Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
White Screen --> Log File

White Screen --> Log File


Log-Analyse und Auswertung: White Screen --> Log File

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 01.05.2014, 15:04   #1
Sebero
 
White Screen --> Log File - Rotes Gesicht

White Screen --> Log File


Hallo

Ich habe ein white screen Problem mit meinem alten Windows Vista 32bit Laptop, im Endeffekt bräuchte ich nur die Daten von meinem Laptop aber eine sicherung dauert schon so lang weil er so langsam ist und dann stellt er sich meistens selber ab (aus welchem Grund auch immer) und dann beim aufdrehen kam wieder white screen.



Ich habe ein Log file erstellt:


Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-05-2014
Ran by SYSTEM on MINWINPC on 01-05-2014 15:43:19
Running from F:\
Windows Vista (TM) Home Premium (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-05-14] (CyberLink Corp.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554288 2007-11-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [70912 2008-04-15] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2007-11-20] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [HCEmployee] => C:\Program Files\Oleansoft\Hc\servemp.exe [1768960 2012-03-15] (Oleansoft)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [SSDMonitor] => C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-21] (PC Tools)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [442467 2008-06-27] (IDT, Inc.)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\Default\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Sebastian\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-02-26] (Hewlett-Packard Company)
HKU\Sebastian\...\Run: [Google Update] => C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-07-29] (Google Inc.)
HKU\Sebastian\...\Run: [uTorrent] => "C:\Program Files\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\Sebastian\...\Run: [msnmsgr] => "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
HKU\Sebastian\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\Sebastian\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-03-22] (TomTom)
HKU\Sebastian\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\Sebastian\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\Sebastian\...\Winlogon: [Shell] explorer.exe,C:\Users\Sebastian\AppData\Roaming\Other.res [86848 2013-07-09] () <==== ATTENTION 
Startup: C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6600.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6600.lnk ->  (No File)

========================== Services (Whitelisted) =================

S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [77824 2008-06-27] (Andrea Electronics Corporation)
S2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-04-15] (Hewlett-Packard)
S2 NIS; C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)
S2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292248 2008-05-14] ()
S2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [116112 2008-05-14] ()
S2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [341328 2008-03-26] ()
S2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [221273 2008-06-27] (IDT, Inc.)
S2 WTGService; C:\Program Files\3DataManager\WTGService.exe [333264 2010-07-08] ()

==================== Drivers (Whitelisted) ====================

S2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [277544 2009-01-19] (Protect Software GmbH)
S0 ahcix86s; C:\Windows\System32\DRIVERS\ahcix86s.sys [170000 2008-04-14] (AMD Technologies Inc.)
S0 Amddfltr; C:\Windows\System32\DRIVERS\Amddfltr.sys [15416 2008-01-07] (Advanced Micro Devices)
S1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx86.sys [1002072 2013-05-31] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1404000.028\ccSetx86.sys [134744 2013-04-16] (Symantec Corporation)
S1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-11-02] (Symantec Corporation)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
S1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130813.001\IDSvix86.sys [386720 2013-05-23] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130815.022\NAVENG.SYS [93272 2013-08-12] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130815.022\NAVEX15.SYS [1611992 2013-08-12] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1404000.028\SRTSP.SYS [603224 2013-05-16] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NIS\1404000.028\SRTSPX.SYS [32344 2013-03-05] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NIS\1404000.028\SYMDS.SYS [367704 2013-05-21] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NIS\1404000.028\SYMEFA.SYS [934488 2013-05-23] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-19] (Symantec Corporation)
S1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [36512 2013-03-05] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NIS\1404000.028\Ironx86.SYS [175264 2013-03-05] (Symantec Corporation)
S1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1404000.028\SYMTDIV.SYS [352344 2013-04-25] (Symantec Corporation)
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA.sys [291200 2006-08-09] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM.sys [28160 2006-08-09] (eMPIA Technology, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 XDva389; \??\C:\Windows\system32\XDva389.sys [X]
S3 XDva391; \??\C:\Windows\system32\XDva391.sys [X]
S3 XDva393; \??\C:\Windows\system32\XDva393.sys [X]
S3 XDva397; \??\C:\Windows\system32\XDva397.sys [X]
S3 XDva398; \??\C:\Windows\system32\XDva398.sys [X]
S3 XDva399; \??\C:\Windows\system32\XDva399.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-01 15:43 - 2014-05-01 15:43 - 00000000 ____D () C:\FRST
2014-04-24 17:18 - 2014-03-08 00:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-04-24 17:18 - 2014-03-08 00:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-04-24 17:18 - 2014-03-08 00:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-04-24 17:18 - 2014-03-08 00:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-04-24 17:18 - 2014-03-08 00:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-04-24 17:18 - 2014-03-08 00:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-04-24 17:18 - 2014-03-08 00:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-04-24 17:18 - 2014-03-07 23:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-04-24 17:18 - 2014-03-07 23:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-04-24 17:18 - 2014-03-07 23:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-04-24 17:18 - 2014-03-07 23:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-04-24 17:18 - 2014-03-07 23:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-04-24 17:18 - 2014-03-07 23:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-04-24 17:18 - 2014-03-07 23:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-04-24 17:18 - 2014-03-07 23:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-04-24 17:18 - 2014-03-07 23:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-04-24 16:33 - 2014-04-24 16:33 - 00001788 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
2014-04-24 16:33 - 2014-04-24 16:33 - 00001788 _____ () C:\ProgramData\Desktop\HP Photo Creations.lnk
2014-04-24 16:33 - 2014-04-24 16:33 - 00000000 ____D () C:\ProgramData\Visan
2014-04-24 16:33 - 2014-04-24 16:33 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-04-24 16:33 - 2014-04-24 16:33 - 00000000 ____D () C:\Program Files\HP Photo Creations
2014-04-24 16:17 - 2014-02-03 11:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2014-04-24 16:17 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2014-04-24 16:17 - 2013-10-30 03:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll
2014-04-24 16:17 - 2013-10-30 02:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2014-04-24 16:17 - 2013-10-30 01:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2014-04-24 16:15 - 2014-02-06 02:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-04-24 16:15 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2014-04-24 16:15 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\wshom.ocx
2014-04-24 16:15 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wshcon.dll
2014-04-24 16:15 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\System32\wscript.exe
2014-04-24 16:15 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\System32\cscript.exe
2014-04-24 16:15 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2014-04-24 16:15 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-04-24 16:14 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2014-04-24 16:14 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2014-04-24 16:14 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2014-04-24 16:14 - 2013-10-11 01:39 - 00218228 _____ () C:\Windows\System32\WFP.TMF
2014-04-24 16:13 - 2014-01-30 08:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll
2014-04-24 16:08 - 2013-11-13 01:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-04-23 17:13 - 2014-04-23 17:13 - 00000000 ____D () C:\Users\Sebastian\{fe5da709-e25a-4a5d-a955-dfe7c87458c8}

==================== One Month Modified Files and Folders =======

2014-05-01 15:43 - 2014-05-01 15:43 - 00000000 ____D () C:\FRST
2014-05-01 14:32 - 2013-05-31 12:12 - 00000000 ____D () C:\Program Files\PC Tools Registry Mechanic
2014-05-01 14:32 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-01 14:32 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-01 14:24 - 2012-04-04 08:32 - 00000680 _____ () C:\Users\Sebastian\AppData\Local\d3d9caps.dat
2014-05-01 14:24 - 2011-07-29 17:23 - 00000269 _____ () C:\Users\Public\Documents\hpqp.ini
2014-05-01 14:24 - 2011-07-29 17:23 - 00000269 _____ () C:\ProgramData\Documents\hpqp.ini
2014-04-24 20:11 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-24 20:04 - 2011-07-29 16:59 - 01295662 _____ () C:\Windows\WindowsUpdate.log
2014-04-24 18:33 - 2006-11-02 11:33 - 01596296 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-24 18:30 - 2011-07-29 17:53 - 00102424 _____ () C:\Users\Sebastian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-24 18:26 - 2006-11-02 13:47 - 00380792 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-04-24 18:24 - 2008-01-21 03:47 - 01070286 _____ () C:\Windows\PFRO.log
2014-04-24 18:19 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\System32\de-DE
2014-04-24 18:14 - 2013-05-31 19:23 - 00000404 _____ () C:\Windows\System32\AppLog.log
2014-04-24 17:15 - 2012-04-17 05:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-04-24 17:15 - 2011-07-30 08:56 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-04-24 16:58 - 2012-03-01 06:50 - 00000000 ____D () C:\ProgramData\Autodesk
2014-04-24 16:58 - 2012-03-01 06:50 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-04-24 16:58 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Help
2014-04-24 16:49 - 2011-08-12 18:39 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\HpUpdate
2014-04-24 16:33 - 2014-04-24 16:33 - 00001788 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
2014-04-24 16:33 - 2014-04-24 16:33 - 00001788 _____ () C:\ProgramData\Desktop\HP Photo Creations.lnk
2014-04-24 16:33 - 2014-04-24 16:33 - 00000000 ____D () C:\ProgramData\Visan
2014-04-24 16:33 - 2014-04-24 16:33 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-04-24 16:33 - 2014-04-24 16:33 - 00000000 ____D () C:\Program Files\HP Photo Creations
2014-04-24 16:28 - 2013-07-19 06:14 - 00000000 ____D () C:\Windows\System32\MRT
2014-04-23 17:13 - 2014-04-23 17:13 - 00000000 ____D () C:\Users\Sebastian\{fe5da709-e25a-4a5d-a955-dfe7c87458c8}
2014-04-23 17:13 - 2011-07-29 17:49 - 00000000 ____D () C:\users\Sebastian
2014-04-23 17:09 - 2011-09-13 14:19 - 00000375 _____ () C:\Windows\System32\Drivers\etc\hosts.ics
2014-04-23 17:01 - 2012-08-27 09:07 - 00000000 ____D () C:\ProgramData\Birdstep Technology
2014-04-23 17:01 - 2008-05-25 01:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

Files to move or delete:
====================
C:\Users\Sebastian\AppData\Roaming\desktop.ini
C:\ProgramData\ezsid.dat


Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\AcDeltree.exe
C:\Users\Sebastian\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\Sebastian\AppData\Local\Temp\AskSLib.dll
C:\Users\Sebastian\AppData\Local\Temp\avguidx.dll
C:\Users\Sebastian\AppData\Local\Temp\AVG_toolbar.exe
C:\Users\Sebastian\AppData\Local\Temp\BandooV6.exe
C:\Users\Sebastian\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Sebastian\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Sebastian\AppData\Local\Temp\Gchipsbank.dll
C:\Users\Sebastian\AppData\Local\Temp\GLoginTool.exe
C:\Users\Sebastian\AppData\Local\Temp\GUR3ED5.exe
C:\Users\Sebastian\AppData\Local\Temp\Hchipsbank.dll
C:\Users\Sebastian\AppData\Local\Temp\HLoginTool.exe
C:\Users\Sebastian\AppData\Local\Temp\HPQSi.exe
C:\Users\Sebastian\AppData\Local\Temp\installhelper.dll
C:\Users\Sebastian\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Sebastian\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Sebastian\AppData\Local\Temp\Kchipsbank.dll
C:\Users\Sebastian\AppData\Local\Temp\KLoginTool.exe
C:\Users\Sebastian\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Sebastian\AppData\Local\Temp\mfc80.dll
C:\Users\Sebastian\AppData\Local\Temp\mfc80u.dll
C:\Users\Sebastian\AppData\Local\Temp\mfcm80.dll
C:\Users\Sebastian\AppData\Local\Temp\mfcm80u.dll
C:\Users\Sebastian\AppData\Local\Temp\msvcm80.dll
C:\Users\Sebastian\AppData\Local\Temp\msvcp80.dll
C:\Users\Sebastian\AppData\Local\Temp\msvcr80.dll
C:\Users\Sebastian\AppData\Local\Temp\oi_{F6313134-7203-4567-9D00-2FE3255CF3E1}.exe
C:\Users\Sebastian\AppData\Local\Temp\openssl.exe
C:\Users\Sebastian\AppData\Local\Temp\OSU.exe
C:\Users\Sebastian\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
C:\Users\Sebastian\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sebastian\AppData\Local\Temp\smcr.exe
C:\Users\Sebastian\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Sebastian\AppData\Local\Temp\tnsetup.exe
C:\Users\Sebastian\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Sebastian\AppData\Local\Temp\uninst.exe
C:\Users\Sebastian\AppData\Local\Temp\UNINSTALL.exe
C:\Users\Sebastian\AppData\Local\Temp\Uninstaller.exe
C:\Users\Sebastian\AppData\Local\Temp\UninstallerGer.dll
C:\Users\Sebastian\AppData\Local\Temp\utt5B09.tmp.exe
C:\Users\Sebastian\AppData\Local\Temp\utt7554.tmp.exe
C:\Users\Sebastian\AppData\Local\Temp\utt94D0.tmp.exe
C:\Users\Sebastian\AppData\Local\Temp\uttF00A.tmp.exe
C:\Users\Sebastian\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\Sebastian\AppData\Local\Temp\WTGXMLUtil.dll
C:\Users\Sebastian\AppData\Local\Temp\zipsetup.exe
C:\Users\Sebastian\AppData\Local\Temp\_isF324.exe
C:\Users\Sebastian\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NAV_30876.exe


==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-09-24 06:30:32
Restore point made on: 2013-09-25 08:38:23
Restore point made on: 2013-09-26 13:16:15
Restore point made on: 2013-09-27 06:08:29
Restore point made on: 2013-09-30 14:05:43
Restore point made on: 2013-10-01 08:52:00
Restore point made on: 2013-10-02 07:00:15
Restore point made on: 2013-10-03 07:16:14
Restore point made on: 2013-10-04 09:17:22
Restore point made on: 2013-10-07 06:24:49
Restore point made on: 2013-10-08 13:57:09
Restore point made on: 2013-10-09 16:38:57
Restore point made on: 2013-10-10 13:45:48
Restore point made on: 2013-10-11 05:41:30
Restore point made on: 2013-10-12 08:01:39
Restore point made on: 2013-10-14 06:14:51
Restore point made on: 2013-10-15 13:51:08
Restore point made on: 2013-10-16 13:15:42
Restore point made on: 2013-10-17 13:42:07
Restore point made on: 2014-04-23 17:00:38
Restore point made on: 2014-04-23 17:10:06
Restore point made on: 2014-04-23 17:11:04
Restore point made on: 2014-04-23 17:11:55
Restore point made on: 2014-04-23 17:12:53
Restore point made on: 2014-04-23 17:13:50
Restore point made on: 2014-04-24 15:54:49
Restore point made on: 2014-04-24 16:24:22

==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 3069.22 MB
Available physical RAM: 2512.2 MB
Total Pagefile: 2801.75 MB
Available Pagefile: 2589.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1965.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:289.17 GB) (Free:180.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:8.92 GB) (Free:1.36 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (SCHNEPS SEB) (Removable) (Total:14.63 GB) (Free:1.55 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 007F9015)
Partition 1: (Active) - (Size=289 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.


LastRegBack: 2014-04-24 20:02

==================== End Of Log ============================
Ich weis jetzt nicht weiter was ich machen kann.
Ich hoffe es kann mir jemand helfen

Danke im Vorraus.

 

Themen zu White Screen --> Log File
adobe, association, defender, dll, explorer, google, home, installation, langsam, log, log file, logfile, officejet, problem, registry, rundll, scan, screen, security, services.exe, software, sttray.exe, svchost.exe, symantec, system, temp, usb, vista, white, windows, winlogon.exe


« Habe ein Problem mit svchost. (Hohe auslastung des Arbeitsspeichers) | Invasion diverser Trojaner Gibt es noch Hoffnung? »


Ähnliche Themen: White Screen --> Log File


  1. White Screen Virus
    Plagegeister aller Art und deren Bekämpfung - 03.06.2015 (5)
  2. White screen
    Plagegeister aller Art und deren Bekämpfung - 31.05.2015 (3)
  3. Lenovo White Screen
    Log-Analyse und Auswertung - 18.07.2014 (7)
  4. Windows: White Screen nach hochfahren des Computers
    Plagegeister aller Art und deren Bekämpfung - 24.03.2014 (22)
  5. White Screen Virus eingefangen (Windows 7)
    Plagegeister aller Art und deren Bekämpfung - 15.11.2013 (4)
  6. WIN7 (64): White screen im Normalmodus - Automatischer Reboot im abgesicherten Modus
    Log-Analyse und Auswertung - 15.08.2013 (11)
  7. White-Screen Trojaner - Was nun?
    Log-Analyse und Auswertung - 09.07.2013 (11)
  8. White Screen beim Starten von Windows 7
    Plagegeister aller Art und deren Bekämpfung - 13.05.2013 (68)
  9. White Screen beim Starten von Windows 7
    Plagegeister aller Art und deren Bekämpfung - 11.05.2013 (11)
  10. white screen abgesicherter modus
    Plagegeister aller Art und deren Bekämpfung - 14.03.2013 (16)
  11. White Screen im abgesicherten Modus
    Plagegeister aller Art und deren Bekämpfung - 25.11.2012 (6)
  12. White Screen nach Computerstart Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 21.10.2012 (24)
  13. White Screen trotz abgesicherter Modus
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (1)
  14. Windows blockiert ( white-screen )
    Plagegeister aller Art und deren Bekämpfung - 08.08.2012 (5)
  15. White Screen - Verbindung wird hergestellt
    Log-Analyse und Auswertung - 16.04.2012 (25)
  16. White-Screen
    Plagegeister aller Art und deren Bekämpfung - 02.04.2012 (1)
  17. Bundestrojaner inkl OTL Scan (White Screen) Fix
    Plagegeister aller Art und deren Bekämpfung - 21.03.2012 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema White Screen --> Log File - Hallo Ich habe ein white screen Problem mit meinem alten Windows Vista 32bit Laptop, im Endeffekt bräuchte ich nur die Daten von meinem Laptop aber eine sicherung dauert schon so - White Screen --> Log File...
Archiv
Du betrachtest: White Screen --> Log File auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19