Problem mit Win7 nach der Anmeldung weißer Bildschirm - frst.exe bereits ausgeführt siehe logfile

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-06-2013 02 (ATTENTION: FRST version is 148 days old)
Ran by SYSTEM on 29-10-2013 23:35:45
Running from H:\
Windows 7 Home Premium (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup [13797992 2009-08-31] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [7711264 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1541416 2009-07-14] (Synaptics Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1164584 2010-08-20] ()
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2011-04-08] (Sun Microsystems, Inc.)
HKU\Ina\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [ 2010-04-16] (Microsoft Corporation)
HKU\Ina\...\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h [x]
HKU\Ina\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [ 2013-01-08] (Skype Technologies S.A.)
HKU\Ina\...\Winlogon: [Shell] C:\Users\Ina\AppData\Roaming\mcafee.ini,explorer.exe <==== ATTENTION 
Startup: C:\ProgramData\Start Menu\Programs\Startup\Action Manager 32.lnk
ShortcutTarget: Action Manager 32.lnk -> C:\Program Files\Plustek\OpticSlim 2400+\AM32.exe ()
Startup: C:\Users\Ina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

========================== Services (Whitelisted) =================

S3 MSSQL$MSSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()

==================== Drivers (Whitelisted) ====================

S3 PCAMp50; C:\Windows\System32\Drivers\PCAMp50.sys [28224 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50; C:\Windows\System32\Drivers\PCASp50.sys [27072 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [629760 2010-08-10] (Realtek Semiconductor Corporation                           )
S1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2009-05-27] (SAMSUNG ELECTRONICS)
S3 GT72NDISIPXP; system32\DRIVERS\Gt51Ip.sys [x]
S3 GT72UBUS; system32\DRIVERS\gt72ubus.sys [x]
S3 GTPTSER; system32\DRIVERS\gtptser.sys [x]
S3 orange_zte_cdc_acm; system32\DRIVERS\orange_zte_cdc_acm.sys [x]
S3 orange_zte_cpo; system32\DRIVERS\orange_zte_cpo.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-29 23:03 - 2013-10-29 23:03 - 00000000 ____D C:\FRST
2013-10-29 13:33 - 2013-10-29 13:36 - 00000000 ____D C:\Windows\System32\MRT

==================== One Month Modified Files and Folders ========

2013-10-29 23:03 - 2013-10-29 23:03 - 00000000 ____D C:\FRST
2013-10-29 14:33 - 2009-09-21 21:23 - 01639552 ____A C:\Windows\WindowsUpdate.log
2013-10-29 14:22 - 2009-07-13 20:34 - 00014736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-29 14:22 - 2009-07-13 20:34 - 00014736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-29 14:22 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-29 14:20 - 2009-07-26 12:06 - 01646182 ____A C:\Windows\System32\PerfStringBackup.INI
2013-10-29 14:16 - 2010-01-17 07:16 - 00000000 ____D C:\Users\Ina\AppData\Roaming\Skype
2013-10-29 14:15 - 2010-01-17 06:32 - 00000000 ____D C:\Users\Ina\Tracing
2013-10-29 14:15 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-10-29 14:15 - 2009-07-13 20:39 - 00202581 ____A C:\Windows\setupact.log
2013-10-29 13:37 - 2009-12-08 11:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-29 13:36 - 2013-10-29 13:33 - 00000000 ____D C:\Windows\System32\MRT
2013-10-29 13:32 - 2009-12-08 11:02 - 00000000 ____D C:\ProgramData\Microsoft Help

Files to move or delete:
====================
C:\ProgramData\FullRemove.exe

==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-03-26 16:56:46
Restore point made on: 2013-03-26 17:06:48
Restore point made on: 2013-03-29 03:12:20
Restore point made on: 2013-03-29 03:46:41
Restore point made on: 2013-04-02 14:31:10
Restore point made on: 2013-04-11 04:58:59
Restore point made on: 2013-04-11 04:59:34
Restore point made on: 2013-04-11 05:02:35
Restore point made on: 2013-04-11 05:19:24
Restore point made on: 2013-04-11 06:07:21
Restore point made on: 2013-10-29 13:17:58
Restore point made on: 2013-10-29 13:19:48
Restore point made on: 2013-10-29 14:33:45

==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 3036.61 MB
Available physical RAM: 2560.94 MB
Total Pagefile: 3032.83 MB
Available Pagefile: 2566.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:130.69 GB) (Free:75.82 GB) NTFS
Drive e: () (Fixed) (Total:319.97 GB) (Free:318.91 GB) NTFS
Drive f: (RECOVERY) (Fixed) (Total:15 GB) (Free:4.75 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: () (Removable) (Total:3.77 GB) (Free:3.76 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 031AA195)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=131 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=320 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)


Last Boot: 2013-04-03 17:15

==================== End Of Log ============================