Hallo Cosinus, sorry für die späte Antwort.... Also folgender Sachstand:
Systemstart (normal) von Festplatte:
- System zeigt den Bootscreen und läuft und läuft und läuft... Systemstart (abgesicherter Modus) von Festplatte:
- bootet und bleibt aber dann meist auf dem Desktop hängen Systemstart (abgesicherter Modus mit Netzwerktreibern):
-bootet bleibt aber dann auf dem Desktop hängen Systemstart (Computer reparieren) von Festplatte:
-bricht ab mit Hardwarefehler 0xc00000e9
Systemstart (Computer reparieren) von Win VISTA Recovery CD:
- Funktioniert und läuft durch, dann wieder bei allen anderen Boot Optionen das gleiche Spiel von vorn Hier nochmal eine Log Datei FRST.txt (erstellt mit Win VISTA Recovery CD):
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-10-2013
Ran by SYSTEM on MINWINPC on 30-10-2013 17:11:18
Running from H:\
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NWEReboot] - [x]
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-10] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [TPwrMain] - C:\Program Files\Toshiba\Power Saver\TPwrMain.exe [431456 2008-01-17] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [571024 2007-05-04] (Toshiba)
HKLM\...\Run: [topi] - C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe [581632 2007-07-10] (TOSHIBA)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-11-29] (Synaptics, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [509816 2008-01-25] (TOSHIBA Corporation)
HKLM\...\Run: [Seagate Dashboard] - C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe [79112 2010-04-30] ()
HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-11-02] (Research In Motion Limited)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [NeroCheck] - C:\Windows\system32\\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [Memeo Send] - C:\Program Files\Memeo\Memeo Send\MemeoLauncher.exe [236816 2009-11-05] ()
HKLM\...\Run: [Memeo Instant Backup] - C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-01-24] (Memeo Inc.)
HKLM\...\Run: [Memeo AutoSync] - C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe [144608 2010-04-16] (Memeo Inc.)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1442888 2008-06-10] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [ITSecMng] - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe [75136 2007-09-28] ( TOSHIBA CORPORATION)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1406024 2008-06-10] (Microsoft Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\Toshiba\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] - C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe [716800 2008-01-25] (TOSHIBA Corporation.)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM\...\Run: [Desktop SMS] - C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [1507328 2007-06-18] (Interactive Digital Media)
HKLM\...\Run: [Camera Assistant Software] - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [413696 2007-10-25] (Chicony)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-09-24] (APN)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\Toshiba\FlashCards\TCrdMain.exe [712704 2008-01-22] (TOSHIBA Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [ 2007-12-29] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [ 2007-12-29] ()
HKU\Flo\...\Run: [] - [x]
HKU\Flo\...\Run: [Google Update] - [x]
HKU\Flo\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2008-01-21] (Microsoft Corporation)
HKU\Flo\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2008-08-24] (Google Inc.)
HKU\Flo\...\Run: [NTRedirect] - C:\Windows\system32\rundll32.exe "C:\Users\Flo\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
HKU\Flo\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [ 2012-05-16] (Nokia)
HKU\Flo\...\Run: [ISUSPM] - "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
HKU\Flo\...\Run: [ICQ] - "C:\Program Files\ICQ6.5\ICQ.exe" silent
HKU\Flo\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [ 2008-01-21] (Microsoft Corporation)
HKU\Flo\...\Policies\system: [LogonHoursAction] 2
HKU\Flo\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: c:\progra~2\bitguard\261694~1.246\{c16c1~1\bitguard.dll [ 2013-10-08] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
========================== Services (Whitelisted) =================
S4 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440392 2013-10-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-10-10] (Avira Operations GmbH & Co. KG)
S2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-09-24] (APN LLC.)
S2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3032032 2013-10-08] ()
S2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2007-12-25] (TOSHIBA CORPORATION)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [1836544 2008-02-15] (Google)
S2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2011-01-24] (Memeo)
S2 o2flash; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [65536 2007-02-12] (O2Micro International)
S2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2010-04-30] (Memeo)
S2 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation)
S2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
S2 *etadpug; "C:\Program Files\Google\Desktop\Install\{cdd80180-a874-a155-79d3-32d208873e25}\ \...\???\{cdd80180-a874-a155-79d3-32d208873e25}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
==================== Drivers (Whitelisted) ====================
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [89376 2013-10-10] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-10-10] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-10] (Avira Operations GmbH & Co. KG)
S3 CnxtHdAudAddService; C:\Windows\System32\drivers\CHDART.sys [187904 2008-02-01] (Conexant Systems Inc.)
S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
S1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25160 2007-08-07] (Elaborate Bytes AG)
S0 PzWDM; C:\Windows\System32\Drivers\PzWDM.sys [15172 2009-04-11] (Prassi Technology)
S3 QIOMem; C:\Windows\System32\DRIVERS\QIOMem.sys [8192 2007-04-09] (TOSHIBA)
S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-15] (Avira GmbH)
S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
S3 igfx; system32\DRIVERS\igdkmd32.sys [x]
S3 IntcHdmiAddService; system32\drivers\IntcHdmi.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 xMrMINI; system32\DRIVERS\xMrMini.sys [x]
S3 xVGAMINI; system32\DRIVERS\xVgaMini.sys [x]
S3 xVGAUSB; system32\drivers\xvgausb.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-29 15:45 - 2013-10-29 15:45 - 00000000 ____D C:\FRST
2013-10-10 15:46 - 2013-10-10 15:46 - 100267706 _____ C:\Windows\System32\摒᯽ᰴ˜
2013-10-09 16:09 - 2013-10-21 21:10 - 00000000 ____D C:\Windows\pss
2013-10-09 14:59 - 2013-10-09 15:12 - 00000000 ____D C:\Users\Flo\Desktop\Luminox
2013-10-03 21:32 - 2013-10-09 15:00 - 100146679 _____ C:\Windows\System32\꘦㝋ᰴ¢
2013-10-02 14:29 - 2013-07-31 11:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-10-02 14:29 - 2013-07-31 11:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-10-02 14:29 - 2013-07-31 11:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-10-02 14:29 - 2013-07-31 10:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-10-02 14:29 - 2013-07-31 10:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-10-02 14:29 - 2013-07-31 10:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-10-02 14:29 - 2013-07-31 10:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-10-02 14:29 - 2013-07-31 10:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-10-02 14:29 - 2013-07-31 10:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-10-02 14:29 - 2013-07-31 10:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-10-02 14:29 - 2013-07-31 10:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-10-02 14:29 - 2013-07-31 10:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-10-02 14:29 - 2013-07-31 10:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-10-02 14:29 - 2013-07-31 10:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-10-02 14:29 - 2013-07-31 10:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-10-02 14:29 - 2013-07-31 10:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-10-02 14:03 - 2013-10-02 14:10 - 00000000 ____D C:\Windows\System32\MRT
2013-09-30 21:32 - 2013-09-30 21:32 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Avira
2013-09-30 21:07 - 2013-09-30 21:07 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-30 21:07 - 2013-09-30 21:07 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-30 21:06 - 2013-09-30 21:06 - 00000000 ____D C:\ProgramData\APN
2013-09-30 21:05 - 2013-10-21 20:33 - 00001852 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-30 21:04 - 2013-10-10 18:14 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-09-30 21:04 - 2013-10-10 18:14 - 00089376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-09-30 21:04 - 2013-10-10 18:14 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-09-30 21:04 - 2013-08-15 10:26 - 00028520 _____ (Avira GmbH) C:\Windows\System32\Drivers\ssmdrv.sys
2013-09-30 21:03 - 2013-10-21 19:54 - 00000000 ____D C:\ProgramData\Avira
2013-09-30 21:03 - 2013-09-30 21:03 - 00000000 ____D C:\Program Files\Avira
==================== One Month Modified Files and Folders =======
2013-10-30 08:52 - 2008-01-21 08:16 - 01444946 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-30 07:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\System32\LogFiles
2013-10-29 15:45 - 2013-10-29 15:45 - 00000000 ____D C:\FRST
2013-10-21 21:33 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-21 21:33 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-21 21:10 - 2013-10-09 16:09 - 00000000 ____D C:\Windows\pss
2013-10-21 20:37 - 2010-12-14 22:47 - 00325866 _____ C:\Windows\PFRO.log
2013-10-21 20:33 - 2013-09-30 21:05 - 00001852 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-21 19:54 - 2013-09-30 21:03 - 00000000 ____D C:\ProgramData\Avira
2013-10-21 19:14 - 2008-08-08 15:43 - 00007620 _____ C:\Users\Flo\AppData\Local\d3d9caps.dat
2013-10-21 18:50 - 2013-09-22 21:57 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-10 18:14 - 2013-09-30 21:04 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-10-10 18:14 - 2013-09-30 21:04 - 00089376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-10-10 18:14 - 2013-09-30 21:04 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-10-10 15:46 - 2013-10-10 15:46 - 100267706 _____ C:\Windows\System32\摒᯽ᰴ˜
2013-10-10 14:58 - 2011-03-01 22:04 - 00001027 _____ C:\Users\Flo\Desktop\Seagate Dashboard.lnk
2013-10-10 14:56 - 2008-08-05 18:55 - 00068096 _____ C:\Users\Flo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-09 16:09 - 2008-08-22 18:34 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-10-09 15:29 - 2008-02-15 18:04 - 00000000 ____D C:\Program Files\Google
2013-10-09 15:28 - 2008-08-04 16:28 - 00000000 ____D C:\Users\Flo\AppData\Local\Google
2013-10-09 15:12 - 2013-10-09 14:59 - 00000000 ____D C:\Users\Flo\Desktop\Luminox
2013-10-09 15:00 - 2013-10-03 21:32 - 100146679 _____ C:\Windows\System32\꘦㝋ᰴ¢
2013-10-09 15:00 - 2008-08-24 19:41 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Skype
2013-10-05 21:55 - 2008-08-04 16:05 - 01796984 _____ C:\Windows\WindowsUpdate.log
2013-10-02 16:24 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-02 16:14 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-10-02 15:56 - 2006-11-02 13:47 - 00460752 _____ C:\Windows\System32\FNTCACHE.DAT
2013-10-02 15:52 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\System32\XPSViewer
2013-10-02 15:52 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-02 15:52 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\System32\de-DE
2013-10-02 14:44 - 2008-02-26 14:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-02 14:10 - 2013-10-02 14:03 - 00000000 ____D C:\Windows\System32\MRT
2013-09-30 21:32 - 2013-09-30 21:32 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Avira
2013-09-30 21:07 - 2013-09-30 21:07 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-30 21:07 - 2013-09-30 21:07 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-30 21:06 - 2013-09-30 21:06 - 00000000 ____D C:\ProgramData\APN
2013-09-30 21:03 - 2013-09-30 21:03 - 00000000 ____D C:\Program Files\Avira
2013-09-30 19:58 - 2013-03-17 15:27 - 00000000 ____D C:\Users\Flo\Documents\Kontoauszüge
ZeroAccess:
C:\Windows\assembly\GAC\Desktop.ini
Files to move or delete:
====================
ZeroAccess:
C:\Users\Flo\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install
C:\Users\Flo\AppData\Roaming\cache.dat
Some content of TEMP:
====================
C:\Users\Flo\AppData\Local\Temp\AskSLib.dll
C:\Users\Flo\AppData\Local\Temp\avgnt.exe
C:\Users\Flo\AppData\Local\Temp\DivXSetup.exe
C:\Users\Flo\AppData\Local\Temp\h-1286168718.tmp.dll
C:\Users\Flo\AppData\Local\Temp\h-1987662720.tmp.exe
C:\Users\Flo\AppData\Local\Temp\h-218555463.tmp.exe
C:\Users\Flo\AppData\Local\Temp\h-666281693.tmp.exe
C:\Users\Flo\AppData\Local\Temp\h1029146361.tmp.exe
C:\Users\Flo\AppData\Local\Temp\h2053962218.tmp.exe
C:\Users\Flo\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Flo\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Flo\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Flo\AppData\Local\Temp\msimg32.dll
C:\Users\Flo\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Flo\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Flo\AppData\Local\Temp\Setup_UM_165.exe
C:\Users\Flo\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Flo\AppData\Local\Temp\vc8redist.exe
C:\Users\Flo\AppData\Local\Temp\~tmf3780541788549246657.dll
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
4
Restore point made on: 2013-10-02 13:27:47
Restore point made on: 2013-10-02 13:57:51
Restore point made on: 2013-10-05 21:53:50
Restore point made on: 2013-10-09 15:30:30
==================== Memory info ===========================
Percentage of memory in use: 13%
Total physical RAM: 4093.48 MB
Available physical RAM: 3549.04 MB
Total Pagefile: 3834.13 MB
Available Pagefile: 3672.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.45 MB
==================== Drives ================================
Drive c: (Vista) (Fixed) (Total:117.54 GB) (Free:7.62 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:232.89 GB) (Free:62.93 GB) NTFS
Drive e: (Data) (Fixed) (Total:113.88 GB) (Free:108.71 GB) NTFS
Drive f: (LRMCFRE_DE_DVD) (CDROM) (Total:0.14 GB) (Free:0 GB) UDF
Drive g: (WinRE) (Fixed) (Total:1.46 GB) (Free:1.24 GB) NTFS
Drive h: (Transcend) (Removable) (Total:7.35 GB) (Free:7.33 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 22741035)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=118 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=114 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 233 GB) (Disk ID: 68F4EF2A)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 7 GB) (Disk ID: 6F20736B)
No partition Table on disk 2.
Disk 2 is a removable device.
LastRegBack: 2013-10-21 21:19
==================== End Of Log ============================ --- --- --- |