| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Regedit gesperrt, Ordneroption ausgeblendent, Download runterfahrenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.08.2010, 17:05
| #1 |
| |  Regedit gesperrt, Ordneroption ausgeblendent, Download runterfahren Puh, hoffe das ich bei den ganzen Regeln nix falsch mache. also habe folgende Probleme: ich habe im Msconfig unter Start 2 Einträge die ich nicht kenne und ausschalte A. Bron-Spiziaetus B. Tok-Cirrhatus daraus resultieren folgende Probleme 1. Regedit ist gesperrt 2. die Funktion Ordneroptionen ist verschwunden - ÜBERALL 3. wenn ich einen Download starten will startet der Rechner neu ich als Laie löse es wie folgt: 1.1 hier lasse ich Trendmicro laufen der findet meistens 2-4 Troj. 2.1 hier lösche ich in 2 Keys den Folderwert also liegt es an "NoFolderOptions" Start - Ausführen - Regedit dann gehst du zu den jeweiligen Schlüsseln HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer HKEY_LOCAL_MACHINE\ Software\ Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer und löscht dort den Eintrag NoFolderOptions. 3.1 ist meistens auch beim 1 Durchlauf von Trendm. wieder i.O. so nun mein Problem diese Lösung hält nicht aus irgendwelchen Gründen kommen die Probleme wieder zurück. Leider was kann ich da dauerhaft machen? ach ja bevor ich es vergesse ich habe unter Eigene Dateien/ Dokumente eine exe-Datei die DOCUMENTE heisst, wenn ich die lösche habe ich wieder diese Bescherrung?! |
|
20.08.2010, 17:09
| #2 |
| /// Malware-holic   | Regedit gesperrt, Ordneroption ausgeblendent, Download runterfahren schau mal ob du im abgesicherten modus downloaden kannst
__________________bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix und mache dann im normal modus combofix. |
|
20.08.2010, 17:09
| #3 |
  | Regedit gesperrt, Ordneroption ausgeblendent, Download runterfahren *zu langsam*
__________________
__________________ |
|
20.08.2010, 17:49
| #4 |
| | Regedit gesperrt, Ordneroption ausgeblendent, Download runterfahren Hi, danke für die schnelle Antwort, ich kann das Tool nicht laufen lassen habe Vista 64 und das Tool läuft nur unter 32, hätte von Hijack ein Logfile wäre das auch was?! oder gibt es dafür schon ne 64 bit version? |
|
20.08.2010, 18:30
| #5 |
| /// Malware-holic | Regedit gesperrt, Ordneroption ausgeblendent, Download runterfahren poste das hjt log. dann: download malwarebytes: Malwarebytes instalieren, öffnen, registerkarte aktualisierung, programm updaten. schalte jetzt alles an laufenden programmen ab, auch antivirus, trenne die internetverbindung, malwarebytes, komplett scan, funde löschen, evtl. pc neu starten, antivirus + internet ein, log posten. |
|
20.08.2010, 18:51
| #6 |
| | Regedit gesperrt, Ordneroption ausgeblendent, Download runterfahren HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:30:42, on 20.08.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18943) Boot mode: Normal Running processes: C:\ACER\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\ACER\Preload\Autorun\DRV\FUJI Keyboard\AOSD.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "hxxp://www.w3.org/TR/html4/strict.dtd"> O1 - Hosts: <html lang='en'> O1 - Hosts: <head> O1 - Hosts: <meta name="description" content="Yahoo! GeoCities offers you a free web site and all the tools you need to build a dynamic site. Features include easy-to-use site building tools, online help, web site statistics, secure and reliable hosting, and an intuitive control panel."> O1 - Hosts: <title>Yahoo! GeoCities: Get a web site with easy-to-use site building tools.</title> O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="hxxp://l.yimg.com/a/combo?yui/2.5.2/build/reset-fonts-grids/reset-fonts-grids.css&smbiz/css/headfoot_6.css&smbiz/css/ysbs_glossary_1.css"> O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="hxxp://us.i1.yimg.com/us.yimg.com/lib/smbiz/css/geocities_84954.css"> O1 - Hosts: <style> O1 - Hosts: h1 { line-height:30px;height:30px; padding-left:15px; font-weight:bold;font-size:1.6em;color:#1f296a;} O1 - Hosts: .services li { margin-left:1.0em; padding-left:0.5em; background:url("hxxp://l.yimg.com/a/lib/smbiz/i/geo_bullet_3x3_1.gif") no-repeat 0 0.5em; margin-bottom:0.5em;margin-left:1.5em;margin-right:0.5em;width:6em} O1 - Hosts: .services li {float:left; width:17em; font-size:116%;margin-top:0.8em} O1 - Hosts: .services { font-size:116%; padding-bottom:20px } O1 - Hosts: .learnmore a {color:#2882DE;font-size:16px} O1 - Hosts: .image_web {float:right; margin:15px 0 0 15px} O1 - Hosts: p {margin:20px;font-size:1em;} O1 - Hosts: h2 {margin:20px 0 0 20px;color:#1F296;font-weight:bold;font-size:1.25em;color:#1f296a;} O1 - Hosts: h3 {margin:20px;color:#1F296;font-weight:bold;font-size:1.15em;color:#1f296a;} O1 - Hosts: li.rule {border-top:solid 1px #DBE1E6;} O1 - Hosts: </style> O1 - Hosts: </head> O1 - Hosts: <body> O1 - Hosts: <!-- following code added by server. PLEASE REMOVE --> O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE --> O1 - Hosts: <div class="ez-mw" style ="height:900px;width:905px"> O1 - Hosts: <div class="ez-wri ez-oh" style="width:900px"> O1 - Hosts: <div class="ez-box"> O1 - Hosts: <link type="text/css" rel="stylesheet" href="hxxp://l.yimg.com/a/lib/uh/15/css/uh-1.0.28.css"> O1 - Hosts: <style type="text/css"> O1 - Hosts: div#headerblock div{font-family:arial;} O1 - Hosts: </style> O1 - Hosts: <div id="ygma"><div id="ygmaheader"><div class="bd sp"><div id="ymenu" class="ygmaclr"><div id="mepanel"><ul id="mepanel-nav"><li class="me1"><em>New User? <a class="ygmasignup" title="Sign Up" href="hxxp://us.ard.yahoo.com/SIG=15u88cce2/M=650008.13654023.13693397.13153904/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098940/L=HzY9i9j8aIuVH8pzSp2qoCoWz37hF0qhZ1wABADc/B=RCQ9Atj8a20-/J=1252091740846210/K=88LB2KvJxEkW95HaZ4xf4Q/A=5836007/R=2/SIG=13j8rdsqp/*https://edit.yahoo.com/config/eval_register?.done=hxxp://smallbusiness.yahoo.com%2findex.html&.src=smbiz&.intl=us">Sign Up</a></em></li><li class="me2"><a title="Sign In" href="hxxp://us.ard.yahoo.com/SIG=15u88cce2/M=650008.13654023.13693397.13153904/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098940/L=HzY9i9j8aIuVH8pzSp2qoCoWz37hF0qhZ1wABADc/B=RCQ9Atj8a20-/J=1252091740846210/K=88LB2KvJxEkW95HaZ4xf4Q/A=5836007/R=3/SIG=13cm6p12o/*https://login.yahoo.com/config/login?.done=hxxp://geocities.yahoo.com&.src=smbiz&.intl=us">Sign In</a></li> O1 - Hosts: <li class="me3"><a href="hxxp://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=7/SIG=11hjute28/*hxxp://help.yahoo.com/l/us/yahoo/geocities/" target="_top" title="Yahoo! Help Central">Help</a></li> O1 - Hosts: </ul></div><div id="ygmapromo"><a style="font-weight:bold;" id="ygmaie8" href="hxxp://us.ard.yahoo.com/SIG=15vud5jbf/M=650008.13445975.13532322.12832737/D=smallbiz/S=2023010636:HPRM2/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=0Qw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5706923/R=0/SIG=117bakia1/*hxxp://toolbar.yahoo.com/?.cpdl=ushdl" target="_top">Get Yahoo! Toolbar<abbr title="Yahoo! Toolbar"></abbr></a> O1 - Hosts: <script language=javascript> O1 - Hosts: if(window.yzq_d==null)window.yzq_d=new Object(); O1 - Hosts: window.yzq_d['0Qw4Atj8a20-']='&U=13hn349r9%2fN%3d0Qw4Atj8a20-%2fC%3d650008.13445975.13532322.12832737%2fD%3dHPRM2%2fB%3d5706923%2fV%3d1'; O1 - Hosts: </script> O1 - Hosts: <noscript><img width=1 height=1 alt="" src="hxxp://us.bc.yahoo.com/b?P=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48&T=144j596l3%2fX%3d1252090825%2fE%3d2023010636%2fR%3dsmallbiz%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d1861688409%2fQ%3d-1%2fS%3d1%2fJ%3d8B68FCD8&U=13hn349r9%2fN%3d0Qw4Atj8a20-%2fC%3d650008.13445975.13532322.12832737%2fD%3dHPRM2%2fB%3d5706923%2fV%3d1"></noscript></div> O1 - Hosts: <div id="pa"><div id="pa-wrapper"><ul id="pa2-nav" class="sp"><li class="pa1 sp"><a class="sp" href="hxxp://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=8/SIG=10jmd0d5u/*hxxp://yahoo.com/" title="Yahoo!" target="_top">Yahoo!</a></li><li class="pa2 sp"><a class="sp" href="hxxp://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=9/SIG=10n3m6b64/*hxxp://mail.yahoo.com" title="Yahoo! Mail" target="_top">Mail</a></li></ul><div id="pa-left" class="sp"></div><ul id="pa-nav" class="sp"><li class="pa3 sp"><a class="sp" href="hxxp://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252 O1 - Hosts: <script language=javascript> O1 - Hosts: if(window.yzq_d==null)window.yzq_d=new Object(); O1 - Hosts: window.yzq_d['zgw4Atj8a20-']='&U=13gmetml2%2fN%3dzgw4Atj8a20-%2fC%3d650008.13654021.13693393.13153902%2fD%3dHEAD%2fB%3d5836006%2fV%3d1'; O1 - Hosts: </script> O1 - Hosts: </div> O1 - Hosts: </div> O1 - Hosts: <div class="ez-wr" style="width:898px;margin-top:1.5em"> O1 - Hosts: <Div class="ez-l2a" id="wrapper"> O1 - Hosts: <div class="ez-l2a-1 " style="width:898px"> O1 - Hosts: <div class="ez-box"> O1 - Hosts: <div class="ez-wr" > O1 - Hosts: <div class="ez-box" style="width:898px"> O1 - Hosts: <h1>Sorry, the GeoCities web site you were trying to reach is no longer available.</h1> O1 - Hosts: </div> O1 - Hosts: </div> O1 - Hosts: <div class="ez-wr"> O1 - Hosts: <div class="ez-box" id="boxyahoourls"> O1 - Hosts: <p> GeoCities has closed, but there's a lot more to explore on Yahoo!</p> O1 - Hosts: <h2>Visit one of these popular Yahoo! sites:</h2> O1 - Hosts: <ul class= "services"> O1 - Hosts: <li><a href="hxxp://mail.yahoo.com">Yahoo! Mail</a></li> O1 - Hosts: <li><a href="hxxp://smallbusiness.yahoo.com/webhosting">Web Hosting</a></li> O1 - Hosts: <li><a href="hxxp://news.yahoo.com">News</a></li> O1 - Hosts: <li><a href="hxxp://games.yahoo.com">Games</a></li> O1 - Hosts: <li><a href="hxxp://sports.yahoo.com/">Sports</a> </li> O1 - Hosts: <li><a href="hxxp://movies.yahoo.com">Movies</a></li> O1 - Hosts: <li><a href="hxxp://finance.yahoo.com">Finance</a></li> O1 - Hosts: <li><a href="hxxp://maps.yahoo.com">Maps</a></li> O1 - Hosts: </ul> O1 - Hosts: </div> O1 - Hosts: <li class="rule"><!----></li> O1 - Hosts: <p>The GeoCities site you were looking for may have been preserved in the Internet Archive's Wayback Machine. To find out, <a href="hxxp://www.archive.org/web/web.php" target="_blank">visit Archive.org</a> and enter the site's web address in the field provided.</p> O1 - Hosts: <li class="rule"><!----></li> O1 - Hosts: </div> O1 - Hosts: </div> O1 - Hosts: </div> O1 - Hosts: </div> O1 - Hosts: <div class="ez-wr"> O1 - Hosts: <div class="ez-box" style="text-align:center; margin-top:25px;"> O1 - Hosts: <font size="-2" face="verdana">Copyright © 2009 <a href="hxxp://yahoo.com/">Yahoo!</a> Inc. All rights reserved. O1 - Hosts: <ul> O1 - Hosts: <li style="display:inline;"><a target="_top" href="hxxp://privacy.yahoo.com/privacy/us/geo/">Privacy Policy</a></li> - O1 - Hosts: <li style="display:inline;"><a target="_top" href="hxxp://docs.yahoo.com/info/copyright/copyright.html">Copyright Policy</a></li> - O1 - Hosts: <li style="display:inline;"><a target="_top" href="hxxp://docs.yahoo.com/info/guidelines/community.html">Guidelines</a O1 - Hosts: ></li> - O1 - Hosts: <li style="display:inline;"><a target="_top" href="hxxp://smallbusiness.yahoo.com/tos/tos.php">Terms of Service O1 - Hosts: </a></li> - O1 - Hosts: <li style="display:inline;"><a target="_top" href="hxxp://help.yahoo.com/help/us/geo/">Help</a></li> O1 - Hosts: </ul> O1 - Hosts: </font> O1 - Hosts: </div> O1 - Hosts: </div> O1 - Hosts: </div> O1 - Hosts: </body> O1 - Hosts: </html> O1 - Hosts: <!-- text below generated by server. PLEASE REMOVE --></object></layer></div></span></style></noscript></table></script></applet> O1 - Hosts: <IMG SRC="hxxp://geo.yahoo.com/serv?s=19190039&t=1281449529&f=us-w4" ALT=1 WIDTH=1 HEIGHT=1> O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files (x86)\WS_FTP Pro\wsbho2K0.dll O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {ee1babcf-cbe2-4c07-8e18-dfe6fc08c30a} - (no file) O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [BrMfcWnd] "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Bron-Spizaetus] "C:\Windows\ShellNew\sempalong.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O8 - Extra context menu item: Free YouTube Download - C:\Users\WUT\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\WUT\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVM FRITZ!Box-Kindersicherung (avmidentd) - AVM Berlin - C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing) O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell Services - C:\Windows\SYSTEM32\HidService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17684 bytes |
|
21.08.2010, 20:17
| #7 |
| | Regedit gesperrt, Ordneroption ausgeblendent, Download runterfahren wird erledigt muss aber leider bis Montag Ersatzschicht machen da ein Kollege ausgefallen ist deswegen kann ich das erst am dienstag machen bitte warten danke wut |
|
| Themen zu Regedit gesperrt, Ordneroption ausgeblendent, Download runterfahren |
| dokumente, download, einträge, exe-datei, falsch, folge, folgende, funktion, gesperrt, löscht, lösung, microsoft, msconfig, ordneroption, probleme, rechner, regedit, regeln, runterfahren, software, start, starten, startet, verschwunden, version, windows |
Linear-Darstellung
