Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows 7 weißer Bildschirm nach Start (https://www.trojaner-board.de/144277-windows-7-weisser-bildschirm-start.html)

KAiN_ 09.11.2013 13:12
Windows 7 weißer Bildschirm nach Start
 
Moin!
Ich habe wie viele hier auch das Problem mit dem weißen Bildschirm beim Start von Windows 7 64bit.

Hier ist meine FRST64 Log Datei:

Zitat:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by SYSTEM on MININT-KAJ6BCD on 09-11-2013 13:03:41
Running from H:\
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKU\Gitzbrecht\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKU\Gitzbrecht\...\Run: [Spotify Web Helper] - C:\Users\Gitzbrecht\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-08-20] (Spotify Ltd)
HKU\Gitzbrecht\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\Gitzbrecht\...\Winlogon: [Shell] explorer.exe,C:\Users\Gitzbrecht\AppData\Roaming\cache.dat [90112 2011-11-17] () <==== ATTENTION
BootExecute: autocheck autochk * sdnclean64.exe

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-10-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-01] (Avira Operations GmbH & Co. KG)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-10-01] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-01] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-12] (Disc Soft Ltd)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-09 13:03 - 2013-11-09 13:03 - 00000000 ____D C:\FRST
2013-10-28 13:10 - 2013-11-09 12:48 - 00000392 _____ C:\Windows\setupact.log
2013-10-28 13:10 - 2013-10-28 13:10 - 00000000 _____ C:\Windows\setuperr.log
2013-10-27 13:05 - 2013-10-28 13:13 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-27 13:04 - 2013-10-27 13:04 - 00001394 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-10-27 13:04 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\System32\sdnclean64.exe
2013-10-27 13:03 - 2013-10-27 13:07 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-27 11:35 - 2013-10-27 11:35 - 00002013 _____ C:\Users\Gitzbrecht\Desktop\Entfernen des Avira EU-Cleaners.lnk
2013-10-27 11:35 - 2013-10-27 11:35 - 00001957 _____ C:\Users\Gitzbrecht\Desktop\Avira EU-Cleaner.lnk
2013-10-26 19:08 - 2013-11-09 12:49 - 00000004 _____ C:\Users\Gitzbrecht\AppData\Roaming\cache.ini
2013-10-15 16:38 - 2013-06-21 19:01 - 134217730 _____ C:\Users\Gitzbrecht\Downloads\3195 - Age of Empires Mythologies.nds
2013-10-15 16:38 - 2006-03-30 13:59 - 67108864 _____ C:\Users\Gitzbrecht\Downloads\0390 - Animal Crossing - Wild World.nds
2013-10-15 16:37 - 2009-11-02 16:03 - 08388608 _____ C:\Users\Gitzbrecht\Downloads\4345 - Crazy Machines 2.nds
2013-10-15 16:37 - 2007-08-29 08:18 - 33554432 _____ C:\Users\Gitzbrecht\Downloads\1368 - Worms - Open Warfare 2.nds
2013-10-15 16:36 - 2008-09-24 12:26 - 33554432 _____ C:\Users\Gitzbrecht\Downloads\2707 - Lock' s Quest.nds
2013-10-15 16:35 - 2007-04-17 10:30 - 33554432 _____ C:\Users\Gitzbrecht\Downloads\1011 - Theme Park.nds

==================== One Month Modified Files and Folders =======

2013-11-09 13:03 - 2013-11-09 13:03 - 00000000 ____D C:\FRST
2013-11-09 12:49 - 2013-10-26 19:08 - 00000004 _____ C:\Users\Gitzbrecht\AppData\Roaming\cache.ini
2013-11-09 12:48 - 2013-10-28 13:10 - 00000392 _____ C:\Windows\setupact.log
2013-11-09 12:48 - 2013-06-22 17:58 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-09 12:48 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-09 12:16 - 2013-09-06 13:06 - 00000000 ____D C:\Users\Gitzbrecht\AppData\Roaming\Skype
2013-10-28 13:18 - 2009-07-14 05:45 - 00016944 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-28 13:18 - 2009-07-14 05:45 - 00016944 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-28 13:13 - 2013-10-27 13:05 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-28 13:10 - 2013-10-28 13:10 - 00000000 _____ C:\Windows\setuperr.log
2013-10-27 15:02 - 2013-06-22 17:53 - 00694210 _____ C:\Windows\System32\perfh007.dat
2013-10-27 15:02 - 2013-06-22 17:53 - 00147302 _____ C:\Windows\System32\perfc007.dat
2013-10-27 15:02 - 2009-07-14 06:13 - 01611160 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-27 15:01 - 2013-06-22 17:58 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-27 13:07 - 2013-10-27 13:03 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-27 13:04 - 2013-10-27 13:04 - 00001394 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-10-27 11:35 - 2013-10-27 11:35 - 00002013 _____ C:\Users\Gitzbrecht\Desktop\Entfernen des Avira EU-Cleaners.lnk
2013-10-27 11:35 - 2013-10-27 11:35 - 00001957 _____ C:\Users\Gitzbrecht\Desktop\Avira EU-Cleaner.lnk
2013-10-26 19:07 - 2013-07-27 17:01 - 00000000 ____D C:\Users\Gitzbrecht\Desktop\Neuer Ordner
2013-10-26 18:56 - 2013-09-12 14:58 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BC70843D-43C0-435D-AF1C-B868CA97AB1F}
2013-10-25 10:25 - 2009-07-14 06:08 - 00032656 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-19 13:03 - 2013-10-08 17:31 - 172295459 _____ C:\Users\Gitzbrecht\fotobuch polen.cpr
2013-10-18 13:24 - 2013-06-22 18:44 - 00000000 ____D C:\Users\Gitzbrecht\AppData\Roaming\vlc
2013-10-18 11:49 - 2013-06-29 15:47 - 00000000 ____D C:\Users\Gitzbrecht\AppData\Local\JDownloader v2.0
2013-10-13 18:56 - 2013-06-22 17:58 - 00003902 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-13 18:56 - 2013-06-22 17:58 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Files to move or delete:
====================
C:\Users\Gitzbrecht\AppData\Roaming\cache.dat
C:\Users\Gitzbrecht\AppData\Roaming\cache.ini


Some content of TEMP:
====================
C:\Users\Gitzbrecht\AppData\Local\Temp\avgnt.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

1
Restore point made on: 2013-10-20 16:39:38

==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 3946.16 MB
Available physical RAM: 3327.02 MB
Total Pagefile: 3944.36 MB
Available Pagefile: 3325.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: (Windows 7 64bit) (Fixed) (Total:65.7 GB) (Free:30.83 GB) NTFS
Drive d: (Windows 7 32bit) (Fixed) (Total:48.83 GB) (Free:24.84 GB) NTFS
Drive f: (Daten) (Fixed) (Total:351.13 GB) (Free:264.97 GB) NTFS
Drive g: (GSP1RMCULXFRER_DE_DVD) (CDROM) (Total:3.04 GB) (Free:0 GB) UDF
Drive h: (USB-GG-1) (Removable) (Total:3.77 GB) (Free:3.76 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.02 GB) (Free:0.02 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1F260976)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=66 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=351 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=49 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)


LastRegBack: 2013-10-22 09:04

==================== End Of Log ============================
Ich hoffe, ihr könnt mir helfen.

Danke!

aharonov 09.11.2013 14:39
Hi,

rennt die Kiste wieder nach diesem Fix?


Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKU\Gitzbrecht\...\Winlogon: [Shell] explorer.exe,C:\Users\Gitzbrecht\AppData\Roaming\cache.dat [90112 2011-11-17] () <==== ATTENTION
C:\Users\Gitzbrecht\AppData\Roaming\cache.dat
C:\Users\Gitzbrecht\AppData\Roaming\cache.ini
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

aharonov 17.11.2013 22:13
Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:44 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131