GB  1024 KB         
  Datentr„ger 1    Online         4041 MB      0 B         

Partitions of Disk 0:
===============

Datentr„ger-ID: F59F4BEB

  Partition ###  Typ               Gr”áe    Offset
  -------------  ----------------  -------  -------
  Partition 1    Prim„r             100 MB  1024 KB
  Partition 2    Prim„r            1584 GB   101 MB
  Partition 0    Erweitert          278 GB  1584 GB
  Partition 3    Logisch            270 GB  1584 GB
  Partition 4    Logisch           8102 MB  1855 GB

==================================================================================

Disk: 0
Partition 1
Typ      : 07
Versteckt: Nein
Aktiv    : Ja

  Volume ###  Bst  Bezeichnung  DS     Typ         Gr”áe    Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     Y   System-rese  NTFS   Partition    100 MB  Fehlerfre          

=========================================================

Disk: 0
Partition 2
Typ      : 07
Versteckt: Nein
Aktiv    : Nein

  Volume ###  Bst  Bezeichnung  DS     Typ         Gr”áe    Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     C                NTFS   Partition   1584 GB  Fehlerfre          

=========================================================

Disk: 0
Partition 3
Typ      : 83
Versteckt: Ja
Aktiv    : Nein

Dieser Partition ist kein Volume zugewiesen.

=========================================================

Disk: 0
Partition 4
Typ      : 82
Versteckt: Ja
Aktiv    : Nein

Dieser Partition ist kein Volume zugewiesen.

=========================================================

Partitions of Disk 1:
===============

Datentr„ger-ID: 00000000

  Partition ###  Typ               Gr”áe    Offset
  -------------  ----------------  -------  -------
  Partition 1    Prim„r            4040 MB   616 KB

==================================================================================

Disk: 1
Partition 1
Typ      : 0B
Versteckt: Nein
Aktiv    : Nein

  Volume ###  Bst  Bezeichnung  DS     Typ         Gr”áe    Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     F   USBSTICK4GB  FAT32  Wechselmed  4040 MB  Fehlerfre          

=========================================================
============================== MBR & Partition Table ==================

====================================================================
Disk: 0 (Size: 1863 GB) (Disk ID: F59F4BEB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-497966406144) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=279 GB) - (Type=05)

====================================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)


Last Boot: 2013-03-15 21:13

==================== End Of Log ============================

Weißer Bildschirm Windows 7 (64 bit)

Log-Analyse und Auswertung: Weißer Bildschirm Windows 7 (64 bit)

Weißer Bildschirm Windows 7 (64 bit)

Ähnliche Themen: Weißer Bildschirm Windows 7 (64 bit)