Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Zwei Partitionen komplett gelöscht!

Zwei Partitionen komplett gelöscht!


Log-Analyse und Auswertung: Zwei Partitionen komplett gelöscht!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 17.05.2011, 11:41   #1
HerrBert
 
Zwei Partitionen komplett gelöscht! - Standard

Zwei Partitionen komplett gelöscht!


EDIT: Bitte verschieben, hab aus Versehen das falsche Unterforum ausgewählt.


Hallo zusammen,

ich hoffe ihr könnt mir ein weiteres Mal helfen.
Vorgestern Abend poppte plötzlich mehrmals die Nachricht auf, dass ein Problem mit meinem Speicher besteht, zeitgleich ging Windows Recovery auf und sagt mir nach dem Versuch des fixens, dass dieses nicht möglich sei.

Nach einem Neustart des Rechners war der Bildschirm komplett schwarz und es wurden mir nirgends mehr Symbole angezeigt.

Ich hab dann eine Systemwiederherstellung gemacht, anschließend CCleaner und Malewarebites laufen lassen. Der Rechner läuft seitdem wieder stabil, allerdings sind seitdem 2 Partitionen komplett leer und zwar D: und F:!

Habt ihr eine Ahnung was passiert ist und ob es eine Möglichkeit gibt, wieder an die fehlenden Dateien heranzukommen?


Danke und Grüße

Robert



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6587

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

16.05.2011 12:39:20
mbam-log-2011-05-16 (12-39-20).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 177596
Laufzeit: 2 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\HerrBert\AppData\Local\Temp\jar_cache3901051372662767040.tmp (Rogue.Installer.Gen) -> Quarantined and deleted successfully.
c:\Users\HerrBert\AppData\Local\Temp\ldr821.tmp (Trojan.Agent) -> Quarantined and deleted successfully.OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 17.05.2011 12:26:19 - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\HerrBert\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 68,52 Gb Free Space | 70,24% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 90,78 Gb Free Space | 61,97% Space Free | Partition Type: NTFS
Drive E: | 146,48 Gb Total Space | 116,72 Gb Free Space | 79,68% Space Free | Partition Type: NTFS
Drive F: | 205,54 Gb Total Space | 181,72 Gb Free Space | 88,41% Space Free | Partition Type: NTFS
 
Computer Name: HERRBERT-PC | User Name: HerrBert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\HerrBert\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\HerrBert\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (DAUpdaterSvc) -- E:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (ES lite Service) -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
SRV - (pgsql-8.3) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.04.05 13:24:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.05 13:24:43 | 000,000,000 | ---D | M]
 
[2010.02.04 15:50:37 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\HerrBert\AppData\Roaming\mozilla\Extensions
[2011.02.11 14:38:29 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\HerrBert\AppData\Roaming\mozilla\Firefox\Profiles\lalgv0rp.default\extensions
[2011.05.09 23:26:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.04.05 13:24:42 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.04.05 13:24:42 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.04.05 13:24:42 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.04.05 13:24:42 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.04.05 13:24:42 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.07.19 16:05:24 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.17 12:25:03 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\HerrBert\Desktop\OTL.exe
[2011.04.19 19:22:53 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.04.19 19:22:53 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.04.19 19:22:53 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.04.19 19:22:48 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011.04.19 19:22:48 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011.04.19 19:22:47 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.04.19 19:22:47 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011.04.19 19:22:43 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.04.19 19:22:43 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.04.19 19:22:43 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.04.19 19:22:43 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.04.19 19:22:26 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.04.19 19:22:26 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.04.19 19:22:26 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.04.19 19:22:26 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.04.19 19:22:26 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.04.19 19:22:26 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.04.19 19:22:26 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.04.19 19:22:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.04.19 19:22:26 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.04.19 19:22:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.04.19 19:22:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.04.19 19:22:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.04.19 19:22:26 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.04.19 19:22:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.04.19 19:22:02 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011.04.19 19:22:02 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011.04.19 19:22:02 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.04.19 19:21:56 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011.04.19 19:21:56 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011.04.19 19:21:56 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011.04.19 19:21:56 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011.04.19 19:21:56 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011.04.19 19:21:56 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011.04.19 19:21:56 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011.04.19 19:21:54 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.17 12:24:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\HerrBert\Desktop\OTL.exe
[2011.05.17 12:24:43 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.17 12:24:43 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.17 12:13:35 | 000,023,080 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2011.05.17 12:13:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.17 12:13:23 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.16 12:31:24 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.05.16 12:28:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.05.16 12:15:02 | 000,000,392 | ---- | M] () -- C:\ProgramData\45473528
[2011.05.16 12:12:36 | 000,000,144 | ---- | M] () -- C:\ProgramData\~45473528r
[2011.05.16 12:12:36 | 000,000,120 | ---- | M] () -- C:\ProgramData\~45473528
[2011.05.06 13:09:15 | 001,507,104 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.06 13:09:15 | 000,657,428 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.05.06 13:09:15 | 000,618,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.06 13:09:15 | 000,130,818 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.05.06 13:09:15 | 000,107,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.20 05:21:13 | 000,000,183 | -H-- | M] () -- C:\Users\HerrBert\AppData\Roaming\default.rss
[2011.04.20 05:21:10 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011.04.20 03:22:52 | 000,296,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.05.16 12:31:24 | 000,001,030 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.05.16 00:18:06 | 000,000,144 | ---- | C] () -- C:\ProgramData\~45473528r
[2011.05.16 00:18:06 | 000,000,120 | ---- | C] () -- C:\ProgramData\~45473528
[2011.05.16 00:18:03 | 000,000,392 | ---- | C] () -- C:\ProgramData\45473528
[2011.03.01 17:01:46 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.03.01 17:01:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.03.01 17:01:46 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.03.01 17:01:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.03.01 17:01:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.02.11 13:37:28 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.07.17 19:06:00 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.02.05 07:24:42 | 000,007,605 | -H-- | C] () -- C:\Users\HerrBert\AppData\Local\Resmon.ResmonCfg
[2010.02.04 19:08:01 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.02.04 19:08:00 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.02.04 19:08:00 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.02.04 16:13:09 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.02.04 15:50:31 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.01.27 17:53:26 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.12.31 06:23:46 | 000,003,584 | ---- | C] () -- C:\Users\HerrBert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.27 16:42:08 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\pxhpinst.exe
[2009.12.27 09:42:48 | 000,000,183 | -H-- | C] () -- C:\Users\HerrBert\AppData\Roaming\default.rss
[2009.12.27 09:42:17 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.12.03 15:26:18 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009.11.24 23:58:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.06.21 08:34:08 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe
[2005.04.28 06:22:38 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2005.04.28 06:22:34 | 000,831,488 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll
[2005.04.28 06:22:34 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll
 
========== LOP Check ==========
 
[2011.05.16 12:36:20 | 000,000,000 | ---D | M] -- C:\Users\HerrBert\AppData\Roaming\Azureus
[2010.04.08 22:44:19 | 000,000,000 | -H-D | M] -- C:\Users\HerrBert\AppData\Roaming\DAEMON Tools Lite
[2011.05.15 22:29:26 | 000,000,000 | -H-D | M] -- C:\Users\HerrBert\AppData\Roaming\DC++
[2010.03.04 19:38:14 | 000,000,000 | -H-D | M] -- C:\Users\HerrBert\AppData\Roaming\ICQ
[2011.05.16 12:19:35 | 000,000,000 | ---D | M] -- C:\Users\HerrBert\AppData\Roaming\Ubisoft
[2011.01.13 15:10:44 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 17.05.2011 12:26:19 - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\HerrBert\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 68,52 Gb Free Space | 70,24% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 90,78 Gb Free Space | 61,97% Space Free | Partition Type: NTFS
Drive E: | 146,48 Gb Total Space | 116,72 Gb Free Space | 79,68% Space Free | Partition Type: NTFS
Drive F: | 205,54 Gb Total Space | 181,72 Gb Free Space | 88,41% Space Free | Partition Type: NTFS
 
Computer Name: HERRBERT-PC | User Name: HerrBert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0205.1 
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C64AB8C-F78B-45C0-98E3-6DE9702E0225}" = Microsoft Office Live Meeting 2007
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{f127d02d-a8ae-4539-a6a8-e1b8375efae9}" = Nero 9 Trial
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"DC++" = DC++ 0.750
"DivX Setup.divx.com" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"PokerStars" = PokerStars
"PunkBusterSvc" = PunkBuster Services
"Steam App 13140" = America's Army 3
"VL Sound 5.1" = VL Sound 5.1
"VLC media player" = VideoLAN VLC media player 0.8.2
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR Archivierer
 
========== Last 10 Event Log Errors ==========
 
[ Antivirus Events ]
Error - 30.08.2010 12:09:20 | Computer Name = HerrBert-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 30.08.2010 12:15:39 | Computer Name = HerrBert-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 31.08.2010 02:54:46 | Computer Name = HerrBert-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 28.09.2010 11:36:22 | Computer Name = HerrBert-PC | Source = avast! | ID = 33554522
Description = 
 
[ Application Events ]
Error - 13.05.2011 10:35:40 | Computer Name = HerrBert-PC | Source = PostgreSQL | ID = 0
Description = 2011-05-13 14:35:40 GMT FATAL:  bogus data in lock file "postmaster.pid":
 "" 
 
Error - 13.05.2011 12:07:04 | Computer Name = HerrBert-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in  Manifest-
 oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
 
Error - 13.05.2011 21:17:28 | Computer Name = HerrBert-PC | Source = PostgreSQL | ID = 0
Description = 2011-05-14 01:17:28 GMT FATAL:  bogus data in lock file "postmaster.pid":
 "" 
 
Error - 15.05.2011 12:05:40 | Computer Name = HerrBert-PC | Source = PostgreSQL | ID = 0
Description = 2011-05-15 16:05:40 GMT FATAL:  bogus data in lock file "postmaster.pid":
 "" 
 
Error - 15.05.2011 13:58:04 | Computer Name = HerrBert-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in  Manifest-
 oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
 
Error - 15.05.2011 18:09:04 | Computer Name = HerrBert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Adobe_Flash_Player.exe, Version: 
1.7.8800.0, Zeitstempel: 0x4d776bb8  Name des fehlerhaften Moduls: Adobe_Flash_Player.exe,
 Version: 1.7.8800.0, Zeitstempel: 0x4d776bb8  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x00001149  ID des fehlerhaften Prozesses: 0x8e4  Startzeit der fehlerhaften Anwendung:
 0x01cc134cb1e94713  Pfad der fehlerhaften Anwendung: C:\Users\HerrBert\AppData\Local\Temp\Adobe_Flash_Player.exe
Pfad
 des fehlerhaften Moduls: C:\Users\HerrBert\AppData\Local\Temp\Adobe_Flash_Player.exe
Berichtskennung:
 f1e2724a-7f3f-11e0-8a3c-00241d2e133e
 
Error - 16.05.2011 06:11:54 | Computer Name = HerrBert-PC | Source = PostgreSQL | ID = 0
Description = 2011-05-16 10:11:54 GMT FATAL:  bogus data in lock file "postmaster.pid":
 "" 
 
Error - 16.05.2011 06:24:56 | Computer Name = HerrBert-PC | Source = PostgreSQL | ID = 0
Description = 2011-05-16 10:24:56 GMT FATAL:  bogus data in lock file "postmaster.pid":
 "" 
 
Error - 16.05.2011 06:40:34 | Computer Name = HerrBert-PC | Source = PostgreSQL | ID = 0
Description = 2011-05-16 10:40:34 GMT FATAL:  bogus data in lock file "postmaster.pid":
 "" 
 
Error - 17.05.2011 06:13:38 | Computer Name = HerrBert-PC | Source = PostgreSQL | ID = 0
Description = 2011-05-17 10:13:38 GMT FATAL:  bogus data in lock file "postmaster.pid":
 "" 
 
[ System Events ]
Error - 30.12.2010 08:59:31 | Computer Name = HerrBert-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 30.12.2010 08:59:31 | Computer Name = HerrBert-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 31.12.2010 09:04:30 | Computer Name = HerrBert-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 31.12.2010 09:04:30 | Computer Name = HerrBert-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 31.12.2010 11:51:53 | Computer Name = HerrBert-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 31.12.2010 11:51:53 | Computer Name = HerrBert-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 31.12.2010 16:47:02 | Computer Name = HerrBert-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 31.12.2010 16:47:02 | Computer Name = HerrBert-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 01.01.2011 06:11:55 | Computer Name = HerrBert-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 01.01.2011 06:11:55 | Computer Name = HerrBert-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
 
< End of report >
--- --- ---
 

Themen zu Zwei Partitionen komplett gelöscht!
0x00000001, 64-bit, adobe, antivirus, avast, avast!, bildschirm, c:\windows\system32\rundll32.exe, error, excel, explorer, fehler, firefox, flash player, format, jar_cache, logfile, microsoft office word, mozilla, neustart, nicht möglich, nodrives, nvidia, oldtimer, plug-in, problem, programme, realtek, registry, richtlinie, rogue.installer.gen, rundll, searchplugins, security, server, shell32.dll, shortcut, software, sptd.sys, systemwiederherstellung gemacht, syswow64, temp, version., windows


« Fehlermeldungen, XP Recovery , Trojaner? | nach Neustart Bildschirm schwarz, Fehlermeldungen, Festplattencluser defekt »


Ähnliche Themen: Zwei Partitionen komplett gelöscht!


  1. Windows7 Vieren scanner hat win64/Adpeak erkannt aber nicht komplett gelöscht!
    Plagegeister aller Art und deren Bekämpfung - 05.12.2014 (13)
  2. Partitionen verschwunden
    Plagegeister aller Art und deren Bekämpfung - 07.09.2014 (3)
  3. Partitionen zusammenfügen Win 7
    Alles rund um Windows - 02.03.2014 (3)
  4. iminent virus komplett gelöscht?
    Log-Analyse und Auswertung - 31.08.2013 (15)
  5. ATRAPS.Gen2 und ZeroAccess.Gen in 5 min komplett gelöscht! - was meint ihr?
    Diskussionsforum - 19.01.2013 (5)
  6. Virus nach Entfernen komplett gelöscht?
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (10)
  7. Virus nach Entfernen komplett gelöscht?
    Mülltonne - 21.12.2012 (0)
  8. Virus nach Entfernen komplett gelöscht?
    Mülltonne - 21.12.2012 (0)
  9. Löschen von Partitionen
    Alles rund um Windows - 01.12.2012 (4)
  10. Vista Partitionen
    Alles rund um Windows - 15.06.2012 (6)
  11. Weisser Bildschirm Windows auf zwei Partitionen, eine betroffen, wird aber nicht von OTLPE gescannt
    Plagegeister aller Art und deren Bekämpfung - 24.03.2012 (1)
  12. [trash] Partition D: komplett gelöscht
    Mülltonne - 09.11.2011 (0)
  13. Security Suite Virus nicht komplett gelöscht
    Log-Analyse und Auswertung - 18.10.2010 (29)
  14. Account wird immer wieder komplett gelöscht. Key Logger?
    Plagegeister aller Art und deren Bekämpfung - 03.08.2009 (3)
  15. HTML/Infected.WebPage.Gen -mit Avira komplett gelöscht??
    Plagegeister aller Art und deren Bekämpfung - 02.05.2009 (0)
  16. Partitionen verschmelzen
    Alles rund um Windows - 16.02.2009 (7)
  17. XP / Format C: / Partitionen
    Alles rund um Windows - 25.10.2003 (11)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Zwei Partitionen komplett gelöscht! - EDIT: Bitte verschieben, hab aus Versehen das falsche Unterforum ausgewählt. Hallo zusammen, ich hoffe ihr könnt mir ein weiteres Mal helfen. Vorgestern Abend poppte plötzlich mehrmals die Nachricht auf, dass - Zwei Partitionen komplett gelöscht!...
Archiv
Du betrachtest: Zwei Partitionen komplett gelöscht! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131