|
Log-Analyse und Auswertung: Windows 7 Professional Bei Anmeldung Passwort falsch. Program MIIT kurz zuvor gefundetnWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
07.11.2014, 14:20 | #1 |
| Windows 7 Professional Bei Anmeldung Passwort falsch. Program MIIT kurz zuvor gefundetn Hello Trojanerboarder, ich habe ein Problem mit meinem Windows7 Professional Laptop. Ich wollte ihn aufräumen und bin dabei auf einen Ordner MIIT gestoßen. Ich habe auf ihn geklickt und das Programm ausgeführt, welches meinen Namen enthielt. Daraufhin passierte scheinbar nichts. Löschen konnte ich den Ordener ebenfalls nicht. Da mein Antivirus Programm, Kasperky Pure 3.0 jedoch nichts anzeigte, dachte ich mir nichts dabei. Allerdings musste ich daraufhin feststellen, dass ich mich seit dem nicht mehr bei Windows anmelden kann. Nach Google suche bin ich bei euch gelandet und habe euer Programm FRST wie in der Anleitung beschrieben laufen lassen. Das Egebnis hänge ich unten an und hoffe sehr darauf, dass ihr mir helfen könnte. Vielen Dank im Voraus und beste Grüße, Max FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014 Ran by SYSTEM on MININT-T42S8EM on 07-11-2014 13:53:25 Running from h:\ Platform: Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log. Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO) HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH) HKU\Ferry\...\Run: [Amazon Music] => C:\Users\Ferry\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] () HKU\Ferry\...\RunOnce: [Uninstall C:\Users\Ferry\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ferry\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918" ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO) S4 CSObjectsSrv; C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch) S4 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3020632 2014-04-04] (Samsung Electronics CO., LTD.) S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-15] (Fuyu LIMITED) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [105728 2014-09-15] (AVM Berlin) S0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [88632 2011-06-02] (Infowatch) S1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [39736 2011-06-02] (Infowatch) S0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-06-28] (Kaspersky Lab ZAO) S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [597568 2014-06-28] (Kaspersky Lab ZAO) S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-06-28] (Kaspersky Lab ZAO) S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-11-11] (Kaspersky Lab ZAO) S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-11-11] (Kaspersky Lab ZAO) S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-11-11] (Kaspersky Lab ZAO) S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2013-11-11] (Kaspersky Lab ZAO) S5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2014-06-28] (Kaspersky Lab ZAO) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-07 13:53 - 2014-11-07 13:53 - 00000000 ____D () C:\FRST 2014-11-06 18:16 - 2014-11-06 18:16 - 00000000 ____D () C:\Windows\78D62D17D97042DAB8CF5E5576293B33.TMP 2014-10-22 12:21 - 2014-11-06 18:18 - 00000000 ____D () C:\ProgramData\MAX 2014-10-22 12:21 - 2014-10-31 15:36 - 00000000 ____D () C:\Users\Ferry\.MAX 2014-10-19 13:57 - 2014-10-19 13:57 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-10-17 08:48 - 2014-10-10 02:44 - 00396288 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll 2014-10-17 08:48 - 2014-10-10 02:44 - 00230912 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll 2014-10-17 08:48 - 2014-10-10 02:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2014-10-17 08:48 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2014-10-17 08:48 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2014-10-17 08:48 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2014-10-17 08:48 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2014-10-17 08:48 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-10-17 08:48 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-10-17 08:48 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-10-17 08:48 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-10-17 08:48 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-10-17 08:48 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-10-17 08:48 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-10-17 08:48 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2014-10-17 08:48 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-10-17 08:48 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-10-17 08:48 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll 2014-10-17 08:48 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-10-17 08:48 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-10-17 08:48 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-10-17 08:48 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-10-17 08:48 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-10-17 08:48 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-10-17 08:48 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-10-17 08:48 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-10-17 08:48 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-10-17 08:48 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-10-17 08:48 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-10-17 08:48 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-10-17 08:48 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2014-10-17 08:48 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-10-17 08:48 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-10-17 08:48 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-10-17 08:48 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\System32\rastls.dll 2014-10-17 08:47 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll 2014-10-17 08:47 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll 2014-10-17 08:47 - 2014-08-29 02:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll 2014-10-17 08:47 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\System32\winsta.dll 2014-10-17 08:47 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\System32\termsrv.dll 2014-10-17 08:47 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe 2014-10-17 08:47 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll 2014-10-17 08:47 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll 2014-10-17 08:47 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll 2014-10-17 08:47 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys 2014-10-17 08:47 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys 2014-10-17 08:47 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\System32\dfshim.dll 2014-10-17 08:47 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\System32\mscorier.dll 2014-10-17 08:47 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\System32\mscories.dll 2014-10-17 08:46 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\packager.dll 2014-10-10 10:16 - 2014-10-10 10:16 - 00000000 ____D () C:\Users\Ferry\restore 2014-10-10 10:14 - 2014-10-10 10:23 - 00000000 ____D () C:\ProgramData\tmp 2014-10-10 10:14 - 2014-10-10 10:15 - 00000000 ____D () C:\ProgramData\hps 2014-10-10 09:58 - 2014-10-10 09:58 - 00000000 ____D () C:\Program Files\OnlineFotoservice 2014-10-10 09:24 - 2014-10-10 09:24 - 00037683 _____ () C:\Windows\DirectX.log 2014-10-10 09:24 - 2007-03-12 15:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll 2014-10-10 09:23 - 2014-10-10 09:44 - 00000000 ____D () C:\Users\Ferry\AppData\Local\posterXXL Designer 2014-10-08 09:57 - 2012-09-20 04:00 - 00317440 _____ (CANON INC.) C:\Windows\System32\CNMXLMBL.DLL 2014-10-08 09:54 - 2014-10-08 09:54 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu 2014-10-08 09:49 - 2012-05-15 14:58 - 00098048 _____ () C:\Windows\System32\CNC176BD.TBL 2014-10-08 09:49 - 2008-08-25 17:02 - 00015872 _____ (CANON INC.) C:\Windows\System32\CNHMCA.dll 2014-10-08 09:48 - 2014-10-08 09:48 - 00000000 ____D () C:\ProgramData\CanonIJWSpt 2014-10-08 09:46 - 2014-10-08 09:46 - 00000000 ____D () C:\Windows\System32\STRING 2014-10-08 09:46 - 2012-07-31 09:47 - 00035840 _____ (CANON INC.) C:\Windows\System32\CNMNPUI.DLL 2014-10-08 09:10 - 2012-09-21 04:00 - 00258560 _____ (CANON INC.) C:\Windows\System32\CNCALBL.DLL 2014-10-08 09:09 - 2012-09-20 04:00 - 00315904 _____ (CANON INC.) C:\Windows\System32\CNMLMBL.DLL ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-07 12:51 - 2014-06-28 18:07 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-11-07 12:51 - 2009-07-14 05:39 - 00045499 _____ () C:\Windows\setupact.log 2014-11-07 12:16 - 2014-06-28 16:53 - 01297298 _____ () C:\Windows\WindowsUpdate.log 2014-11-07 12:06 - 2009-07-14 05:34 - 00031664 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-07 12:06 - 2009-07-14 05:34 - 00031664 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-07 12:03 - 2010-11-20 22:01 - 01618320 _____ () C:\Windows\System32\PerfStringBackup.INI 2014-11-07 11:47 - 2010-11-20 22:48 - 00118224 _____ () C:\Windows\PFRO.log 2014-11-06 18:31 - 2014-08-26 17:18 - 00000000 ____D () C:\Program Files\Canon 2014-11-06 18:31 - 2009-07-14 05:33 - 00288136 _____ () C:\Windows\System32\FNTCACHE.DAT 2014-11-06 18:23 - 2014-07-25 12:00 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-11-06 18:17 - 2014-07-22 09:43 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft 2014-11-06 18:17 - 2014-07-22 09:41 - 00000000 ____D () C:\Users\Ferry\AppData\Roaming\DVDVideoSoft 2014-11-06 18:17 - 2014-06-28 18:23 - 00000000 ____D () C:\Windows\System32\appmgmt 2014-11-06 18:13 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\twain_32 2014-11-06 18:12 - 2014-08-26 17:18 - 00000000 ____D () C:\Users\Ferry\AppData\Roaming\canon 2014-11-06 18:02 - 2014-06-28 16:59 - 00000000 ____D () C:\Users\Ferry\AppData\Local\VirtualStore 2014-10-29 14:40 - 2014-07-23 12:55 - 00000000 ____D () C:\Users\Ferry\AppData\Roaming\vlc 2014-10-28 06:35 - 2014-06-28 18:28 - 00229000 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2014-10-23 18:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\NDF 2014-10-22 12:21 - 2014-06-28 16:59 - 00000000 ____D () C:\users\Ferry 2014-10-19 13:58 - 2014-09-01 11:03 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-19 13:57 - 2014-09-01 11:03 - 00000000 ____D () C:\Program Files\Java 2014-10-19 13:56 - 2014-09-01 11:04 - 00096680 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll 2014-10-18 15:22 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-10-18 13:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-10-18 11:35 - 2014-07-22 14:42 - 00000000 ____D () C:\Users\Ferry\AppData\Local\Adobe 2014-10-18 11:33 - 2014-06-28 23:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2014-10-18 11:33 - 2014-06-28 23:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2014-10-18 11:25 - 2014-06-28 21:03 - 00000000 ___SD () C:\Windows\System32\CompatTel 2014-10-17 17:44 - 2014-06-28 20:03 - 00000000 ____D () C:\Windows\System32\MRT 2014-10-17 17:41 - 2014-06-28 20:03 - 100290944 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2014-10-10 09:43 - 2014-09-15 16:47 - 00000000 ____D () C:\Users\Ferry\AppData\Local\Deployment 2014-10-10 09:42 - 2014-09-15 16:49 - 00003140 _____ () C:\Windows\avmadd321.log 2014-10-10 09:42 - 2014-09-15 16:26 - 00001600 _____ () C:\Windows\avmadd32.log 2014-10-08 11:07 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\System32\FxsTmp 2014-10-08 09:49 - 2009-07-14 03:37 - 00000000 __RSD () C:\Windows\Media Some content of TEMP: ==================== C:\Users\Ferry\AppData\Local\Temp\jre-8u25-windows-au.exe C:\Users\Ferry\AppData\Local\Temp\mirc729.exe C:\Users\Ferry\AppData\Local\Temp\MouseKeyboardCenterx86_1031.exe C:\Users\Ferry\AppData\Local\Temp\MSETUP4.EXE C:\Users\Ferry\AppData\Local\Temp\sdanircmdc.exe C:\Users\Ferry\AppData\Local\Temp\sdapskill.exe C:\Users\Ferry\AppData\Local\Temp\sdaspwn.exe C:\Users\Ferry\AppData\Local\Temp\uninstall.exe C:\Users\Ferry\AppData\Local\Temp\vlc-2.1.5-win32.exe ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe [2014-10-17 08:47] - [2014-07-17 02:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870 C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= Restore point made on: 2014-10-28 22:58:09 Restore point made on: 2014-11-04 10:36:38 Restore point made on: 2014-11-06 18:15:45 Restore point made on: 2014-11-06 18:22:18 Restore point made on: 2014-11-07 12:05:05 ==================== Memory info =========================== Percentage of memory in use: 15% Total physical RAM: 3004.61 MB Available physical RAM: 2541.79 MB Total Pagefile: 3000.84 MB Available Pagefile: 2553.41 MB Total Virtual: 2047.88 MB Available Virtual: 1947.16 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:78.12 GB) (Free:50.07 GB) NTFS Drive e: (Daten) (Fixed) (Total:219.87 GB) (Free:219.71 GB) NTFS Drive g: (WIN7) (Removable) (Total:7.48 GB) (Free:5.13 GB) FAT32 Drive h: (UBUNTU) (Removable) (Total:7.53 GB) (Free:7.53 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 5A246469) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=78.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=219.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7.5 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 7.5 GB) (Disk ID: 00000000) Partition: GPT Partition Type. LastRegBack: 2014-10-26 22:25 ==================== End Of Log ============================ --- --- --- FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014 Ran by SYSTEM on MININT-T42S8EM on 07-11-2014 13:53:25 Running from h:\ Platform: Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log. Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO) HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH) HKU\Ferry\...\Run: [Amazon Music] => C:\Users\Ferry\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] () HKU\Ferry\...\RunOnce: [Uninstall C:\Users\Ferry\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ferry\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918" ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO) S4 CSObjectsSrv; C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch) S4 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3020632 2014-04-04] (Samsung Electronics CO., LTD.) S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-15] (Fuyu LIMITED) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [105728 2014-09-15] (AVM Berlin) S0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [88632 2011-06-02] (Infowatch) S1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [39736 2011-06-02] (Infowatch) S0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-06-28] (Kaspersky Lab ZAO) S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [597568 2014-06-28] (Kaspersky Lab ZAO) S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-06-28] (Kaspersky Lab ZAO) S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-11-11] (Kaspersky Lab ZAO) S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-11-11] (Kaspersky Lab ZAO) S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-11-11] (Kaspersky Lab ZAO) S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2013-11-11] (Kaspersky Lab ZAO) S5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2014-06-28] (Kaspersky Lab ZAO) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-07 13:53 - 2014-11-07 13:53 - 00000000 ____D () C:\FRST 2014-11-06 18:16 - 2014-11-06 18:16 - 00000000 ____D () C:\Windows\78D62D17D97042DAB8CF5E5576293B33.TMP 2014-10-22 12:21 - 2014-11-06 18:18 - 00000000 ____D () C:\ProgramData\MAX 2014-10-22 12:21 - 2014-10-31 15:36 - 00000000 ____D () C:\Users\Ferry\.MAX 2014-10-19 13:57 - 2014-10-19 13:57 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-10-17 08:48 - 2014-10-10 02:44 - 00396288 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll 2014-10-17 08:48 - 2014-10-10 02:44 - 00230912 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll 2014-10-17 08:48 - 2014-10-10 02:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2014-10-17 08:48 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2014-10-17 08:48 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2014-10-17 08:48 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2014-10-17 08:48 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2014-10-17 08:48 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-10-17 08:48 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-10-17 08:48 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-10-17 08:48 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-10-17 08:48 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-10-17 08:48 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-10-17 08:48 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-10-17 08:48 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2014-10-17 08:48 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-10-17 08:48 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-10-17 08:48 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll 2014-10-17 08:48 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-10-17 08:48 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-10-17 08:48 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-10-17 08:48 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-10-17 08:48 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-10-17 08:48 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-10-17 08:48 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-10-17 08:48 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-10-17 08:48 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-10-17 08:48 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-10-17 08:48 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-10-17 08:48 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-10-17 08:48 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2014-10-17 08:48 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-10-17 08:48 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-10-17 08:48 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-10-17 08:48 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\System32\rastls.dll 2014-10-17 08:47 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll 2014-10-17 08:47 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll 2014-10-17 08:47 - 2014-08-29 02:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll 2014-10-17 08:47 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\System32\winsta.dll 2014-10-17 08:47 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\System32\termsrv.dll 2014-10-17 08:47 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe 2014-10-17 08:47 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll 2014-10-17 08:47 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll 2014-10-17 08:47 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll 2014-10-17 08:47 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys 2014-10-17 08:47 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys 2014-10-17 08:47 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\System32\dfshim.dll 2014-10-17 08:47 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\System32\mscorier.dll 2014-10-17 08:47 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\System32\mscories.dll 2014-10-17 08:46 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\packager.dll 2014-10-10 10:16 - 2014-10-10 10:16 - 00000000 ____D () C:\Users\Ferry\restore 2014-10-10 10:14 - 2014-10-10 10:23 - 00000000 ____D () C:\ProgramData\tmp 2014-10-10 10:14 - 2014-10-10 10:15 - 00000000 ____D () C:\ProgramData\hps 2014-10-10 09:58 - 2014-10-10 09:58 - 00000000 ____D () C:\Program Files\OnlineFotoservice 2014-10-10 09:24 - 2014-10-10 09:24 - 00037683 _____ () C:\Windows\DirectX.log 2014-10-10 09:24 - 2007-03-12 15:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll 2014-10-10 09:23 - 2014-10-10 09:44 - 00000000 ____D () C:\Users\Ferry\AppData\Local\posterXXL Designer 2014-10-08 09:57 - 2012-09-20 04:00 - 00317440 _____ (CANON INC.) C:\Windows\System32\CNMXLMBL.DLL 2014-10-08 09:54 - 2014-10-08 09:54 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu 2014-10-08 09:49 - 2012-05-15 14:58 - 00098048 _____ () C:\Windows\System32\CNC176BD.TBL 2014-10-08 09:49 - 2008-08-25 17:02 - 00015872 _____ (CANON INC.) C:\Windows\System32\CNHMCA.dll 2014-10-08 09:48 - 2014-10-08 09:48 - 00000000 ____D () C:\ProgramData\CanonIJWSpt 2014-10-08 09:46 - 2014-10-08 09:46 - 00000000 ____D () C:\Windows\System32\STRING 2014-10-08 09:46 - 2012-07-31 09:47 - 00035840 _____ (CANON INC.) C:\Windows\System32\CNMNPUI.DLL 2014-10-08 09:10 - 2012-09-21 04:00 - 00258560 _____ (CANON INC.) C:\Windows\System32\CNCALBL.DLL 2014-10-08 09:09 - 2012-09-20 04:00 - 00315904 _____ (CANON INC.) C:\Windows\System32\CNMLMBL.DLL ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-07 12:51 - 2014-06-28 18:07 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-11-07 12:51 - 2009-07-14 05:39 - 00045499 _____ () C:\Windows\setupact.log 2014-11-07 12:16 - 2014-06-28 16:53 - 01297298 _____ () C:\Windows\WindowsUpdate.log 2014-11-07 12:06 - 2009-07-14 05:34 - 00031664 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-07 12:06 - 2009-07-14 05:34 - 00031664 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-07 12:03 - 2010-11-20 22:01 - 01618320 _____ () C:\Windows\System32\PerfStringBackup.INI 2014-11-07 11:47 - 2010-11-20 22:48 - 00118224 _____ () C:\Windows\PFRO.log 2014-11-06 18:31 - 2014-08-26 17:18 - 00000000 ____D () C:\Program Files\Canon 2014-11-06 18:31 - 2009-07-14 05:33 - 00288136 _____ () C:\Windows\System32\FNTCACHE.DAT 2014-11-06 18:23 - 2014-07-25 12:00 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-11-06 18:17 - 2014-07-22 09:43 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft 2014-11-06 18:17 - 2014-07-22 09:41 - 00000000 ____D () C:\Users\Ferry\AppData\Roaming\DVDVideoSoft 2014-11-06 18:17 - 2014-06-28 18:23 - 00000000 ____D () C:\Windows\System32\appmgmt 2014-11-06 18:13 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\twain_32 2014-11-06 18:12 - 2014-08-26 17:18 - 00000000 ____D () C:\Users\Ferry\AppData\Roaming\canon 2014-11-06 18:02 - 2014-06-28 16:59 - 00000000 ____D () C:\Users\Ferry\AppData\Local\VirtualStore 2014-10-29 14:40 - 2014-07-23 12:55 - 00000000 ____D () C:\Users\Ferry\AppData\Roaming\vlc 2014-10-28 06:35 - 2014-06-28 18:28 - 00229000 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2014-10-23 18:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\NDF 2014-10-22 12:21 - 2014-06-28 16:59 - 00000000 ____D () C:\users\Ferry 2014-10-19 13:58 - 2014-09-01 11:03 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-19 13:57 - 2014-09-01 11:03 - 00000000 ____D () C:\Program Files\Java 2014-10-19 13:56 - 2014-09-01 11:04 - 00096680 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll 2014-10-18 15:22 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-10-18 13:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-10-18 11:35 - 2014-07-22 14:42 - 00000000 ____D () C:\Users\Ferry\AppData\Local\Adobe 2014-10-18 11:33 - 2014-06-28 23:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2014-10-18 11:33 - 2014-06-28 23:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2014-10-18 11:25 - 2014-06-28 21:03 - 00000000 ___SD () C:\Windows\System32\CompatTel 2014-10-17 17:44 - 2014-06-28 20:03 - 00000000 ____D () C:\Windows\System32\MRT 2014-10-17 17:41 - 2014-06-28 20:03 - 100290944 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2014-10-10 09:43 - 2014-09-15 16:47 - 00000000 ____D () C:\Users\Ferry\AppData\Local\Deployment 2014-10-10 09:42 - 2014-09-15 16:49 - 00003140 _____ () C:\Windows\avmadd321.log 2014-10-10 09:42 - 2014-09-15 16:26 - 00001600 _____ () C:\Windows\avmadd32.log 2014-10-08 11:07 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\System32\FxsTmp 2014-10-08 09:49 - 2009-07-14 03:37 - 00000000 __RSD () C:\Windows\Media Some content of TEMP: ==================== C:\Users\Ferry\AppData\Local\Temp\jre-8u25-windows-au.exe C:\Users\Ferry\AppData\Local\Temp\mirc729.exe C:\Users\Ferry\AppData\Local\Temp\MouseKeyboardCenterx86_1031.exe C:\Users\Ferry\AppData\Local\Temp\MSETUP4.EXE C:\Users\Ferry\AppData\Local\Temp\sdanircmdc.exe C:\Users\Ferry\AppData\Local\Temp\sdapskill.exe C:\Users\Ferry\AppData\Local\Temp\sdaspwn.exe C:\Users\Ferry\AppData\Local\Temp\uninstall.exe C:\Users\Ferry\AppData\Local\Temp\vlc-2.1.5-win32.exe ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe [2014-10-17 08:47] - [2014-07-17 02:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870 C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= Restore point made on: 2014-10-28 22:58:09 Restore point made on: 2014-11-04 10:36:38 Restore point made on: 2014-11-06 18:15:45 Restore point made on: 2014-11-06 18:22:18 Restore point made on: 2014-11-07 12:05:05 ==================== Memory info =========================== Percentage of memory in use: 15% Total physical RAM: 3004.61 MB Available physical RAM: 2541.79 MB Total Pagefile: 3000.84 MB Available Pagefile: 2553.41 MB Total Virtual: 2047.88 MB Available Virtual: 1947.16 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:78.12 GB) (Free:50.07 GB) NTFS Drive e: (Daten) (Fixed) (Total:219.87 GB) (Free:219.71 GB) NTFS Drive g: (WIN7) (Removable) (Total:7.48 GB) (Free:5.13 GB) FAT32 Drive h: (UBUNTU) (Removable) (Total:7.53 GB) (Free:7.53 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 5A246469) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=78.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=219.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7.5 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 7.5 GB) (Disk ID: 00000000) Partition: GPT Partition Type. LastRegBack: 2014-10-26 22:25 ==================== End Of Log ============================ --- --- --- |
07.11.2014, 15:29 | #2 |
/// TB-Ausbilder | Windows 7 Professional Bei Anmeldung Passwort falsch. Program MIIT kurz zuvor gefundetn Hallo Max Weiss
__________________Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg. Wir "arbeiten" hier alle freiwillig und in unserer Freizeit *hust*. Daher kann es bei Antworten zu Verzögerungen kommen. Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist. Wo genau lag denn dieser ominöse Ordner ?
__________________ |
07.11.2014, 16:40 | #3 |
| Windows 7 Professional Bei Anmeldung Passwort falsch. Program MIIT kurz zuvor gefundetn Hallo Timo,
__________________vielen Dank für Deine Antwort. Der komische MIIT Ordner war unter Programme installiert... war auch saublöd, dass ich das überhaupt gemacht habe. Habe mich auf Kasperky verlassen. Ich habe jetzt bereits so viel Zeit mit diesem !#+?=)§!!! verbracht...als ich gelesen habe "Formatierung ist der sicherste Weg", dann soll es eben so sein. Dann weiß ich wenigstens, dass es wieder funktioniert. Trotzdem vielen Dank und beste Grüße! |
07.11.2014, 18:00 | #4 |
/// TB-Ausbilder | Windows 7 Professional Bei Anmeldung Passwort falsch. Program MIIT kurz zuvor gefundetn Wie du magst. Es ist eher ungewöhnlich das Malware den PC "so" sperrt, das er User nichts mehr machen kann. I.d.R. wollen die ja nur dein bestes ^^ Geld oder Daten ;-) Wenn du aber formatieren willst, ja das ist der sicherste Weg.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
Themen zu Windows 7 Professional Bei Anmeldung Passwort falsch. Program MIIT kurz zuvor gefundetn |
beste grüße, canon, file, helper.exe, kaspersky, namen, passwort, problem, protectwindowsmanager.exe, windows |