|
WORM/VB.BV.4 --- odbcasvc.exe hi, ich habe zwar schon ein ähnliches Thema hier gefunden, aber es hat mir irgendwie nicht wirklich weitergeholfen... Ich bin mir auch nicht sicher den zu der speziellen Virenbezeichnung (WORM/VB.BV.4) gab es nix zu finden, halt nur unter "odbcasvc.exe". Verzeiht mir wenn es etwas darüber geben sollte. vll einfach verlinken. Danke... Habe gestern von einem Bekannten einige wav. files via USB-stick auf meinen Rechner gezogen und beim nächsten neustart spielte mein Antivir verrückt. Danach erzähle er mir im übrigen das er kein Virusprogramm auf seinem Rechner hat =) Es kamen mehrmals die Meldungen: Enthält Erkennungsmuster des Wurmes WORM/VB.BV.4 Quelle: C:\WINDOWS\system32\odbcasvc.exe und Enthält Erkennungsmuster des Wurmes WORM/VB.BV.4 Quelle: H:\Recycled\INFO.EXE (Laufwerk H = USB Stick) Ich habe seit dem Probleme im Arbeitsplatz. Ich kann keine Festplatten von da aus mehr öffnen indem ich direkt auf das Festplattensymbol drücke. kann man das Problem ohne Format C beheben?? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:32:58, on 30.09.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Programme\SyncroSoft\Pos\H2O\cledx.exe C:\WINDOWS\system32\DeltTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Rainlendar2\Rainlendar2.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\Bonjour\mDNSResponder.exe C:\WINDOWS\SYSTEM32\odbcasvc.EXE C:\WINDOWS\System32\TUProgSt.exe C:\Programme\Miranda IM\miranda32.exe C:\Programme\Internet Explorer\iexplore.exe C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe c:\programme\avira\antivir desktop\avcenter.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://w*w.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ht*p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = ht*p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ht*p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ht*p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [H2O] C:\Programme\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Rainlendar2] C:\Programme\Rainlendar2\Rainlendar2.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - ht*p://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - ht*p://lads.myspace.com/upload/MySpaceUploader2.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - ht*p://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ODBC Administration Service (odbcasvc) - Unknown owner - C:\WINDOWS\SYSTEM32\odbcasvc.EXE O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 5150 bytes Hoffe ihr könnt mir weiterhelfen... Vielen dank schonmal. lg |
Hallo und :hallo: Klicke auf "Für alle Neuen" in meiner Signatur, lies alles aufmerksam und arbeite die komplette Liste unter Punkt 2 ab. ciao, andreas |
hi hi =) ist sogar schon mein 2. post... hab ich schon... hab ich was falsch gemacht? habe dieses Malwareprogramm nicht geladen weils ja ein wurm ist.. oder lieg ich da falsch?` hier noch von dem anderen Program: Logfile of random's system information tool 1.06 (written by random/random) Run by Optimus Prime at 2009-09-30 17:24:16 Microsoft Windows XP Professional Service Pack 3 System drive C: has 36 GB (72%) free of 50 GB Total RAM: 3327 MB (81% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:24:23, on 30.09.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Programme\SyncroSoft\Pos\H2O\cledx.exe C:\WINDOWS\system32\DeltTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Rainlendar2\Rainlendar2.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\Bonjour\mDNSResponder.exe C:\WINDOWS\SYSTEM32\odbcasvc.EXE C:\WINDOWS\System32\TUProgSt.exe C:\Programme\Miranda IM\miranda32.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Yahoo!\Companion\Installs\cpn\ytbb.exe c:\programme\avira\antivir desktop\avcenter.exe C:\Programme\Internet Explorer\iexplore.exe C:\Dokumente und Einstellungen\Optimus Prime\Desktop\RSIT.exe C:\Programme\Trend Micro\HijackThis\Optimus Prime.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [H2O] C:\Programme\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Rainlendar2] C:\Programme\Rainlendar2\Rainlendar2.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ODBC Administration Service (odbcasvc) - Unknown owner - C:\WINDOWS\SYSTEM32\odbcasvc.EXE O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 5823 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\1-Klick-Wartung.job C:\WINDOWS\tasks\User_Feed_Synchronization-{F874206D-C7C7-444B-88BB-4907B79F8EFE}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] SingleInstance Class - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-05-01 86016] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272] "avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "H2O"=C:\Programme\SyncroSoft\Pos\H2O\cledx.exe [2005-10-23 385024] "DeltTray"=C:\WINDOWS\system32\DeltTray.exe [2004-08-26 56320] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Rainlendar2"=C:\Programme\Rainlendar2\Rainlendar2.exe [2009-02-21 4333568] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\Miranda IM\miranda32.exe"="C:\Programme\Miranda IM\miranda32.exe:*:Enabled:Miranda IM" "C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Programme\uTorrent\uTorrent.exe"="C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Dokumente und Einstellungen\Optimus Prime\Desktop\CryptLoad_1.1.6\RouterClient.exe"="C:\Dokumente und Einstellungen\Optimus Prime\Desktop\CryptLoad_1.1.6\RouterClient.exe:*:Enabled:RouterClient" "C:\Dokumente und Einstellungen\Optimus Prime\Desktop\CryptLoad_1.1.6\CryptLoad.exe"="C:\Dokumente und Einstellungen\Optimus Prime\Desktop\CryptLoad_1.1.6\CryptLoad.exe:*:Enabled:CryptLoad" "C:\Dokumente und Einstellungen\Optimus Prime\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Dokumente und Einstellungen\Optimus Prime\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56990a3c-5751-11de-b383-0023546ad63d}] shell\1\command - .\recycled\info.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\recycled\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59a9f0f8-ad35-11de-b466-0023546ad63d}] shell\1\command - .\recycled\info.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\recycled\info.exe ======File associations====== .reg - open - "regedit.exe" "%1" ======List of files/folders created in the last 1 months====== 2009-09-30 17:24:16 ----D---- C:\rsit 2009-09-30 16:43:07 ----D---- C:\Dokumente und Einstellungen\Optimus Prime\Anwendungsdaten\Yahoo! 2009-09-30 16:43:07 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Yahoo! Companion 2009-09-30 16:43:06 ----D---- C:\Programme\Yahoo! 2009-09-30 16:43:04 ----D---- C:\Programme\CCleaner 2009-09-30 16:32:45 ----D---- C:\Programme\Trend Micro 2009-09-29 22:32:18 ----RSHD---- C:\WINDOWS\system32\Recycled 2009-09-29 22:31:46 ----A---- C:\WINDOWS\system32\odbcasvc.exe 2009-09-29 22:31:45 ----A---- C:\WINDOWS\uda.exe 2009-09-16 22:10:14 ----D---- C:\Dokumente und Einstellungen\Optimus Prime\Anwendungsdaten\TeamViewer 2009-09-16 08:45:06 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee Security Scan 2009-09-16 08:44:38 ----D---- C:\Programme\NOS 2009-09-16 08:44:38 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NOS ======List of files/folders modified in the last 1 months====== 2009-09-30 17:24:14 ----D---- C:\WINDOWS\Prefetch 2009-09-30 16:56:10 ----D---- C:\WINDOWS\Temp 2009-09-30 16:56:10 ----D---- C:\WINDOWS\Debug 2009-09-30 16:56:10 ----D---- C:\WINDOWS 2009-09-30 16:43:06 ----RD---- C:\Programme 2009-09-30 16:16:43 ----D---- C:\WINDOWS\system32\CatRoot2 2009-09-30 09:06:49 ----N---- C:\WINDOWS\SchedLgU.Txt 2009-09-29 23:49:11 ----A---- C:\WINDOWS\winamp.ini 2009-09-29 22:32:18 ----D---- C:\WINDOWS\system32 2009-09-29 22:31:47 ----D---- C:\WINDOWS\Microsoft.NET 2009-09-29 22:31:29 ----A---- C:\WINDOWS\win.ini 2009-09-29 13:40:15 ----D---- C:\Programme\Mozilla Firefox 2009-09-22 13:06:56 ----D---- C:\Dokumente und Einstellungen\Optimus Prime\Anwendungsdaten\vlc 2009-09-18 14:48:48 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-09-17 21:06:58 ----D---- C:\Dokumente und Einstellungen\Optimus Prime\Anwendungsdaten\Adobe 2009-09-10 00:54:08 ----HD---- C:\WINDOWS\inf ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244] R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-06 55656] R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792] R3 DELTA;Service for Delta Driver (WDM); C:\WINDOWS\system32\DRIVERS\delta.sys [2004-09-10 291456] R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 MIDUSB;Driver for MidiStuio-2; C:\WINDOWS\System32\Drivers\mstud-2drv.sys [2005-11-04 17920] R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288] R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-07-01 108800] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] S3 a174kyt5;a174kyt5; C:\WINDOWS\system32\drivers\a174kyt5.sys [] S3 DELTAII;Service for M-Audio Delta Driver (WDM); C:\WINDOWS\system32\DRIVERS\deltaII.sys [] S3 MagixASIODrv;MAGIX_ASIO_BoostDriver; \??\E:\Music Programme\samplitude 9\mxasio.sys [] S3 MusCAudio;MusCAudio; C:\WINDOWS\system32\drivers\MusCAudio.sys [2009-05-28 23096] S3 MusCVideo;MusCVideo; C:\WINDOWS\system32\DRIVERS\MusCVideo.sys [2009-05-28 3768] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-08-06 185089] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Programme\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-05-01 168004] R2 odbcasvc;ODBC Administration Service; C:\WINDOWS\SYSTEM32\odbcasvc.EXE [2006-11-23 93612] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-07-02 604416] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912] R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 Adobe LM Service;Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-05-28 72704] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-28 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864] S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256] S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-07-02 361216] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880] -----------------EOF----------------- alles ok? |
info.txt logfile of random's system information tool 1.06 2009-09-30 17:24:23 ======Uninstall list====== Drums Overkill-->E:\MUSICP~1\BESTSE~1\DRUMSO~1\UNWISE.EXE E:\MUSICP~1\BESTSE~1\DRUMSO~1\INSTALL.LOG -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Audition 3.0-->msiexec /I {53C141BA-4F9E-43FB-B4F9-0C01BB716FA8} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Programme\NOS\bin\getPlus_Helper.dll",Uninstall /Get1 Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS3-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\5f143314a5d434c8511097393d17397\Setup.exe Adobe Photoshop CS3-->MsiExec.exe /I{29F05234-DCBB-4FE0-88DC-5160C9250312} Adobe Reader 9.1.3 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A91000000001} Adobe Setup-->MsiExec.exe /I{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C} Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} Antares Auto-Tune v4.39-->E:\MUSICP~1\ANTARE~1\AUTO-T~1\AIRLOG~1\AT4\UNWISE.EXE E:\MUSICP~1\ANTARE~1\AUTO-T~1\AIRLOG~1\AT4\INSTALL.LOG Antares Autotune VST RTAS TDM v5.08-->"C:\Programme\Antares Audio Technologies\unins000.exe" Applied Accoustics String Studio VS 1 VST DX v1.0-->E:\MUSICP~1\APPLIE~1\STRING~1.0\UNWISE.EXE E:\MUSICP~1\APPLIE~1\STRING~1.0\INSTALL.LOG Applied Accoustics UltraAnalog VA-1 v1.01-->E:\MUSICP~1\APPLIE~1\ULTRAA~1.0\UNWISE.EXE E:\MUSICP~1\APPLIE~1\ULTRAA~1.0\INSTALL.LOG Applied Acoustics Lounge Lizard EP VSTi DXi v3.0-->E:\MUSICP~1\APPLIE~1\LOUNGE~1.0\UNWISE.EXE E:\MUSICP~1\APPLIE~1\LOUNGE~1.0\INSTALL.LOG Applied Acoustics Systems - Strum Acoustic GS-1 v1.0-->E:\Music Programme\Applied Acoustic Systems\Strum Acoustic GS-1\Uninstall.exe Applied Acoustics Systems - Strum Electric GS-1 v1.0-->E:\Music Programme\Applied Acoustic Systems\Strum Electric GS-1\Uninstall.exe Arturia Minimoog V v1.0-->E:\MUSICP~1\Arturia\MINIMO~1\UNWISE.EXE E:\MUSICP~1\Arturia\MINIMO~1\INSTALL.LOG ASIO4ALL-->E:\Music Programme\ASIO4ALL v2\uninstall.exe Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE Best Service Artist Drums-->E:\MUSICP~1\BESTSE~1\ARTIST~1\UNWISE.EXE E:\MUSICP~1\BESTSE~1\ARTIST~1\INSTALL.LOG Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi REPACK-->E:\MUSICP~1\Cakewalk\Z3TA_~1\UNWISE.EXE E:\MUSICP~1\Cakewalk\Z3TA_~1\INSTALL.LOG CCleaner (remove only)-->"C:\Programme\CCleaner\uninst.exe" CDXtract 4.5-->C:\Programme\CDXTRACT4\unins000.exe CM Vocoder-->C:\Programme\CM Vocoder\uninstall.exe ConvertHelper 2.2-->"C:\Programme\ConvertHelper\unins000.exe" CS-80V 1.6-->"E:\Music Programme\Arturia\CS-80V\unins000.exe" Delta-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A4810699-E859-43A6-8F40-1743873E72AB}\setup.exe" -l0x9 Dimension Pro-->"E:\Music Programme\Cakewalk\Dimension Pro\unins000.exe" DivX Codec-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Programme\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Programme\DivX\DivXWebPlayerUninstall.exe /PLUGIN DSP/FX v6.003-->C:\WINDOWS\UnDsp.exe East West EWQLSO Silver Edition-->E:\MUSICP~1\EASTWE~1\EWQLSO~1\UNWISE.EXE E:\MUSICP~1\EASTWE~1\EWQLSO~1\INSTALL.LOG Edirol HQ Orchestral VSTi v1.03-->E:\MUSICP~1\Edirol\ORCHES~1.03\UNWISE.EXE E:\MUSICP~1\Edirol\ORCHES~1.03\INSTALL.LOG Edirol Hyper Canvas v1.53-->E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\Edirol\EDIROL~1\UNWISE.EXE E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\Edirol\EDIROL~1\INSTALL.LOG Edirol Super Quartet v1.52 TALiO-->E:\MUSICP~1\Edirol\SUPERQ~1.52\UNWISE.EXE E:\MUSICP~1\Edirol\SUPERQ~1.52\INSTALL.LOG Emagic Logic Audio Platinum 5.5.1-->E:\MUSICP~1\LOGICA~1.01\UNWISE.EXE E:\MUSICP~1\LOGICA~1.01\INSTALL.LOG FL Studio 8-->E:\Music Programme\Image-Line\FL Studio 8\uninstall.exe Futureaudioworkshop Circle VSTi RTAS v1.02-->"C:\Programme\FAW\Circle\Uninstall\unins000.exe" GFORCE_SOFTWARE_MINIMONSTA_RTAS_VSTi_v1.06-PLZ-->E:\MUSICP~1\GFORCE~1\MINIMO~1\UNWISE.EXE E:\MUSICP~1\GFORCE~1\MINIMO~1\INSTALL.LOG G-sonique Alien303 VSTi-->E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\G-SONI~1\Alien303\UNINST~1\UNWISE.EXE E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\G-SONI~1\Alien303\UNINST~1\INSTALL.LOG G-Sonique Dubmaster Liquid Delay VST 1.0-->"C:\Programme\G-Sonique\Uninstall\unins000.exe" G-sonique Pultronic EQ-110P VST 1.0-->"C:\Programme\G-Sonique\Uninstall\unins001.exe" G-sonique Renegade VSTi-->E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\G-SONI~1\Renegade\UNINST~1\UNWISE.EXE E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\G-SONI~1\Renegade\UNINST~1\INSTALL.LOG G-Sonique XBass 4000 Analog Bass Saturation VST 1.0-->"C:\Programme\G-Sonique\Uninstall\unins002.exe" HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall IL Download Manager-->C:\Programme\Image-Line\Downloader\uninstall.exe Image Line ToxicIII v1.41 VSTi-->E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\IMAGE-~1\UNWISE.EXE E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\IMAGE-~1\INSTALL.LOG Image-Line PoiZone v2.1-->C:\PROGRA~1\IMAGE-~1\PoiZone\UNINST~1\UNWISE.EXE C:\PROGRA~1\IMAGE-~1\PoiZone\UNINST~1\INSTALL.LOG ImgBurn-->"C:\Programme\ImgBurn\uninstall.exe" Infineon USB driver 1.0.0.6-->"C:\Programme\infineon\FlashUtility\drivers\Infineon USB driver\V1.0.0.6\unins000.exe" Kjaerhus Audio Golden Audio Channel GAC-1 v1.03 VST-->E:\MUSICP~1\KJAERH~1\GAC-1\UNWISE.EXE E:\MUSICP~1\KJAERH~1\GAC-1\INSTALL.LOG Kjaerhus Audio Golden Audio Gate GAG-1 v1.01 VST-->E:\MUSICP~1\KJAERH~1\GAG-1\UNWISE.EXE E:\MUSICP~1\KJAERH~1\GAG-1\INSTALL.LOG Kjaerhus Audio Golden Compressor GCO-1 v1.12 VST-->E:\MUSICP~1\KJAERH~1\GCO-1\UNWISE.EXE E:\MUSICP~1\KJAERH~1\GCO-1\INSTALL.LOG Kjaerhus Audio Golden Modulator GMO-1 v1.21 VST-->E:\MUSICP~1\KJAERH~1\GMO-1\UNWISE.EXE E:\MUSICP~1\KJAERH~1\GMO-1\INSTALL.LOG Kjaerhus Audio Golden Peak-Pressor GPP-1 v1.11 VST-->E:\MUSICP~1\KJAERH~1\GPP-1\UNWISE.EXE E:\MUSICP~1\KJAERH~1\GPP-1\INSTALL.LOG Kjaerhus Audio Golden Uni-Pressor GUP-1 v1.02 VST-->E:\MUSICP~1\KJAERH~1\GUP-1\UNWISE.EXE E:\MUSICP~1\KJAERH~1\GUP-1\INSTALL.LOG Kjaerhus Audio MPL-1 v1.02 VST-->E:\MUSICP~1\KJAERH~1\MPL-1\UNWISE.EXE E:\MUSICP~1\KJAERH~1\MPL-1\INSTALL.LOG Kjaerhus Audio Spectra v1.10 VSTi-->E:\MUSICP~1\KJAERH~1\Spectra\UNWISE.EXE E:\MUSICP~1\KJAERH~1\Spectra\INSTALL.LOG Korg Legacy Collection v1.0.0.2-->E:\MUSICP~1\KORG\KORGLE~1\UNWISE.EXE E:\MUSICP~1\KORG\KORGLE~1\INSTALL.LOG LG USB Modem driver-->"C:\Programme\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -runfromtemp -l0x0007LG -removeonly LinPlug SaxLab-->E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\Saxlab 1.4\UninstalSaxLab.exe Live 8.0.4-->E:\MUSICP~1\Ableton\LIVE80~1.4\Install\UNWISE.EXE E:\MUSICP~1\Ableton\LIVE80~1.4\Install\INSTALL.LOG LUXONIX Purity VSTi v1.03-->"E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\Luxonix\Uninstall\unins000.exe" LUXONIX ravity-->"C:\WINDOWS\IFinst27.exe" -UE:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\Luxonix\IFU82.inf Melodyne 3.1-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}\setup.exe" -l0x9 -removeonly Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU-->MsiExec.exe /I{9309DD7E-EBFE-3C95-8B47-30D3A012F606} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU-->MsiExec.exe /I{A1071AEB-B0EF-3F5F-BC84-83A270EBE496} Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783} Microsoft .NET Framework 3.5 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - deu\setup.exe Microsoft .NET Framework 3.5 Language Pack - deu-->MsiExec.exe /I{1545207E-C6F3-31D7-9918-BDBB65075FBF} Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Miranda IM 0.8.7-->C:\Programme\Miranda IM\Uninstall.exe Morphine-->E:\Music Programme\Image-Line\Morphine\uninstall.exe Mozilla Firefox (3.0.14)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe MP4 MP3 Converter 3.1 build 827-->C:\Programme\HooTech\MP4_MP3\uninst.exe MusicLab RealGuitar 2.0-->"E:\Music Programme\MusicLab\RealGuitar2\Uninstall.exe" "E:\Music Programme\MusicLab\RealGuitar2\install.log" Native Instruments Guitar Combos DXi RTAS VST v1.0.0.009-->E:\MUSICP~1\NATIVE~1\GUITAR~1\UNWISE.EXE E:\MUSICP~1\NATIVE~1\GUITAR~1\INSTALL.LOG Native Instruments Pro-53-->E:\MUSICP~1\NATIVE~1\Pro-53\UNWISE.EXE E:\MUSICP~1\NATIVE~1\Pro-53\INSTALL.LOG Native Instruments Vokator-->E:\MUSICP~1\NATIVE~1\Vokator\UNWISE.EXE E:\MUSICP~1\NATIVE~1\Vokator\INSTALL.LOG NomadFactory Blue Tubes Analog TrackBox VST RTAS v1.3-->"C:\Programme\Nomad Factory\Blue Tubes Analog TrackBox\Uninstall\unins000.exe" NomadFactory Blue Tubes Dynamics Pack VST RTAS v3.2-->"C:\Programme\Nomad Factory\Blue Tubes Dynamics Pack\Uninstall\unins000.exe" NomadFactory Blue Tubes Effects Pack VST RTAS v3.2-->"C:\Programme\Nomad Factory\Blue Tubes Effects Pack\Uninstall\unins000.exe" NomadFactory Blue Tubes Equalizers Pack VST RTAS v3.2-->"C:\Programme\Nomad Factory\Blue Tubes Equalizers Pack\Uninstall\unins000.exe" NomadFactory BlueVerb DRV-2080 VST RTAS v1.4-->"C:\Programme\Nomad Factory\BlueVerb DRV-2080\Uninstall\unins000.exe" NomadFactory Essential Studio Suite VST RTAS v1.5-->"C:\Programme\Nomad Factory\Essential Studio Suite\Uninstall\unins000.exe" NomadFactory Limiting Amplifier LM-662 VST RTAS v1.3-->"C:\Programme\Nomad Factory\Limiting Amplifier LM-662\Uninstall\unins000.exe" NomadFactory Liquid Bundle VST RTAS v2.4-->"C:\Programme\Nomad Factory\Liquid Bundle\Uninstall\unins000.exe" NomadFactory Program Equalizer EQP-4 VST RTAS v1.3-->"C:\Programme\Nomad Factory\Program Equalizer EQP-4\Uninstall\unins000.exe" NomadFactory Retrology M-Tone EQ VST RTAS v1.0-->"C:\Programme\Nomad Factory\Uninstall\unins000.exe" NomadFactory Rock Amp Legends VST RTAS v1.5-->"C:\Programme\Nomad Factory\Rock Amp Legends\Uninstall\unins000.exe" NomadFactory Studio Channel SC-226 VST RTAS v1.3-->"C:\Programme\Nomad Factory\Studio Channel SC-226\Uninstall\unins000.exe" NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI Ohm Force - Symptohm VST2-->C:\WINDOWS\unvise32.exe E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\Ohmforce\Ohm Force\Symptohm VST2\uninstal.log OrangeVocoder VST 2.02-->C:\WINDOWS\iun6002.exe "E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\Vocoder\OrangeVocoder VST\irunin.ini" PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} PoiZone-->C:\Programme\Image-Line\PoiZone\uninstall.exe PROSONIQ Timefactory II-->C:\WINDOWS\uninst.exe -f"e:\music programme\PROSONIQ PRODUCTS SOFTWARE\PROSONIQ Timefactory II\DeIsL1.isu" -c"e:\music programme\PROSONIQ PRODUCTS SOFTWARE\PROSONIQ Timefactory II\_ISREG32.DLL" Rainlendar2 (remove only)-->"C:\Programme\Rainlendar2\uninst.exe" Rapture 1.1-->"E:\Music Programme\Cakewalk\Rapture\unins000.exe" RAR Password Cracker 4.12-->C:\Programme\RAR Password Cracker\uninstall.exe RealStrat 1.0-->"E:\Music Programme\MusicLab\RealStrat\Uninstall.exe" "E:\Music Programme\MusicLab\RealStrat\install.log" -u REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Programme\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.exe -runfromtemp -l0x0007 -removeonly reFX Nexus 1.3.0-->"E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\ReFx\Nexus\unins000.exe" ReFX PlastiCZ VSTi v1.02-->E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\ReFx\UNWISE.EXE E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\ReFx\INSTALL.LOG reFX quadraSID 1.6.0-->"E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\ReFx\unins001.exe" reFX Vanguard 1.7.2-->"E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\ReFx\unins000.exe" Rob Papen Albino 3-->E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\Rob Papen\UninstalAlbino3.exe Rob Papen BLUE Version 1.6.3b-->"E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\Rob Papen\unins001.exe" Rob Papen Predator V1.1.0-->"E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\Rob Papen\unins000.exe" Robotronic-->E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\Vocoder\SUGARB~1\ROBOTR~1\UNWISE.EXE E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\Vocoder\SUGARB~1\ROBOTR~1\INSTALL.LOG SampleTank 2.5-->C:\Programme\InstallShield Installation Information\{6559654F-2F38-491F-8411-211517C3E635}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly Samplitude SE No.9 9.1.1.1 (US)-->E:\Music Programme\samplitude 9\instslct.exe Sonalksis Plug-Ins for Windows 1.28-->"C:\WINDOWS\unins000.exe" Sonicism Vocoder DX v1.0.2 Build 1-->E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\Vocoder\SONICI~1.2BU\UNWISE.EXE E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\Vocoder\SONICI~1.2BU\INSTALL.LOG Sonik Synth 2-->E:\MUSICP~1\IKMULT~1\SONIKS~1\UNWISE.EXE E:\MUSICP~1\IKMULT~1\SONIKS~1\INSTALL.LOG Steinberg Cubase SX v3.1.1.944-->E:\MUSICP~1\STEINB~1\CUBASE~1\UNWISE.EXE E:\MUSICP~1\STEINB~1\CUBASE~1\INSTALL.LOG Studio Instruments 1.0-->"C:\Programme\Cakewalk\Studio Instruments\unins000.exe" SUPER © Version 2009.bld.36 (June 10, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0 SyncroSoft Emu (Remove only)-->C:\Programme\SyncroSoft\Pos\H2O\Uninst.exe Syncrosofts Lizenz Kontrolle-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG Tassman 4.0-->E:\MUSICP~1\APPLIE~1\TASSMA~1.0\UNWISE.EXE E:\MUSICP~1\APPLIE~1\TASSMA~1.0\INSTALL.LOG TC Native Bundle v3.1-->E:\MUSICP~1\TCWorks\UNINST~1\UNWISE.EXE E:\MUSICP~1\TCWorks\UNINST~1\INSTALL.LOG timeworks Delay 6022 - OxYGeN-->E:\MUSICP~1\TIMEWO~1\DELAY6~1\UNWISE.EXE E:\MUSICP~1\TIMEWO~1\DELAY6~1\INSTALL.LOG Timeworks Millenium Pack-->E:\MUSICP~1\TIMEWO~1\UNWISE.EXE E:\MUSICP~1\TIMEWO~1\INSTALL.LOG timeworks Reverb 4080L-->C:\WINDOWS\IsUninst.exe -f"e:\music programme\timeworks\Reverb 4080L\Uninst.isu" Toxic Biohazard-->C:\Programme\Image-Line\Toxic Biohazard\uninstall.exe T-RackS 3 Deluxe-->C:\Programme\InstallShield Installation Information\{423C4130-EBC3-410A-B3A0-37BBF9D607D5}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly TrancerOne Vers. 1.0-->"E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\TrancerOne\unins000.exe" TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357} Ultra focus-->C:\WINDOWS\unvise32.exe C:\Programme\uninstal.log URS Classic Console Strip Pro VST RTAS v1.0-->"C:\Programme\URS Plugins\Uninstall\unins000.exe" VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} VLC media player 1.0.0-->C:\Programme\VideoLAN\VLC\uninstall.exe Waldorf.D-Coder.v1.0.VSTi.for.TC.Powercore-->E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\Vocoder\WALDOR~1\UNWISE.EXE E:\MUSICP~1\LOGICA~1.01\VSTPLU~1\Vocoder\WALDOR~1\INSTALL.LOG Waves Diamond Bundle v5.2-->E:\MUSICP~1\Waves\DIAMON~1\UNWISE.EXE E:\MUSICP~1\Waves\DIAMON~1\INSTALL.LOG Waves SSL Collection v1.2-->E:\MUSICP~1\WAVESS~1\AIRLOG~1\WAVESS~1.2\UNWISE.EXE E:\MUSICP~1\WAVESS~1\AIRLOG~1\WAVESS~1.2\INSTALL.LOG Way Out Ware TimewARP2600 v1.15-->E:\MUSICP~1\WAYOUT~1\TIMEWA~1\UNINST~1\UNWISE.EXE E:\MUSICP~1\WAYOUT~1\TIMEWA~1\UNINST~1\INSTALL.LOG Winamp (remove only)-->"C:\Programme\Winamp\UninstWA.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows-Treiberpaket - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\flashusb_EFF3D5DA9EC1B1A0EA5C0ADDFE5BC5354287B32D\flashusb.inf WinRAR-->C:\Programme\WinRAR\uninstall.exe XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: NOORG-D6D73C2FC Event Code: 7036 Message: Dienst "Windows CardSpace" befindet sich jetzt im Status "Ausgeführt". Record Number: 8515 Source Name: Service Control Manager Time Written: 20090817195218.000000+120 Event Type: Informationen User: Computer Name: NOORG-D6D73C2FC Event Code: 7035 Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "Windows CardSpace" gesendet. Record Number: 8514 Source Name: Service Control Manager Time Written: 20090817195218.000000+120 Event Type: Informationen User: NOORG-D6D73C2FC\Optimus Prime Computer Name: NOORG-D6D73C2FC Event Code: 26 Message: Anwendungspopup: Windows - Datenverlust beim Schreiben: Es konnten nicht alle Daten für die Datei H: gespeichert werden. Die Daten gingen verloren. Mögliche Ursache könnten Computerhardware oder Netzwerkverbindungen sein. Versuchen Sie, die Dateien woanders zu speichern. Record Number: 8513 Source Name: Application Popup Time Written: 20090817171716.000000+120 Event Type: Informationen User: Computer Name: NOORG-D6D73C2FC Event Code: 50 Message: {Datenverlust beim Schreiben} Nicht alle Daten für Datei "" wurden gespeichert. Die Daten gingen verloren. Mögliche Ursachen sind Computerhardware oder die Netzwerkverbindung. Geben Sie einen anderen Dateipfad an. Record Number: 8512 Source Name: Fastfat Time Written: 20090817171716.000000+120 Event Type: Warnung User: Computer Name: NOORG-D6D73C2FC Event Code: 7036 Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Beendet". Record Number: 8511 Source Name: Service Control Manager Time Written: 20090817171512.000000+120 Event Type: Informationen User: =====Application event log===== Computer Name: NOORG-D6D73C2FC Event Code: 100 Message: wuauclt (3592) Das Datenbankmodul 5.01.2600.5512 ist gestartet. Record Number: 653 Source Name: ESENT Time Written: 20090617224830.000000+120 Event Type: Informationen User: Computer Name: NOORG-D6D73C2FC Event Code: 4113 Message: AntiVir erkannte in der Datei E:\Music Programme\Logic 5.5\Xskey.dll verdächtigen Code mit der Bezeichnung 'HEUR/Crypted'! Record Number: 652 Source Name: Avira AntiVir Time Written: 20090617224830.000000+120 Event Type: Warnung User: NT-AUTORITÄT\SYSTEM Computer Name: NOORG-D6D73C2FC Event Code: 4113 Message: AntiVir erkannte in der Datei E:\Music Programme\Logic 5.5\Xskey.dll verdächtigen Code mit der Bezeichnung 'HEUR/Crypted'! Record Number: 651 Source Name: Avira AntiVir Time Written: 20090617224827.000000+120 Event Type: Warnung User: NT-AUTORITÄT\SYSTEM Computer Name: NOORG-D6D73C2FC Event Code: 4096 Message: Der AntiVir Dienst wurde erfolgreich gestartet! Record Number: 650 Source Name: Avira AntiVir Time Written: 20090617224746.000000+120 Event Type: Informationen User: NT-AUTORITÄT\SYSTEM Computer Name: NOORG-D6D73C2FC Event Code: 1800 Message: Der Windows-Sicherheitscenterdienst wurde gestartet. Record Number: 649 Source Name: SecurityCenter Time Written: 20090617224745.000000+120 Event Type: Informationen User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Gemeinsame Dateien\DivX Shared\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=1707 "NUMBER_OF_PROCESSORS"=4 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- |
Zitat:
Zitat:
1.) Start => Ausführen => cmd (eintippeln) => OK Code: sc stop odbcasvc [Enter]ciao, andreas |
Ja hab halt nicht so gründlich gelesen=) ok habe 1. erledigt und danach den Malwaretest gemacht. hier der log: Malwarebytes' Anti-Malware 1.41 Datenbank Version: 2877 Windows 5.1.2600 Service Pack 3 30.09.2009 17:51:56 mbam-log-2009-09-30 (17-51-50).txt Scan-Methode: Quick-Scan Durchsuchte Objekte: 89341 Laufzeit: 2 minute(s), 31 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 2 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 2 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\odbcasvc (Malware.Packer) -> No action taken. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\WINDOWS\system32\odbcasvc.exe (Malware.Packer) -> No action taken. ps beim scan ist der gleiche Virus wieder aufgepopt. Also bei Antivir... gruß |
Du musst bei Malwarebytes auch alles Löschen lassen (so wie es in der Anleitung steht), ausserdem solltest du einen vollständigen Scan machen (so wie es in der Anleitung steht). Also gleich nocheinmal. :) ciao, andreas |
:twak: bin dabei! |
Nicht so dolle, tut doch weh. :D Fünf Minuten warte ich noch. ciao, andreas |
so das hat er mich ausgespuckt (sry war mal knapp 1000GB die er durchsuchen muste =)): Malwarebytes' Anti-Malware 1.41 Datenbank Version: 2877 Windows 5.1.2600 Service Pack 3 30.09.2009 18:48:09 mbam-log-2009-09-30 (18-48-09).txt Scan-Methode: Vollständiger Scan (C:\|E:\|F:\|) Durchsuchte Objekte: 351486 Laufzeit: 38 minute(s), 28 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 2 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 2 Infizierte Verzeichnisse: 0 Infizierte Dateien: 17 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\odbcasvc (Malware.Packer) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Dokumente und Einstellungen\Optimus Prime\Desktop\CryptLoad_1.1.6\router\FRITZ!Box\nc.exe (PUP.KeyLogger) -> Quarantined and deleted successfully. C:\WINDOWS\system32\odbcasvc.exe (Malware.Packer) -> Quarantined and deleted successfully. C:\WINDOWS\system32\Recycled\INFO.EXE (Malware.Packer) -> Quarantined and deleted successfully. E:\Music Programme\Applied Acoustic Systems\Lounge Lizard 3.0\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully. E:\Music Programme\Applied Acoustic Systems\String Studio 1.0\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully. E:\Music Programme\Applied Acoustic Systems\Tassman 4.0\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully. E:\Music Programme\Applied Acoustic Systems\Ultra Analog 1.0\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully. E:\Music Programme\Arturia\minimoog V\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully. E:\Music Programme\KORG\KORG Legacy\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully. E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\Edirol\Edirol Hyper Canvas Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully. E:\Music Programme\Logic Audio Platinum 5.01\VstPlugIns\ReFx\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully. E:\Music Programme\Steinberg\Cubase SX 3\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully. E:\Music Programme\TCWorks\Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully. E:\Music Programme\Waves\DiamondUninstall\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully. E:\Recycled\INFO.EXE (Malware.Packer) -> Quarantined and deleted successfully. E:\System Volume Information\_restore{848F949F-D61E-4087-B916-A3D122C3BFAC}\RP54\A0008868.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully. F:\Recycled\INFO.EXE (Malware.Packer) -> Quarantined and deleted successfully. lg |
Das sieht doch gleich viel besser aus. :) Kannst du wieder auf alle Laufwerke zugreifen? ciao, andreas |
C geht normal.. wenn ich auf E gehe kommt das Fenster wo ich aussuchen kann mit welchem programm ich öffnen will... Und F ist zugriff verweigert! =( |
Solltest du noch irgendetwas mit dem Computer verbinden, wie Memorysticks, Speicherkarten, Digitalkameras, Handy, externe Laufwerke, ... dann stecke vor dem Scan alles an. ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
http://saved.im/mtm0nzyzmzd5/cofi.jpg
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!ciao, andreas |
ok werde ich mal probieren..Ich danke dir erstmal werde es heute nicht mehr schaffen. Setze mich morgen gleich ran! Dank dir vielmals nochmal! lg drück die daumen das es morgen weg is =) |
Ganz wichtig: Auch den verseuchten USB-Stick anstecken, sonst kannst du dich sofort wieder infizieren. Und dein Freund soll dasgleiche mit seinem Rechner machen, sonst wird er auch weiterhin eine Virenschleuder bleiben. ciao, andreas |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 11:23 Uhr. |
Copyright ©2000-2025, Trojaner-Board