| |
| |||||||
Log-Analyse und Auswertung: Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.04.2011, 17:28
| #1 |
 |  Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt Hallo liebe Helfer, soeben meldete Windows (Vista), dass das System beschädigt sei, der Desktop blieb schwarz und nach einem Neustart kam eine Trojanermeldung von Windows, besagte allerdings, dass diese gelöscht seien. (Leider weiß ich nun auch nicht mehr, wo ich diese Meldung wiederfinde, sonst würde ich sie natürlich hier posten.) Alle paar Sekunden erschien ein neues Fenster, mit der Meldung, die Festplatte sei beschädigt und der PC startete sich immer wieder von selbst neu. Nachdem ich daraufhin Malwarebytes' runtergeladen hatte und einen Quick-Scan durchgeführt habe, wurden 21 infizierte Objekte gefunden, die ich in Quarantäne verschob. Nach einem drauffolgenden Neustart erscheinen nun nicht mehr die Meldungen "Kritischer Fehler", "Private Daten in Gefahr" und "Festplatte beschädigt", doch der Desktop ist immernoch schwarz und in der Taskleiste erschien das Symbol "geblockte Autostartprogramme". Ich habe die 21 infizierten Objekte nun noch nicht endgültig gelöscht, doch sie befinden sich, wie gesagt, in Quarantäne. Hier die Logdatei: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6458 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19048 27.04.2011 17:51:20 mbam-log-2011-04-27 (17-51-15).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 141547 Laufzeit: 16 Minute(n), 29 Sekunde(n) Infizierte Speicherprozesse: 2 Infizierte Speichermodule: 2 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 3 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 1 Infizierte Dateien: 17 Infizierte Speicherprozesse: c:\programdata\sciedgaotlyn.exe (Trojan.FakeAlert) -> 852 -> No action taken. c:\programdata\41672456.exe (Trojan.FakeAlert) -> 3264 -> No action taken. Infizierte Speichermodule: c:\Users\***\AppData\Local\KBDFWMgr.dll (Trojan.Hiloti) -> No action taken. c:\Users\***\AppData\Local\ejexurivi.dll (Trojan.Agent.U) -> No action taken. Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cgexeyakiwikisox (Trojan.Hiloti) -> Value: Cgexeyakiwikisox -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\scIeDgaoTLYN (Trojan.FakeAlert) -> Value: scIeDgaoTLYN -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Rmebas (Trojan.Agent.U) -> Value: Rmebas -> No action taken. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\Users\***\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery (Trojan.FakeAV) -> No action taken. Infizierte Dateien: c:\Users\***\AppData\Local\KBDFWMgr.dll (Trojan.Hiloti) -> No action taken. c:\programdata\sciedgaotlyn.exe (Trojan.FakeAlert) -> No action taken. c:\programdata\41672456.exe (Trojan.FakeAlert) -> No action taken. c:\Users\***\AppData\Local\Temp\1175.tmp (Trojan.Agent) -> No action taken. c:\Users\***\AppData\Local\Temp\125F.tmp (Trojan.Agent) -> No action taken. c:\Users\***\AppData\Local\Temp\meswnxorca.exe (Trojan.Agent) -> No action taken. c:\Users\***\AppData\Local\Temp\tmp6E33.tmp (Trojan.FakeAlert) -> No action taken. c:\Users\***\AppData\Local\Temp\tmpDC9F.tmp (Trojan.FakeAlert) -> No action taken. c:\Users\***\AppData\Local\Temp\ocmxsnearw.exe (Trojan.Hiloti) -> No action taken. c:\Users\***\AppData\Local\Temp\setup1352044800.exe (Trojan.Agent) -> No action taken. c:\Users\***\AppData\Local\Temp\setup3202486784.exe (Trojan.Agent) -> No action taken. c:\Users\***\AppData\Local\Temp\setup442055680.exe (Trojan.Agent) -> No action taken. c:\Users\***\AppData\Local\Temp\err.log21765774 (Trojan.FakeAlert) -> No action taken. c:\Users\***\Desktop\windows recovery.lnk (Trojan.FakeAV) -> No action taken. c:\Users\***\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery\uninstall windows recovery.lnk (Trojan.FakeAV) -> No action taken. c:\Users\***\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery\windows recovery.lnk (Trojan.FakeAV) -> No action taken. c:\Users\***\AppData\Local\ejexurivi.dll (Trojan.Agent.U) -> No action taken. Ich hoffe, es kann mir jemand weiterhelfen und danke euch jetzt schonmal für eure Antworten |
|
28.04.2011, 19:36
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
29.04.2011, 19:27
| #3 |
| | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt Hey, vielen Dank erstmal für die Antwort.
__________________hier die Logdatei vom vollständigen Scan (komischerweise findet der weniger infizierte Objekte als der Quick Scan): Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 6472 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19048 29.04.2011 20:22:32 mbam-log-2011-04-29 (20-22-21).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 261974 Laufzeit: 1 Stunde(n), 51 Minute(n), 20 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 2 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Rmebas (Trojan.Agent.U) -> Value: Rmebas -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cgexeyakiwikisox (Trojan.Agent.U) -> Value: Cgexeyakiwikisox -> No action taken. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) und hier die logdateien von OTL: OTL Logfile: Code:
ATTFilter OTL logfile created on: 29.04.2011 20:09:02 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Antonia\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 136,45 Gb Total Space | 58,05 Gb Free Space | 42,55% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 5,67 Gb Free Space | 56,67% Space Free | Partition Type: NTFS Drive E: | 327,72 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: BÄR | User Name: Antonia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Antonia\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\VirusScan Enterprise\mcshield.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\VirusScan Enterprise\shstat.exe (McAfee, Inc.) PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\VirusScan Enterprise\vstskmgr.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\VirusScan Enterprise\mfeann.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\VirusScan Enterprise\engineserver.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\Common Framework\naPrdMgr.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\Common Framework\McTray.exe (McAfee, Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Programme\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) PRC - C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.) PRC - C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) ========== Modules (SafeList) ========== MOD - C:\Users\Antonia\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.) SRV - (McShield) -- C:\Programme\McAfee\VirusScan Enterprise\mcshield.exe (McAfee, Inc.) SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.) SRV - (McTaskManager) -- C:\Programme\McAfee\VirusScan Enterprise\vstskmgr.exe (McAfee, Inc.) SRV - (McAfeeEngineService) -- C:\Programme\McAfee\VirusScan Enterprise\engineserver.exe (McAfee, Inc.) SRV - (McAfeeFramework) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (mfehidk) -- C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.) DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.) DRV - (mfetdik) -- C:\Windows\System32\drivers\mfetdik.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.gmx.net/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {B0C7B7A6-EEEB-4069-98A8-B662FEF287D9}:1.9.1 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 09:30:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.23 12:40:16 | 000,000,000 | ---D | M] [2010.05.30 15:47:37 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Antonia\AppData\Roaming\mozilla\Extensions [2011.04.29 16:08:38 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Antonia\AppData\Roaming\mozilla\Firefox\Profiles\n1uqdehm.default\extensions [2010.05.31 16:00:09 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Antonia\AppData\Roaming\mozilla\Firefox\Profiles\n1uqdehm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.01.24 17:16:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.01.12 13:02:25 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.08.21 12:16:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2011.01.24 17:16:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010.08.21 12:16:46 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2011.01.24 17:16:15 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.04.27 16:01:07 | 000,000,000 | -H-D | M] (XULRunner) -- C:\USERS\ANTONIA\APPDATA\LOCAL\{B0C7B7A6-EEEB-4069-98A8-B662FEF287D9} [2009.10.22 20:07:00 | 000,023,864 | ---- | M] (McAfee, Inc.) -- C:\Programme\Mozilla Firefox\components\Scriptff.dll [2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.10.22 16:00:08 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.10.22 16:00:08 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.10.22 16:00:08 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.10.22 16:00:08 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.10.22 16:00:08 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan Enterprise\scriptsn.dll (McAfee, Inc.) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.) O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Cgexeyakiwikisox] File not found O4 - HKCU..\Run: [Rmebas] File not found O4 - Startup: C:\Users\Antonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Antonia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Antonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe () O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Antonia\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Antonia\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [1999.09.25 18:28:22 | 000,000,971 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\AutoRun\command - "" = E:\aoesetup.exe -- [1999.09.20 23:22:04 | 000,585,790 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\directx\command - "" = E:\DIRECTX\DXSETUP.EXE -- [1999.01.09 05:10:00 | 000,096,768 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\dplay\command - "" = E:\DIRECTX\DPLAY61A.EXE -- [1999.06.19 02:35:30 | 000,485,600 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\dxdiag\command - "" = E:\GOODIES\AR40DEU.EXE -- [1999.06.29 18:17:26 | 005,994,880 | R--- | M] (InstallShield Software Corporation) O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\dxinfo\command - "" = E:\GOODIES\DIRECTX\DXINFO.EXE -- [1997.07.15 11:00:00 | 000,299,520 | R--- | M] (Microsoft Corp.) O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\dxtest\command - "" = E:\DIRECTX\DXDIAG.EXE -- [1999.01.09 05:10:00 | 001,253,648 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\dxtool\command - "" = E:\GOODIES\DIRECTX\DXTOOL.EXE -- [1997.07.15 11:00:00 | 000,033,280 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\log\command - "" = E:\goodies\machine\machine.exe -- [1999.08.18 00:05:36 | 000,208,896 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\machine\command - "" = E:\GOODIES\MACHINE\MACHINE.EXE -- [1999.08.18 00:05:36 | 000,208,896 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\setup\command - "" = E:\aoesetup.exe -- [1999.09.20 23:22:04 | 000,585,790 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\zone\command - "" = E:\GOODIES\MSZONE\ZONEA600.EXE -- [1999.09.02 02:16:04 | 006,753,985 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.29 20:07:20 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Antonia\Desktop\OTL.exe [2011.04.27 17:19:11 | 000,000,000 | -H-D | C] -- C:\Users\Antonia\AppData\Roaming\Malwarebytes [2011.04.27 17:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.27 17:19:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.27 17:19:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes [2011.04.27 17:18:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.04.27 17:18:57 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.04.27 17:10:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\WindowsSearch [2011.04.27 16:01:07 | 000,000,000 | -H-D | C] -- C:\Users\Antonia\AppData\Local\{B0C7B7A6-EEEB-4069-98A8-B662FEF287D9} [2011.04.15 14:13:19 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.04.15 14:13:19 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.04.15 14:13:10 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.04.15 14:13:10 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.04.15 14:13:10 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.15 14:13:10 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.15 14:13:10 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.15 14:13:09 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.15 14:13:09 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.04.15 14:13:09 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.04.15 14:13:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.04.15 14:13:08 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.04.15 14:13:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.04.15 14:13:08 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.04.15 14:13:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.04.15 14:13:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.04.15 14:13:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.15 14:13:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.04.15 14:13:07 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.15 14:12:58 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.04.15 14:12:57 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011.04.15 14:12:47 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011.04.15 14:12:42 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.04.15 14:12:34 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.15 14:12:34 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010.05.30 15:52:09 | 028,534,656 | -H-- | C] ( ) -- C:\Programme\AdbeRdr930_de_DE.exe [2010.05.30 06:14:14 | 008,188,856 | -H-- | C] (Mozilla) -- C:\Programme\Firefox Setup 3.6.3.exe ========== Files - Modified Within 30 Days ========== [2011.04.29 20:07:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Antonia\Desktop\OTL.exe [2011.04.29 19:57:54 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.29 19:57:54 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.29 19:57:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.29 15:57:59 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.29 15:57:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.29 15:57:49 | 2134,974,464 | -HS- | M] () -- C:\hiberfil.sys [2011.04.27 17:10:48 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.27 17:10:48 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.27 17:10:48 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.27 17:10:48 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.27 16:40:04 | 000,006,648 | -H-- | M] () -- C:\Users\Antonia\AppData\Local\d3d9caps.dat [2011.04.27 16:10:54 | 000,000,040 | -H-- | M] () -- C:\ProgramData\~41672456 [2011.04.27 16:01:08 | 000,000,120 | -H-- | M] () -- C:\Users\Antonia\AppData\Local\Aletej.dat [2011.04.27 16:01:08 | 000,000,000 | -H-- | M] () -- C:\Users\Antonia\AppData\Local\Nxagilapeyamol.bin [2011.04.16 14:25:38 | 000,248,848 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.01 22:22:50 | 000,052,736 | -H-- | M] () -- C:\Users\Antonia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== Files Created - No Company Name ========== [2011.04.29 15:57:49 | 2134,974,464 | -HS- | C] () -- C:\hiberfil.sys [2011.04.27 16:10:53 | 000,000,040 | -H-- | C] () -- C:\ProgramData\~41672456 [2011.04.27 16:01:08 | 000,000,120 | -H-- | C] () -- C:\Users\Antonia\AppData\Local\Aletej.dat [2011.04.27 16:01:08 | 000,000,000 | -H-- | C] () -- C:\Users\Antonia\AppData\Local\Nxagilapeyamol.bin [2010.09.29 14:49:53 | 000,000,475 | -H-- | C] () -- C:\Users\Antonia\AppData\Roaming\Poladroid prefs.plist [2010.06.28 14:10:50 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2010.06.28 14:10:50 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2010.06.28 14:10:49 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2010.06.28 14:10:49 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2010.06.28 14:10:49 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2010.06.28 14:10:49 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2010.06.28 14:10:49 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2010.06.28 14:10:49 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2010.06.28 14:10:49 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2010.06.28 14:10:49 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2010.06.28 14:10:49 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2010.06.28 14:10:49 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2010.06.28 14:10:49 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2010.06.28 14:10:49 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2010.06.28 14:10:49 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2010.06.28 14:10:49 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2010.06.28 14:10:49 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2010.06.28 14:10:49 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2010.06.28 14:10:49 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2010.06.28 14:08:57 | 000,000,025 | ---- | C] () -- C:\Windows\CDESX100DEFGIPS.ini [2010.06.04 15:25:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.06.02 19:48:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010.06.02 19:48:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010.06.02 19:47:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010.05.30 16:10:44 | 082,143,228 | -H-- | C] () -- C:\Programme\McAfee_8.7i_20091202.exe [2010.05.29 21:48:07 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll [2010.05.29 21:48:06 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE [2010.05.21 13:23:08 | 000,052,736 | -H-- | C] () -- C:\Users\Antonia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.20 00:31:15 | 000,618,442 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2010.05.20 00:31:15 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2010.05.20 00:31:15 | 000,122,842 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2010.05.20 00:31:15 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2010.05.19 15:08:12 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin [2010.05.19 14:57:33 | 000,006,648 | -H-- | C] () -- C:\Users\Antonia\AppData\Local\d3d9caps.dat [2008.02.11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll [2008.02.11 19:34:48 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin [2008.02.11 19:34:48 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin [2008.02.11 19:34:48 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,248,848 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005.05.06 19:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll ========== Files - Unicode (All) ========== [2010.11.30 15:50:46 | 000,007,150 | -H-- | M] ()(C:\Users\Antonia\Documents\?.odt) -- C:\Users\Antonia\Documents\‽.odt [2010.11.30 15:50:45 | 000,007,150 | -H-- | C] ()(C:\Users\Antonia\Documents\?.odt) -- C:\Users\Antonia\Documents\‽.odt < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 29.04.2011 20:09:06 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Antonia\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,45 Gb Total Space | 58,05 Gb Free Space | 42,55% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,67 Gb Free Space | 56,67% Space Free | Partition Type: NTFS
Drive E: | 327,72 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: BÄR | User Name: Antonia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2AF06821-CE46-446D-B694-351D1D321D7A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BBE14221-B75A-46C1-B23E-595CE9CAAAAE}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{324548B4-2A60-45CC-9947-BF28B45AE26D}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{46E816D0-23C2-4C59-A0DB-76A3836FCFFB}" = protocol=17 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"{5622D308-E17C-4E4A-9F35-30C0C8752339}" = protocol=6 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"{6202A3AB-F6E2-4218-95CC-15BACC1B957B}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{621D08B7-4487-4D46-A032-B8969B273601}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{771556B7-2D65-4F11-B62C-7E2C03A870A4}" = protocol=17 | dir=in | app=c:\users\antonia\appdata\roaming\dropbox\bin\dropbox.exe |
"{86B82E01-8839-4A27-80F4-10DF92FBD478}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A3009789-2C75-4E89-BAB1-8420D78C2603}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A7D1ECC8-2507-4730-98BF-996944CDF4F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A9BFD67F-29DD-4D46-B553-5C219990584D}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{B83C78BD-B633-421D-9400-ABF86B39648F}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{C044F3C0-A793-48AD-BC25-51C5312B32C1}" = protocol=6 | dir=in | app=c:\users\antonia\appdata\roaming\dropbox\bin\dropbox.exe |
"{D94996E7-CB7D-4D91-B847-7BFA6E491D83}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{E543D559-BA5D-48EB-B337-45996F015534}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{EEDBB5AC-6206-4812-8EBD-A052D71D30CE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{9D689BA0-F88A-43A0-A5BE-AF1BF209E065}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{EB887DC9-4871-482A-8500-68DB9B8032D6}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"UDP Query User{8B879C53-1374-4653-875C-C2ADE3FDA30D}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{F682EB02-0D62-4836-A267-8F617898F9BF}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}" = McAfee VirusScan Enterprise
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 23
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA951B10-7089-4D60-B288-516E641F48E6}" = McAfee Agent
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CCD90636-D97D-4130-A44A-3AD4E63B9220}" = OpenOffice.org 2.4
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E8FF78D0-4D1C-4B2D-AC80-670F135F5461}" = Poladroid
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Video FX Engine" = Advanced Video FX Engine
"Age of Empires 2.0" = Microsoft Age of Empires II
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Karte
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"DivX Setup.divx.com" = DivX-Setup
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 Benutzerhandbuch" = EPSON Stylus SX100_TX100 Handbuch
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"tetris 2oo5_is1" = tetris 2oo5 - Version 1.2
"VLC media player" = VLC media player 1.1.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"f031ef6ac137efc5" = Dell Driver Download Manager
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.04.2011 14:56:20 | Computer Name = Bär | Source = WinMgmt | ID = 10
Description =
Error - 28.04.2011 06:54:19 | Computer Name = Bär | Source = WinMgmt | ID = 10
Description =
Error - 28.04.2011 07:11:28 | Computer Name = Bär | Source = EventSystem | ID = 4621
Description =
Error - 28.04.2011 11:06:46 | Computer Name = Bär | Source = WinMgmt | ID = 10
Description =
Error - 28.04.2011 12:14:55 | Computer Name = Bär | Source = EventSystem | ID = 4621
Description =
Error - 29.04.2011 03:41:01 | Computer Name = Bär | Source = WinMgmt | ID = 10
Description =
Error - 29.04.2011 03:43:51 | Computer Name = Bär | Source = EventSystem | ID = 4621
Description =
Error - 29.04.2011 09:55:07 | Computer Name = Bär | Source = EventSystem | ID = 4609
Description =
Error - 29.04.2011 09:56:12 | Computer Name = Bär | Source = WinMgmt | ID = 10
Description =
Error - 29.04.2011 09:58:09 | Computer Name = Bär | Source = WinMgmt | ID = 10
Description =
[ Broadcom Wireless LAN Events ]
Error - 15.11.2010 01:48:21 | Computer Name = Bär | Source = WLAN-Tray | ID = 0
Description = 06:48:21, Mon, Nov 15, 10 Error - Unable to gain access to user store
Error - 06.12.2010 19:22:24 | Computer Name = Bär | Source = WLAN-Tray | ID = 0
Description = 00:22:24, Tue, Dec 07, 10 Error - Unable to gain access to user store
Error - 14.12.2010 05:59:21 | Computer Name = Bär | Source = WLAN-Tray | ID = 0
Description = 10:59:20, Tue, Dec 14, 10 Error - Unable to gain access to user store
[ System Events ]
Error - 29.04.2011 09:56:12 | Computer Name = Bär | Source = Service Control Manager | ID = 7001
Description =
Error - 29.04.2011 09:56:12 | Computer Name = Bär | Source = Service Control Manager | ID = 7001
Description =
Error - 29.04.2011 09:58:09 | Computer Name = Bär | Source = Service Control Manager | ID = 7000
Description =
Error - 29.04.2011 09:59:49 | Computer Name = Bär | Source = Service Control Manager | ID = 7000
Description =
Error - 29.04.2011 09:59:48 | Computer Name = Bär | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 29.04.2011 09:59:50 | Computer Name = Bär | Source = Service Control Manager | ID = 7000
Description =
Error - 29.04.2011 10:03:23 | Computer Name = Bär | Source = Service Control Manager | ID = 7000
Description =
Error - 29.04.2011 10:03:23 | Computer Name = Bär | Source = Service Control Manager | ID = 7000
Description =
Error - 29.04.2011 10:10:28 | Computer Name = Bär | Source = Service Control Manager | ID = 7000
Description =
Error - 29.04.2011 10:10:28 | Computer Name = Bär | Source = Service Control Manager | ID = 7000
Description =
< End of report >
vielen dank im vorraus!!! |
|
29.04.2011, 21:00
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
[2011.04.27 16:10:53 | 000,000,040 | -H-- | C] () -- C:\ProgramData\~41672456
[2011.04.27 16:01:08 | 000,000,120 | -H-- | C] () -- C:\Users\Antonia\AppData\Local\Aletej.dat
[2011.04.27 16:01:08 | 000,000,000 | -H-- | C] () -- C:\Users\Antonia\AppData\Local\Nxagilapeyamol.bin
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1999.09.25 18:28:22 | 000,000,971 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\AutoRun\command - "" = E:\aoesetup.exe -- [1999.09.20 23:22:04 | 000,585,790 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\directx\command - "" = E:\DIRECTX\DXSETUP.EXE -- [1999.01.09 05:10:00 | 000,096,768 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\dplay\command - "" = E:\DIRECTX\DPLAY61A.EXE -- [1999.06.19 02:35:30 | 000,485,600 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\dxdiag\command - "" = E:\GOODIES\AR40DEU.EXE -- [1999.06.29 18:17:26 | 005,994,880 | R--- | M] (InstallShield Software Corporation)
O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\dxinfo\command - "" = E:\GOODIES\DIRECTX\DXINFO.EXE -- [1997.07.15 11:00:00 | 000,299,520 | R--- | M] (Microsoft Corp.)
O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\dxtest\command - "" = E:\DIRECTX\DXDIAG.EXE -- [1999.01.09 05:10:00 | 001,253,648 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\dxtool\command - "" = E:\GOODIES\DIRECTX\DXTOOL.EXE -- [1997.07.15 11:00:00 | 000,033,280 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\log\command - "" = E:\goodies\machine\machine.exe -- [1999.08.18 00:05:36 | 000,208,896 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\machine\command - "" = E:\GOODIES\MACHINE\MACHINE.EXE -- [1999.08.18 00:05:36 | 000,208,896 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\setup\command - "" = E:\aoesetup.exe -- [1999.09.20 23:22:04 | 000,585,790 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\Shell\zone\command - "" = E:\GOODIES\MSZONE\ZONEA600.EXE -- [1999.09.02 02:16:04 | 006,753,985 | R--- | M] ()
O4 - HKCU..\Run: [Cgexeyakiwikisox] File not found
O4 - HKCU..\Run: [Rmebas] File not found
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.05.2011, 08:58
| #5 |
| | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt Hallo Arne, hab alles so gemacht, wie du es beschrieben hattest, hier nun das neue Logfile: All processes killed ========== OTL ========== C:\ProgramData\~41672456 moved successfully. C:\Users\Antonia\AppData\Local\Aletej.dat moved successfully. C:\Users\Antonia\AppData\Local\Nxagilapeyamol.bin moved successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. File move failed. E:\AUTORUN.INF scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. File move failed. E:\AOESETUP.EXE scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. File move failed. E:\DIRECTX\DXSETUP.EXE scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. File move failed. E:\DIRECTX\DPLAY61A.EXE scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. File move failed. E:\GOODIES\AR40DEU.EXE scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. File move failed. E:\GOODIES\DIRECTX\DXINFO.EXE scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. File move failed. E:\DIRECTX\DXDIAG.EXE scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. File move failed. E:\GOODIES\DIRECTX\DXTOOL.EXE scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. File move failed. E:\GOODIES\MACHINE\MACHINE.EXE scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. File move failed. E:\GOODIES\MACHINE\MACHINE.EXE scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. File move failed. E:\AOESETUP.EXE scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9c72514-6342-11df-a380-806e6f6e6963}\ not found. File move failed. E:\GOODIES\MSZONE\ZONEA600.EXE scheduled to be moved on reboot. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Cgexeyakiwikisox deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Rmebas deleted successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Antonia ->Temp folder emptied: 1253528368 bytes ->Temporary Internet Files folder emptied: 60807465 bytes ->Java cache emptied: 10264 bytes ->FireFox cache emptied: 105458767 bytes ->Flash cache emptied: 42287 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 23410847 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 1.376,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 05012011_094429 Files\Folders moved on Reboot... File move failed. E:\AUTORUN.INF scheduled to be moved on reboot. File move failed. E:\AOESETUP.EXE scheduled to be moved on reboot. File move failed. E:\DIRECTX\DXSETUP.EXE scheduled to be moved on reboot. File move failed. E:\DIRECTX\DPLAY61A.EXE scheduled to be moved on reboot. File move failed. E:\GOODIES\AR40DEU.EXE scheduled to be moved on reboot. File move failed. E:\GOODIES\DIRECTX\DXINFO.EXE scheduled to be moved on reboot. File move failed. E:\DIRECTX\DXDIAG.EXE scheduled to be moved on reboot. File move failed. E:\GOODIES\DIRECTX\DXTOOL.EXE scheduled to be moved on reboot. File move failed. E:\GOODIES\MACHINE\MACHINE.EXE scheduled to be moved on reboot. File move failed. E:\GOODIES\MSZONE\ZONEA600.EXE scheduled to be moved on reboot. Registry entries deleted on Reboot... Danke und Gruß |
|
01.05.2011, 14:23
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ --> Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt |
|
02.05.2011, 08:43
| #7 |
| | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt So, Kaspersky hat anscheinend nix gefunden, "cure" erschien zumindest nicht und ich habe nach dem scan einfach neu gestartet. hier das log: 2011/05/02 09:21:31.0394 1788 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/05/02 09:21:31.0628 1788 ================================================================================ 2011/05/02 09:21:31.0628 1788 SystemInfo: 2011/05/02 09:21:31.0628 1788 2011/05/02 09:21:31.0628 1788 OS Version: 6.0.6002 ServicePack: 2.0 2011/05/02 09:21:31.0628 1788 Product type: Workstation 2011/05/02 09:21:31.0628 1788 ComputerName: BÄR 2011/05/02 09:21:31.0628 1788 UserName: Antonia 2011/05/02 09:21:31.0628 1788 Windows directory: C:\Windows 2011/05/02 09:21:31.0628 1788 System windows directory: C:\Windows 2011/05/02 09:21:31.0628 1788 Processor architecture: Intel x86 2011/05/02 09:21:31.0628 1788 Number of processors: 2 2011/05/02 09:21:31.0628 1788 Page size: 0x1000 2011/05/02 09:21:31.0628 1788 Boot type: Normal boot 2011/05/02 09:21:31.0628 1788 ================================================================================ 2011/05/02 09:21:32.0049 1788 Initialize success 2011/05/02 09:21:35.0918 2172 ================================================================================ 2011/05/02 09:21:35.0918 2172 Scan started 2011/05/02 09:21:35.0918 2172 Mode: Manual; 2011/05/02 09:21:35.0918 2172 ================================================================================ 2011/05/02 09:21:37.0260 2172 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/05/02 09:21:37.0369 2172 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/05/02 09:21:37.0494 2172 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/05/02 09:21:37.0540 2172 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/05/02 09:21:37.0603 2172 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/05/02 09:21:37.0681 2172 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2011/05/02 09:21:37.0728 2172 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/05/02 09:21:37.0806 2172 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/05/02 09:21:37.0852 2172 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/05/02 09:21:37.0899 2172 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/05/02 09:21:37.0930 2172 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/05/02 09:21:37.0962 2172 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/05/02 09:21:37.0993 2172 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/05/02 09:21:38.0086 2172 ApfiltrService (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys 2011/05/02 09:21:38.0180 2172 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/05/02 09:21:38.0227 2172 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/05/02 09:21:38.0258 2172 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/05/02 09:21:38.0305 2172 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/05/02 09:21:38.0461 2172 BCM43XX (abd543e555bc0453bf52664936df4dcd) C:\Windows\system32\DRIVERS\bcmwl6.sys 2011/05/02 09:21:38.0570 2172 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/05/02 09:21:38.0632 2172 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/05/02 09:21:38.0695 2172 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 2011/05/02 09:21:38.0804 2172 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/05/02 09:21:38.0851 2172 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/05/02 09:21:38.0913 2172 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/05/02 09:21:38.0944 2172 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/05/02 09:21:38.0976 2172 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/05/02 09:21:39.0007 2172 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/05/02 09:21:39.0038 2172 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/05/02 09:21:39.0100 2172 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/05/02 09:21:39.0147 2172 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/05/02 09:21:39.0194 2172 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2011/05/02 09:21:39.0241 2172 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/05/02 09:21:39.0334 2172 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/05/02 09:21:39.0366 2172 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/05/02 09:21:39.0397 2172 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/05/02 09:21:39.0428 2172 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/05/02 09:21:39.0506 2172 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/05/02 09:21:39.0553 2172 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2011/05/02 09:21:39.0662 2172 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/05/02 09:21:39.0740 2172 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/05/02 09:21:39.0818 2172 DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys 2011/05/02 09:21:39.0896 2172 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/05/02 09:21:39.0974 2172 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/05/02 09:21:40.0068 2172 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/05/02 09:21:40.0130 2172 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/05/02 09:21:40.0224 2172 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/05/02 09:21:40.0270 2172 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/05/02 09:21:40.0317 2172 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/05/02 09:21:40.0380 2172 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/05/02 09:21:40.0426 2172 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/05/02 09:21:40.0473 2172 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/05/02 09:21:40.0536 2172 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/05/02 09:21:40.0582 2172 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/05/02 09:21:40.0629 2172 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/05/02 09:21:40.0660 2172 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/05/02 09:21:40.0816 2172 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 2011/05/02 09:21:40.0879 2172 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/05/02 09:21:40.0941 2172 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/05/02 09:21:40.0972 2172 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/05/02 09:21:41.0050 2172 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/05/02 09:21:41.0097 2172 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/05/02 09:21:41.0191 2172 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 2011/05/02 09:21:41.0253 2172 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 2011/05/02 09:21:41.0378 2172 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/05/02 09:21:41.0440 2172 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/05/02 09:21:41.0503 2172 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/05/02 09:21:41.0581 2172 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/05/02 09:21:41.0737 2172 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys 2011/05/02 09:21:41.0877 2172 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/05/02 09:21:41.0955 2172 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/05/02 09:21:42.0002 2172 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/05/02 09:21:42.0080 2172 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/05/02 09:21:42.0142 2172 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/05/02 09:21:42.0205 2172 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/05/02 09:21:42.0236 2172 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/05/02 09:21:42.0283 2172 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/05/02 09:21:42.0345 2172 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/05/02 09:21:42.0376 2172 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/05/02 09:21:42.0423 2172 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/05/02 09:21:42.0470 2172 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/05/02 09:21:42.0517 2172 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys 2011/05/02 09:21:42.0595 2172 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/05/02 09:21:42.0673 2172 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/05/02 09:21:42.0735 2172 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/05/02 09:21:42.0766 2172 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/05/02 09:21:42.0829 2172 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/05/02 09:21:42.0876 2172 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/05/02 09:21:42.0969 2172 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/05/02 09:21:43.0032 2172 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/05/02 09:21:43.0094 2172 mfeapfk (4d81c0e4ed846e9a70b881891a5598ab) C:\Windows\system32\drivers\mfeapfk.sys 2011/05/02 09:21:43.0250 2172 mfeavfk (ff75f47ec2a9ea3e780a9d08daba1276) C:\Windows\system32\drivers\mfeavfk.sys 2011/05/02 09:21:43.0344 2172 mfebopk (5a3b000fdccf826ffb74e76b0474c856) C:\Windows\system32\drivers\mfebopk.sys 2011/05/02 09:21:43.0500 2172 mfehidk (8e6b4e55d3a33b92693f7081ec018c39) C:\Windows\system32\drivers\mfehidk.sys 2011/05/02 09:21:43.0593 2172 mferkdet (fa097d72a439c3a387fe38a654df44c5) C:\Windows\system32\drivers\mferkdet.sys 2011/05/02 09:21:43.0702 2172 mfetdik (a45d0c099a478de5cbd0d6e8466becd5) C:\Windows\system32\drivers\mfetdik.sys 2011/05/02 09:21:43.0843 2172 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/05/02 09:21:43.0890 2172 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/05/02 09:21:43.0921 2172 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/05/02 09:21:43.0952 2172 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/05/02 09:21:43.0983 2172 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/05/02 09:21:44.0046 2172 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/05/02 09:21:44.0108 2172 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/05/02 09:21:44.0155 2172 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/05/02 09:21:44.0233 2172 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/05/02 09:21:44.0280 2172 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/05/02 09:21:44.0467 2172 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/05/02 09:21:44.0670 2172 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/05/02 09:21:44.0904 2172 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys 2011/05/02 09:21:44.0982 2172 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/05/02 09:21:45.0028 2172 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/05/02 09:21:45.0091 2172 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/05/02 09:21:45.0138 2172 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/05/02 09:21:45.0200 2172 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/05/02 09:21:45.0262 2172 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/05/02 09:21:45.0325 2172 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/05/02 09:21:45.0372 2172 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/05/02 09:21:45.0418 2172 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/05/02 09:21:45.0465 2172 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/05/02 09:21:45.0528 2172 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/05/02 09:21:45.0606 2172 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/05/02 09:21:45.0684 2172 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/05/02 09:21:45.0715 2172 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/05/02 09:21:45.0762 2172 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/05/02 09:21:45.0793 2172 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/05/02 09:21:45.0824 2172 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/05/02 09:21:45.0886 2172 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/05/02 09:21:45.0964 2172 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/05/02 09:21:46.0042 2172 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/05/02 09:21:46.0074 2172 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/05/02 09:21:46.0183 2172 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/05/02 09:21:46.0292 2172 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/05/02 09:21:46.0354 2172 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/05/02 09:21:46.0479 2172 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/05/02 09:21:46.0542 2172 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/05/02 09:21:46.0588 2172 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/05/02 09:21:46.0713 2172 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/05/02 09:21:46.0760 2172 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/05/02 09:21:46.0822 2172 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/05/02 09:21:46.0885 2172 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/05/02 09:21:46.0978 2172 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/05/02 09:21:47.0041 2172 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2011/05/02 09:21:47.0103 2172 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/05/02 09:21:47.0212 2172 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/05/02 09:21:47.0446 2172 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/05/02 09:21:47.0493 2172 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/05/02 09:21:47.0602 2172 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/05/02 09:21:47.0680 2172 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/05/02 09:21:47.0758 2172 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/05/02 09:21:47.0805 2172 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/05/02 09:21:47.0836 2172 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/05/02 09:21:47.0899 2172 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/05/02 09:21:47.0946 2172 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/05/02 09:21:48.0008 2172 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/05/02 09:21:48.0055 2172 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/05/02 09:21:48.0086 2172 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/05/02 09:21:48.0164 2172 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/05/02 09:21:48.0195 2172 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/05/02 09:21:48.0242 2172 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/05/02 09:21:48.0320 2172 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys 2011/05/02 09:21:48.0538 2172 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/05/02 09:21:48.0601 2172 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/05/02 09:21:48.0679 2172 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 2011/05/02 09:21:48.0710 2172 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/05/02 09:21:48.0772 2172 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/05/02 09:21:48.0835 2172 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/05/02 09:21:48.0882 2172 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/05/02 09:21:48.0960 2172 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/05/02 09:21:49.0022 2172 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/05/02 09:21:49.0069 2172 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/05/02 09:21:49.0100 2172 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/05/02 09:21:49.0178 2172 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/05/02 09:21:49.0209 2172 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/05/02 09:21:49.0240 2172 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/05/02 09:21:49.0318 2172 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/05/02 09:21:49.0381 2172 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/05/02 09:21:49.0459 2172 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 2011/05/02 09:21:49.0724 2172 srv2 (a5940ca32ed206f90be9fabdf6e92de4) C:\Windows\system32\DRIVERS\srv2.sys 2011/05/02 09:21:49.0974 2172 srvnet (37aa1d560d5fa486c4b11c2f276ada61) C:\Windows\system32\DRIVERS\srvnet.sys 2011/05/02 09:21:50.0067 2172 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/05/02 09:21:50.0114 2172 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/05/02 09:21:50.0145 2172 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/05/02 09:21:50.0176 2172 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/05/02 09:21:50.0286 2172 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2011/05/02 09:21:50.0442 2172 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2011/05/02 09:21:50.0504 2172 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/05/02 09:21:50.0551 2172 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/05/02 09:21:50.0582 2172 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/05/02 09:21:50.0644 2172 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/05/02 09:21:50.0707 2172 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/05/02 09:21:50.0800 2172 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/05/02 09:21:50.0847 2172 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/05/02 09:21:50.0878 2172 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/05/02 09:21:50.0925 2172 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/05/02 09:21:51.0003 2172 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/05/02 09:21:51.0081 2172 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/05/02 09:21:51.0128 2172 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/05/02 09:21:51.0190 2172 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/05/02 09:21:51.0253 2172 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/05/02 09:21:51.0315 2172 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/05/02 09:21:51.0409 2172 USBAAPL (e8c1b9ebac65288e1b51e8a987d98af6) C:\Windows\system32\Drivers\usbaapl.sys 2011/05/02 09:21:51.0627 2172 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/05/02 09:21:51.0658 2172 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/05/02 09:21:51.0736 2172 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/05/02 09:21:51.0768 2172 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/05/02 09:21:51.0830 2172 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/05/02 09:21:51.0892 2172 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2011/05/02 09:21:51.0970 2172 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2011/05/02 09:21:52.0017 2172 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/05/02 09:21:52.0048 2172 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/05/02 09:21:52.0158 2172 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2011/05/02 09:21:52.0236 2172 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/05/02 09:21:52.0282 2172 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/05/02 09:21:52.0345 2172 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/05/02 09:21:52.0392 2172 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/05/02 09:21:52.0423 2172 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/05/02 09:21:52.0485 2172 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/05/02 09:21:52.0548 2172 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/05/02 09:21:52.0657 2172 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/05/02 09:21:52.0719 2172 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/05/02 09:21:52.0797 2172 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/05/02 09:21:52.0844 2172 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/05/02 09:21:52.0906 2172 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/05/02 09:21:53.0000 2172 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/05/02 09:21:53.0062 2172 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/05/02 09:21:53.0203 2172 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 2011/05/02 09:21:53.0359 2172 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/05/02 09:21:53.0452 2172 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/05/02 09:21:53.0484 2172 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/05/02 09:21:53.0562 2172 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/05/02 09:21:53.0655 2172 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys 2011/05/02 09:21:53.0718 2172 ================================================================================ 2011/05/02 09:21:53.0718 2172 Scan finished 2011/05/02 09:21:53.0718 2172 ================================================================================ und auch unhide hat mein zeugs auf dem desktop wieder sichtbar gemacht!!! vielen vielen dank!!! warte auf weitere anweisungen  gruß |
|
02.05.2011, 12:46
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.05.2011, 21:56
| #9 |
| | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt so, habe erst den CCleaner ausgeführt und dann cofi. hier das cofi log: Combofix Logfile: Code:
ATTFilter ComboFix 11-05-02.03 - Antonia 02.05.2011 22:41:07.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.2037.1137 [GMT 2:00]
ausgeführt von:: c:\users\Antonia\Desktop\cofi.exe
AV: McAfee VirusScan Enterprise *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Antonia\AppData\Local\{B0C7B7A6-EEEB-4069-98A8-B662FEF287D9}
c:\users\Antonia\AppData\Local\{B0C7B7A6-EEEB-4069-98A8-B662FEF287D9}\chrome.manifest
c:\users\Antonia\AppData\Local\{B0C7B7A6-EEEB-4069-98A8-B662FEF287D9}\chrome\content\_cfg.js
c:\users\Antonia\AppData\Local\{B0C7B7A6-EEEB-4069-98A8-B662FEF287D9}\chrome\content\overlay.xul
c:\users\Antonia\AppData\Local\{B0C7B7A6-EEEB-4069-98A8-B662FEF287D9}\install.rdf
c:\users\Antonia\AppData\Roaming\Adobe\plugs
c:\users\Antonia\AppData\Roaming\Adobe\shed
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-04-02 bis 2011-05-02 ))))))))))))))))))))))))))))))
.
.
2011-05-02 20:48 . 2011-05-02 20:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-02 20:33 . 2011-05-02 20:33 -------- d-----w- c:\program files\CCleaner
2011-05-01 07:44 . 2011-05-01 07:44 -------- d-----w- C:\_OTL
2011-04-27 15:19 . 2011-04-27 15:19 -------- d-----w- c:\users\Antonia\AppData\Roaming\Malwarebytes
2011-04-27 15:19 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-27 15:19 . 2011-04-27 15:19 -------- d-----w- c:\programdata\Malwarebytes
2011-04-27 15:18 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-27 15:18 . 2011-04-29 18:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-27 15:10 . 2011-04-27 15:10 -------- d-----w- c:\programdata\WindowsSearch
2011-04-15 12:12 . 2011-03-10 17:03 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-15 12:12 . 2011-03-10 17:03 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-04-15 12:12 . 2011-02-18 14:03 305152 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-15 12:12 . 2011-02-18 14:03 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-15 12:12 . 2011-02-18 14:03 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-15 12:12 . 2011-03-02 15:44 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-15 12:12 . 2009-05-04 09:59 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-04-15 12:12 . 2011-03-03 13:25 2041856 ----a-w- c:\windows\system32\win32k.sys
2011-04-15 12:12 . 2011-03-03 15:42 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-15 12:12 . 2011-02-17 06:23 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-14 01:39 . 2011-04-14 01:39 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-30 14:12 . 2010-05-30 14:10 82143228 ----a-w- c:\program files\McAfee_8.7i_20091202.exe
2010-05-30 13:52 . 2010-05-30 13:52 28534656 ----a-w- c:\program files\AdbeRdr930_de_DE.exe
2010-05-30 13:46 . 2010-05-30 04:14 8188856 ----a-w- c:\program files\Firefox Setup 3.6.3.exe
2009-10-22 18:07 . 2010-05-30 14:07 23864 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Antonia\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Antonia\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Antonia\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-05-20 184320]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3444736]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2009-08-25 136512]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-10-22 124240]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-10-25 167936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
.
c:\users\Antonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Antonia\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-12-17 23343848]
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiSpywareOverride"=dword:00000001
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-30 136176]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-30 136176]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2009-10-22 65448]
S2 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\engineserver.exe [2009-10-22 21256]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2009-10-22 70728]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-30 13:01]
.
2011-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-30 13:01]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = about:blank
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\users\Antonia\AppData\Roaming\Mozilla\Firefox\Profiles\n1uqdehm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.gmx.net/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-05-02 22:48
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-05-02 22:51:36
ComboFix-quarantined-files.txt 2011-05-02 20:51
.
Vor Suchlauf: 13 Verzeichnis(se), 63.687.462.912 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 63.683.166.208 Bytes frei
.
- - End Of File - - 518511D662D78045EE90572AC354B605
gruß |
|
02.05.2011, 22:02
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.05.2011, 23:27
| #11 |
| | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt jap, GMER will nicht. und beim öffnen von OSAM erscheint sofort eine virusscan-warnung. wenn ich versuche, osam.exe als administrator auszuführen, oder normal zu öffnen erscheint ein fenster mit "auf das angegebene gerät bzw den pfad oder die datei kann nicht zugegriffen werden. sie verfügen evtl nicht über ausreichende berechtigungen, um auf das element zugreifen zu können." soll ich jetzt trotzdem mit MBRcheck weitermachen?? gruß |
|
03.05.2011, 09:06
| #13 |
| | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt oh ja, sorry. also hier das osam log: OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 10:01:31 on 03.05.2011 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Firefox 3.6.17 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "BCMWLCPL.CPL" - "Dell Inc." - C:\Windows\system32\BCMWLCPL.CPL "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "bcmwlcpl.cpl" - "Dell Inc." - C:\Windows\System32\bcmwlcpl.cpl "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "BCM42RLY" (BCM42RLY) - ? - C:\Windows\System32\drivers\BCM42RLY.sys (File not found) "catchme" (catchme) - ? - C:\Users\Antonia\AppData\Local\Temp\catchme.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "McAfee Inc. mfeapfk" (mfeapfk) - "McAfee, Inc." - C:\Windows\System32\drivers\mfeapfk.sys "McAfee Inc. mfeavfk" (mfeavfk) - "McAfee, Inc." - C:\Windows\System32\drivers\mfeavfk.sys "McAfee Inc. mfebopk" (mfebopk) - "McAfee, Inc." - C:\Windows\System32\drivers\mfebopk.sys "McAfee Inc. mfehidk" (mfehidk) - "McAfee, Inc." - C:\Windows\System32\drivers\mfehidk.sys "McAfee Inc. mferkdet" (mferkdet) - "McAfee, Inc." - C:\Windows\System32\drivers\mferkdet.sys "McAfee Inc. mfetdik" (mfetdik) - "McAfee, Inc." - C:\Windows\System32\drivers\mfetdik.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll [Internet Explorer] -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_23" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} "Java Plug-in 1.6.0_23" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_23" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_23.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10i.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Plug-In" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {9421DD08-935F-4701-A9CA-22DF90AC4EA6} "Easy Photo Print" - "SEIKO EPSON CORPORATION / CyCom Technology Corp." - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {9421DD08-935F-4701-A9CA-22DF90AC4EA6} "Easy Photo Print" - "SEIKO EPSON CORPORATION / CyCom Technology Corp." - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {7DB2D5A0-7241-4E79-B68D-6309F01C5231} "scriptproxy" - "McAfee, Inc." - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Plug-In" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Sign-in Helper" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found) [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Antonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Dropbox.lnk" - "Dropbox, Inc." - C:\Users\Antonia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Shortcut exists | File exists) "OpenOffice.org 2.4.lnk" - ? - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "McAfee Security Scan Plus.lnk" - "McAfee, Inc." - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (Shortcut exists | File exists) "QuickSet.lnk" - "Dell Inc." - C:\Program Files\Dell\QuickSet\quickset.exe (Shortcut exists | File exists) -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Broadcom Wireless Manager UI" - "Dell Inc." - C:\Windows\system32\WLTRAY.exe "DELL Webcam Manager" - "Creative Technology Ltd." - "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s "DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "Malwarebytes' Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript "McAfeeUpdaterUI" - "McAfee, Inc." - "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey "PCMService" - "CyberLink Corp." - "C:\Program Files\Dell\MediaDirect\PCMService.exe" "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "ShStatEXE" - "McAfee, Inc." - "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Network Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )----- "Dell Wireless WLAN Card Logon Provider" - "Dell Inc." - C:\Windows\System32\BCMLogon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Dell Wireless WLAN Tray Service" (wltrysvc) - ? - C:\Windows\System32\WLTRYSVC.EXE (File found, but it contains no detailed information) "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "McAfee Engine Service" (McAfeeEngineService) - "McAfee, Inc." - C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe "McAfee Framework-Dienst" (McAfeeFramework) - "McAfee, Inc." - C:\Program Files\McAfee\Common Framework\FrameworkService.exe "McAfee McShield" (McShield) - "McAfee, Inc." - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe "McAfee Security Scan Component Host Service" (McComponentHostService) - "McAfee, Inc." - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe "McAfee Task Manager" (McTaskManager) - "McAfee, Inc." - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe "McAfee Validation Trust Protection Service" (mfevtp) - "McAfee, Inc." - C:\Windows\system32\mfevtps.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru und MBRCheck: MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows Vista Home Premium Edition Windows Information: Service Pack 2 (build 6002), 32-bit Base Board Manufacturer: Dell Inc. BIOS Manufacturer: Dell Inc. System Manufacturer: Dell Inc. System Product Name: Inspiron 1525 Logical Drives Mask: 0x0000001c Kernel Drivers (total 144): 0x81E48000 \SystemRoot\system32\ntkrnlpa.exe 0x81E15000 \SystemRoot\system32\hal.dll 0x80408000 \SystemRoot\system32\kdcom.dll 0x8040F000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x8047F000 \SystemRoot\system32\PSHED.dll 0x80490000 \SystemRoot\system32\BOOTVID.dll 0x80498000 \SystemRoot\system32\CLFS.SYS 0x804D9000 \SystemRoot\system32\CI.dll 0x8060A000 \SystemRoot\system32\drivers\Wdf01000.sys 0x80686000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x80693000 \SystemRoot\system32\drivers\acpi.sys 0x806D9000 \SystemRoot\system32\drivers\WMILIB.SYS 0x806E2000 \SystemRoot\system32\drivers\msisadrv.sys 0x806EA000 \SystemRoot\system32\drivers\pci.sys 0x80711000 \SystemRoot\System32\drivers\partmgr.sys 0x80720000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x80723000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x8072D000 \SystemRoot\system32\drivers\volmgr.sys 0x8073C000 \SystemRoot\System32\drivers\volmgrx.sys 0x80786000 \SystemRoot\system32\drivers\intelide.sys 0x8078D000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x8079B000 \SystemRoot\System32\drivers\mountmgr.sys 0x807AB000 \SystemRoot\system32\drivers\atapi.sys 0x807B3000 \SystemRoot\system32\drivers\ataport.SYS 0x807D1000 \SystemRoot\system32\drivers\msahci.sys 0x805B9000 \SystemRoot\system32\drivers\fltmgr.sys 0x807DB000 \SystemRoot\system32\drivers\fileinfo.sys 0x87A0B000 \SystemRoot\System32\Drivers\ksecdd.sys 0x87A7C000 \SystemRoot\system32\drivers\ndis.sys 0x87B87000 \SystemRoot\system32\drivers\msrpc.sys 0x87BB2000 \SystemRoot\system32\drivers\NETIO.SYS 0x87C06000 \SystemRoot\System32\drivers\tcpip.sys 0x87CF0000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x87E03000 \SystemRoot\System32\Drivers\Ntfs.sys 0x87F13000 \SystemRoot\system32\drivers\volsnap.sys 0x87F4C000 \SystemRoot\System32\Drivers\spldr.sys 0x87F54000 \SystemRoot\System32\Drivers\mup.sys 0x87F63000 \SystemRoot\system32\drivers\mfehidk.sys 0x87FB5000 \SystemRoot\System32\drivers\ecache.sys 0x87FDC000 \SystemRoot\system32\drivers\disk.sys 0x87D0B000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x87FED000 \SystemRoot\system32\drivers\crcdisk.sys 0x87D44000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x87D4F000 \SystemRoot\system32\DRIVERS\tunmp.sys 0x87D58000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x8BC05000 \SystemRoot\system32\DRIVERS\igdkmd32.sys 0x8C2C0000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x8C35F000 \SystemRoot\System32\drivers\watchdog.sys 0x8C36B000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x8C376000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x8C3B4000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x87D67000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x8B600000 \SystemRoot\system32\DRIVERS\yk60x86.sys 0x8B64C000 \SystemRoot\system32\DRIVERS\bcmwl6.sys 0x8B74E000 \SystemRoot\system32\DRIVERS\ohci1394.sys 0x8B75E000 \SystemRoot\system32\DRIVERS\1394BUS.SYS 0x8B76C000 \SystemRoot\system32\DRIVERS\sdbus.sys 0x8B786000 \SystemRoot\system32\DRIVERS\rixdptsk.sys 0x8B7D7000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x8C3C3000 \SystemRoot\system32\DRIVERS\Apfiltr.sys 0x8B7EA000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x8B7F5000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x8C40D000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x8C425000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys 0x8C42B000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x8C42F000 \SystemRoot\system32\DRIVERS\wmiacpi.sys 0x8C438000 \SystemRoot\system32\DRIVERS\msiscsi.sys 0x8C467000 \SystemRoot\system32\DRIVERS\storport.sys 0x8C4A8000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x8C4B3000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x8C4CA000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x8C4D5000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x8C4F8000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x8C507000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x8C51B000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x8C530000 \SystemRoot\system32\DRIVERS\termdd.sys 0x8C540000 \SystemRoot\system32\DRIVERS\swenum.sys 0x8C542000 \SystemRoot\system32\DRIVERS\ks.sys 0x8C56C000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x8C576000 \SystemRoot\system32\DRIVERS\umbus.sys 0x8C583000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x8C5B8000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x8B80F000 \SystemRoot\system32\DRIVERS\VSTAZL3.SYS 0x8B84B000 \SystemRoot\system32\DRIVERS\VSTDPV3.SYS 0x8C804000 \SystemRoot\system32\DRIVERS\VSTCNXT3.SYS 0x8C8B7000 \SystemRoot\system32\drivers\modem.sys 0x8C8C4000 \SystemRoot\system32\drivers\HdAudio.sys 0x8C903000 \SystemRoot\system32\drivers\portcls.sys 0x8C930000 \SystemRoot\system32\drivers\drmk.sys 0x8C955000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0x8C95E000 \SystemRoot\System32\Drivers\Null.SYS 0x8C965000 \SystemRoot\System32\Drivers\Beep.SYS 0x8C96C000 \SystemRoot\System32\drivers\vga.sys 0x8C978000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x8C999000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x8C9A1000 \SystemRoot\system32\drivers\rdpencdd.sys 0x8C9A9000 \SystemRoot\System32\Drivers\Msfs.SYS 0x8C9B4000 \SystemRoot\System32\Drivers\Npfs.SYS 0x8C9C2000 \SystemRoot\System32\DRIVERS\rasacd.sys 0x8C9CB000 \SystemRoot\system32\DRIVERS\tdx.sys 0x8C9E1000 \SystemRoot\system32\drivers\mfetdik.sys 0x8B94F000 \SystemRoot\system32\DRIVERS\smb.sys 0x8B963000 \SystemRoot\System32\DRIVERS\netbt.sys 0x8B995000 \SystemRoot\system32\drivers\afd.sys 0x8B9DD000 \SystemRoot\system32\DRIVERS\pacer.sys 0x8C9EF000 \SystemRoot\system32\DRIVERS\netbios.sys 0x8C5C9000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x8CA03000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x8CA3F000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x8CA56000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x8CA58000 \SystemRoot\system32\drivers\nsiproxy.sys 0x8CA62000 \SystemRoot\System32\Drivers\dfsc.sys 0x8CA79000 \SystemRoot\System32\Drivers\usbvideo.sys 0x8CA9A000 \SystemRoot\system32\DRIVERS\cdfs.sys 0x8CAB0000 \SystemRoot\System32\Drivers\crashdmp.sys 0x8CABD000 \SystemRoot\System32\Drivers\dump_dumpata.sys 0x8CAC8000 \SystemRoot\System32\Drivers\dump_msahci.sys 0x928B0000 \SystemRoot\System32\win32k.sys 0x8CAD2000 \SystemRoot\System32\drivers\Dxapi.sys 0x8CADC000 \SystemRoot\system32\DRIVERS\monitor.sys 0x92AD0000 \SystemRoot\System32\TSDDD.dll 0x92AF0000 \SystemRoot\System32\cdd.dll 0x8CAEB000 \SystemRoot\system32\drivers\luafv.sys 0x8CB06000 \SystemRoot\system32\drivers\spsys.sys 0x8CBB6000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x8CBC6000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x8CBF0000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x8C5DC000 \SystemRoot\system32\DRIVERS\rspndr.sys 0xA6E07000 \SystemRoot\system32\drivers\HTTP.sys 0xA6E74000 \SystemRoot\System32\DRIVERS\srvnet.sys 0xA6E91000 \SystemRoot\system32\DRIVERS\bowser.sys 0xA6EAA000 \SystemRoot\System32\drivers\mpsdrv.sys 0xA6EBF000 \SystemRoot\system32\drivers\mrxdav.sys 0xA6EE0000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0xA6EFF000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0xA6F38000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0xA6F50000 \SystemRoot\System32\DRIVERS\srv2.sys 0xA6F78000 \SystemRoot\System32\DRIVERS\srv.sys 0xA6FC7000 \SystemRoot\System32\Drivers\fastfat.SYS 0xA9802000 \SystemRoot\system32\drivers\peauth.sys 0xA98E0000 \SystemRoot\System32\Drivers\secdrv.SYS 0xA98EA000 \SystemRoot\System32\drivers\tcpipreg.sys 0xA9910000 \SystemRoot\system32\drivers\mfeavfk.sys 0x777B0000 \Windows\System32\ntdll.dll Processes (total 68): 0 System Idle Process 4 System 464 C:\Windows\System32\smss.exe 544 csrss.exe 588 C:\Windows\System32\wininit.exe 596 csrss.exe 632 C:\Windows\System32\services.exe 668 C:\Windows\System32\lsass.exe 680 C:\Windows\System32\winlogon.exe 688 C:\Windows\System32\lsm.exe 856 C:\Windows\System32\svchost.exe 916 C:\Windows\System32\svchost.exe 1056 C:\Windows\System32\svchost.exe 1084 C:\Windows\System32\svchost.exe 1104 C:\Windows\System32\svchost.exe 1212 C:\Windows\System32\audiodg.exe 1240 C:\Windows\System32\svchost.exe 1264 C:\Windows\System32\SLsvc.exe 1284 C:\Windows\System32\svchost.exe 1456 C:\Windows\System32\svchost.exe 1616 C:\Windows\System32\WLTRYSVC.EXE 1628 C:\Windows\System32\BCMWLTRY.EXE 1648 C:\Windows\System32\wlanext.exe 1696 C:\Windows\System32\taskeng.exe 1740 C:\Windows\System32\spoolsv.exe 1832 C:\Windows\System32\svchost.exe 536 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 600 C:\Windows\System32\dwm.exe 716 C:\Program Files\Bonjour\mDNSResponder.exe 1204 C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe 1452 C:\Program Files\McAfee\Common Framework\FrameworkService.exe 1600 C:\Windows\explorer.exe 2080 C:\Windows\System32\taskeng.exe 2100 C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe 2172 C:\Windows\System32\mfevtps.exe 2280 C:\Windows\System32\svchost.exe 2340 naPrdMgr.exe 2484 C:\Windows\System32\svchost.exe 2624 C:\Windows\System32\svchost.exe 2736 C:\Windows\System32\SearchIndexer.exe 2852 C:\Program Files\Dell\MediaDirect\PCMService.exe 2860 C:\Windows\System32\WLTRAY.EXE 2872 C:\Program Files\McAfee\Common Framework\UdaterUI.exe 2896 C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe 2940 shstat.exe 3056 C:\Windows\System32\hkcmd.exe 3064 C:\Windows\System32\igfxpers.exe 3076 C:\Program Files\DellTPad\Apoint.exe 3112 C:\Program Files\iTunes\iTunesHelper.exe 3132 C:\Program Files\Common Files\Java\Java Update\jusched.exe 3200 C:\Program Files\DivX\DivX Update\DivXUpdate.exe 3220 mfeann.exe 3340 C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe 3348 C:\Program Files\Dell\QuickSet\quickset.exe 3392 C:\Windows\System32\igfxsrvc.exe 3572 C:\Program Files\McAfee\Common Framework\McTray.exe 3652 WmiPrvSE.exe 3956 C:\Program Files\iPod\bin\iPodService.exe 4020 C:\Program Files\DellTPad\ApMsgFwd.exe 4072 C:\Program Files\DellTPad\hidfind.exe 2460 C:\Program Files\DellTPad\ApntEx.exe 3228 C:\Users\Antonia\Desktop\osam.exe 1180 C:\Windows\System32\notepad.exe 2556 C:\Program Files\Mozilla Firefox\firefox.exe 3540 C:\Windows\System32\SearchProtocolHost.exe 1464 C:\Windows\System32\SearchFilterHost.exe 3272 C:\Users\Antonia\Desktop\MBRCheck.exe 1800 C:\Windows\System32\conime.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`86600000 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`06600000 (NTFS) PhysicalDrive0 Model Number: WDCWD1600BEVT-75ZCT1, Rev: 11.01A11 Size Device Name MBR Status -------------------------------------------- 149 GB \\.\PhysicalDrive0 Windows Vista MBR code detected SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979 Done! Gruß |
|
03.05.2011, 10:49
| #14 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt Sieht soweit ok aus. Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.05.2011, 22:37
| #15 |
| | Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt konnten sich alle studenten über die uni runterladen... ist jetzt echt alles wieder gut? vielen vielen dank!!!!! das problem ist jetzt nur noch, dass, wenn ich auf den windows-startbutton links unten gehe, er mir nicht meine zuletzt verwendeten programme anzeigt und ich immer über suche oder alle programme gehen muss, um etwas zu öffnen. is das normal? und bei jedem start erscheint unten rechts in der taskleiste "geblockte autostartprogramme". soll ich da einfach auf "deaktivieren" gehen? und was mach ich mit den ganzen programmen, die jetzt auf dem desktop sind? soll ich die behalten? fragen über fragen... gruß |
|
| Themen zu Kritischer Fehler, Desktopsymbolde verschwunden, Festplatte beschädigt |
| anti-malware, appdata, dateien, desktop, explorer, fehler, festplatte, festplatte beschädigt, gelöscht, infizierte, logdatei, malwarebytes, microsoft, neues fenster, neustart, nicht mehr, private daten in gefahr, programme, recovery, sekunden, setup, software, start menu, system, taskleiste, temp, trojan.agent.u, trojan.fakealert, vista, windows |
Linear-Darstellung
