Hallo allerseits,
ich wende mich hier an euch weil ich nicht weiß was ich tun soll.
Folgendes Problem:
Auf dem Laptop meiner Mutter erscheint ca. 5Sek nach Systemstart ein weißer Bildschirm und nichts geht mehr.(Es geht zwar Strg+Alt+Entf allerdings kommt man auch von dort nirgendwo hin.)
Abgesicherter Modus selbes Problem.
Habe nun hier die Anleitung befolgt und diese Logfiles hier bekommen:
Zitat:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by SYSTEM on MININT-VCAVVJ7 on 02-10-2013 19:37:14
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-29] (IDT, Inc.)
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)
HKLM\...\Run: [Yousendit Sync Agent] - C:\Program Files (x86)\YouSendIt Desktop App\YSIAgent.exe [6817072 2013-05-09] (YouSendit Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44280 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642816 2012-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.)
HKU\igrafic\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-07] (Google Inc.)
HKU\igrafic\...\Run: [AdobeBridge] - [x]
HKU\igrafic\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKU\igrafic\...\Winlogon: [Shell] explorer.exe,C:\Users\igrafic\AppData\Roaming\cache.dat [153600 2011-11-16] () <==== ATTENTION
Startup: C:\Users\igrafic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
==================== Services (Whitelisted) =================
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-14] (Adobe Systems Incorporated)
S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.)
S2 Stuffit Archive Name Service; C:\Program Files (x86)\Smith Micro\StuffIt 2010\ArcNameService.exe [1916248 2010-02-08] (Smith Micro Software, Inc.)
==================== Drivers (Whitelisted) ====================
S5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-04] (Seiko Epson Corporation)
S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-02 19:37 - 2013-10-02 19:37 - 00000000 ____D C:\FRST
==================== One Month Modified Files and Folders =======
2013-10-02 19:37 - 2013-10-02 19:37 - 00000000 ____D C:\FRST
2013-10-02 09:18 - 2012-07-07 13:33 - 00654340 _____ C:\Windows\System32\perfh007.dat
2013-10-02 09:18 - 2012-07-07 13:33 - 00130180 _____ C:\Windows\System32\perfc007.dat
2013-10-02 09:18 - 2012-07-07 03:43 - 01213271 _____ C:\Windows\WindowsUpdate.log
2013-10-02 09:18 - 2009-07-13 21:13 - 01498506 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-02 09:15 - 2012-07-07 08:14 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-02 09:14 - 2012-07-07 08:14 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-02 09:14 - 2012-07-07 08:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-01 09:43 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-01 09:42 - 2009-07-13 20:51 - 00040736 _____ C:\Windows\setupact.log
2013-10-01 09:40 - 2013-07-19 01:26 - 00000004 _____ C:\Users\igrafic\AppData\Roaming\cache.ini
2013-10-01 09:33 - 2012-07-08 11:44 - 00000000 ___RD C:\Users\igrafic\Dropbox
2013-10-01 09:33 - 2012-07-08 11:41 - 00000000 ____D C:\Users\igrafic\AppData\Roaming\Dropbox
2013-09-25 06:14 - 2009-07-13 20:45 - 00014240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-25 06:14 - 2009-07-13 20:45 - 00014240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
Files to move or delete:
====================
C:\Users\igrafic\AppData\Roaming\cache.dat
C:\Users\igrafic\AppData\Roaming\cache.ini
C:\Users\igrafic\StuffIt2010SR2-Multi-language.exe
C:\Users\igrafic\StuffItExpander2011x86.exe
Some content of TEMP:
====================
C:\Users\igrafic\AppData\Local\Temp\APNStub.exe
C:\Users\igrafic\AppData\Local\Temp\Browser_Helper_Companion.exe
C:\Users\igrafic\AppData\Local\Temp\conduitinstaller.exe
C:\Users\igrafic\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\igrafic\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe
C:\Users\igrafic\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\igrafic\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\igrafic\AppData\Local\Temp\ose00000.exe
C:\Users\igrafic\AppData\Local\Temp\SkypeSetup.exe
C:\Users\igrafic\AppData\Local\Temp\tbWinl.dll
C:\Users\igrafic\AppData\Local\Temp\~convert1042079313890606185.exe
C:\Users\igrafic\AppData\Local\Temp\~convert4967424072446245687.exe
C:\Users\igrafic\AppData\Local\Temp\~convert5985908730256956391.exe
C:\Users\igrafic\AppData\Local\Temp\~convert7430316674774228128.exe
C:\Users\igrafic\AppData\Local\Temp\~convert83543547462954620.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
9
Restore point made on: 2013-05-27 23:43:28
Restore point made on: 2013-06-06 11:08:29
Restore point made on: 2013-06-14 10:41:47
Restore point made on: 2013-06-16 03:46:48
Restore point made on: 2013-06-20 07:52:12
Restore point made on: 2013-06-20 12:20:52
Restore point made on: 2013-07-07 11:50:16
Restore point made on: 2013-07-12 11:14:59
Restore point made on: 2013-07-19 01:17:49
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 4060.86 MB
Available physical RAM: 3197.58 MB
Total Pagefile: 4059 MB
Available Pagefile: 3199.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.62 GB) (Free:371.03 GB) NTFS
Drive f: () (Removable) (Total:1.88 GB) (Free:1.88 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7ABE6F4D)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 6B736964)
No partition Table on disk 1.
LastRegBack: 2013-07-22 14:48
==================== End Of Log ============================
|
Kann mir da wer weiterhelfen?
Mit freundlichen Grüßen
Brave
02.10.2013, 18:43
Baum-Darstellung