Antworten / Aufrufe | Themen mit dem Stichwort verifier | |
---|---|---|
3 Antworten 25734 Aufrufe |
Windows Explorer stürzt permanent ab - ntdll.dll das Problem? | |
7 Antworten 6391 Aufrufe |
Bluescreen bei Vista 32 Begonnen von HILTI
02. Juni 2009, 09:23:34 Habe seit ein paar wochen ab und zu einen Bluesceen nur ich weiß nicht wieso Amd Phenom 9500 Quad Core 2.2 Ram 2GB MSI BOard Gforce 8600 GT Fehler : Problemsignatur: Problemereignisname: BlueScreen Betriebsystemversion: 6.0.6002.2.2.0.256.1 Gebietsschema-ID: 1031 Zusatzinformationen zum Problem: BCCode: 1000007e BCP1: C0000005 BCP2: 20646156 BCP3: 8719BBC0 BCP4: 8719B8BC OS Version: 6_0_6002 Service Pack: 2_0 Product: 256_1 Dateien, die bei der Beschreibung des Problems hilfreich sind: C:\Windows\Minidump\Mini060209-01.dmp C:\Users\Hilbert\AppData\Local\Temp\WER-158781-0.sysdata.xml C:\Users\Hilbert\AppData\Local\Temp\WER7C1.tmp.version.txt VIelleicht weiß einer von euch was er bedeutet. VIelen dank im vorraus ------------- hab die dump datei ausgewertet viuelleicht könnt ihr damit was anfangen. Microsoft (R) Windows Debugger Version 6.11.0001.404 X86 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Windows\Minidump\Mini060209-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: „SRV*c:\windows\symbols*http://msdl.microsoft.com/download/symbols“ Executable search path is: Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntkrnlpa.exe *** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (4 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Machine Name: Kernel base = 0x81e37000 PsLoadedModuleList = 0x81f4ec70 Debug session time: Mon Jun 1 22:50:53.677 2009 (GMT+2) System Uptime: 0 days 2:18:50.468 Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntkrnlpa.exe *** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe Loading Kernel Symbols ............................................................... ................................................................ ....................... Loading User Symbols Loading unloaded module list .......... Unable to load image \SystemRoot\system32\DRIVERS\nvlddmkm.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for nvlddmkm.sys *** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 1000007E, {c0000005, 20646156, 8719bbc0, 8719b8bc} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* Probably caused by : nvlddmkm.sys ( nvlddmkm+4b4090 ) Followup: MachineOwner --------- 0: kd> „!analyze -v“ ^ Syntax error in '„!analyze -v“' 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e) This is a very common bugcheck. Usually the exception address pinpoints the driver/function that caused the problem. Always note this address as well as the link date of the driver/image that contains this address. Some common problems are exception code 0x80000003. This means a hard coded breakpoint or assertion was hit, but this system was booted /NODEBUG. This is not supposed to happen as developers should never have hardcoded breakpoints in retail code, but ... If this happens, make sure a debugger gets connected, and the system is booted /DEBUG. This will let us see why this breakpoint is happening. Arguments: Arg1: c0000005, The exception code that was not handled Arg2: 20646156, The address that the exception occurred at Arg3: 8719bbc0, Exception Record Address Arg4: 8719b8bc, Context Record Address Debugging Details: ------------------ ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ADDITIONAL_DEBUG_TEXT: Use '!findthebuild' command to search for the target build information. If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols. FAULTING_MODULE: 81e37000 nt DEBUG_FLR_IMAGE_TIMESTAMP: 49fa9243 EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Die Anweisung in 0x%08lx verweist auf Speicher 0x%08lx. Der Vorgang %s konnte nicht im Speicher durchgef hrt werden. FAULTING_IP: +3eefe 20646156 ?? ??? EXCEPTION_RECORD: 8719bbc0 -- (.exr 0xffffffff8719bbc0) ExceptionAddress: 20646156 ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000008 Parameter[1]: 20646156 Attempt to execute non-executable address 20646156 CONTEXT: 8719b8bc -- (.cxr 0xffffffff8719b8bc) eax=8719bca4 ebx=93881750 ecx=20646156 edx=8eabe070 esi=00000000 edi=93872ab0 eip=20646156 esp=8719bc88 ebp=8719bca8 iopl=0 nv up ei pl zr na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246 20646156 ?? ??? Resetting default scope CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0x7E CURRENT_IRQL: 0 LAST_CONTROL_TRANSFER: from 8eabe090 to 20646156 STACK_TEXT: WARNING: Frame IP not in any known module. Following frames may be wrong. 8719bc84 8eabe090 93881750 93872ab0 8719bca4 0x20646156 8719bca8 8e79ca1e 93881750 93872ab0 8719bcd8 nvlddmkm+0x4b4090 8719bd08 8e79d2c0 84de4730 81f3913c 8719bd2c nvlddmkm+0x192a1e 8719bd18 8e704803 00000000 98856b70 85b4ef38 nvlddmkm+0x1932c0 8719bd2c 8204486f 85b4ef38 84de4730 846fd8b0 nvlddmkm+0xfa803 8719bd44 81edce22 846fd8b0 00000000 83993d78 nt+0x20d86f 8719bd7c 8200cc42 846fd8b0 9e36b428 00000000 nt+0xa5e22 8719bdc0 81e75efe 81edcd25 00000001 00000000 nt+0x1d5c42 00000000 00000000 00000000 00000000 00000000 nt+0x3eefe FOLLOWUP_IP: nvlddmkm+4b4090 8eabe090 85c0 test eax,eax SYMBOL_STACK_INDEX: 1 SYMBOL_NAME: nvlddmkm+4b4090 FOLLOWUP_NAME: MachineOwner MODULE_NAME: nvlddmkm IMAGE_NAME: nvlddmkm.sys STACK_COMMAND: .cxr 0xffffffff8719b8bc ; kb BUCKET_ID: WRONG_SYMBOLS Followup: MachineOwner --------- | |
14 Antworten 8177 Aufrufe |
Vista x64 Problem :( Begonnen von zweipackk
01. März 2009, 17:29:48 Hallöchen Habe folgendes Problem mein OS Vista x64 stürzt öfters unerwartet ab, dabei ist es egal welche Anwendungen laufen oder nicht ist also kein Softwareproblem. Ich habe auch Prime95 24h laufen lassen können und es gab absolut keine Probleme oder Bluescreens. Auch Memtest86 fand keine Fehler. Ich bin wirklich am verzweifeln. Ich habe mir die dump file mal angeschaut und auch schon gegoogelt aber bezieht sich leider alles nur auf xp und hilft mir daher nicht weiter... Zu meinem System: Intel i7 DDR3 Ram Nanya 1333MHZ ATI HD 4870 In der Dump file steht problem caused by hardware, leider kann ich damit nicht viel anfangen vllt. könnt Ihr mehr herauslesen. Ich bin über jede Hilfe sehr dankbar. Danke schonmal im Voraus Jetzt die dmp. file: Microsoft (R) Windows Debugger Version 6.11.0001.402 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Windows\Minidump\Mini030109-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: *** Invalid *** ************************************************** ************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ************************************************** ************************** Executable search path is: ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Windows Server 2008/Windows Vista Kernel Version 6001 (Service Pack 1) MP (8 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Machine Name: Kernel base = 0xfffff800`01e4e000 PsLoadedModuleList = 0xfffff800`02013db0 Debug session time: Sun Mar 1 13:21:37.144 2009 (GMT+1) System Uptime: 0 days 1:31:08.101 ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Loading Kernel Symbols .................................................. ............. .................................................. .............. ............................. Loading User Symbols Loading unloaded module list ................... *** WARNING: Unable to verify timestamp for hal.dll *** ERROR: Module load completed but symbols could not be loaded for hal.dll ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck 124, {0, fffffa8008932030, be000000, 800400} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_WHEA_ERROR_RECORD_HEADER *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_WHEA_ERROR_RECORD_HEADER *** *** *** ************************************************** *********************** Unable to load image \SystemRoot\system32\PSHED.dll, Win32 error 0n2 *** WARNING: Unable to verify timestamp for PSHED.dll *** ERROR: Module load completed but symbols could not be loaded for PSHED.dll ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: pshed!_WHEA_ERROR_RECORD_HEADER *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: pshed!_WHEA_ERROR_RECORD_SECTION_DESCRIPTOR *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: pshed!_WHEA_ERROR_RECORD_HEADER *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: pshed!_WHEA_ERROR_RECORD_HEADER *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: pshed!_WHEA_ERROR_RECORD_HEADER *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Probably caused by : hardware Followup: MachineOwner --------- | |
12 Antworten 91115 Aufrufe |
Windows - automatische Treiberinstallation ausschalten? Begonnen von Mr.Psychedelic
29. März 2008, 00:05:41 Wie kann man diesese ... automatische Treiberinstallation ausschalten? Durch den Dreck kriege ich mein Soundmax einfach nicht installiert... Danke |
ich habe seit mehreren Tagen ein Problem mit meinem Windows Explorer.
Anfänglich stürzte er nur ab, wenn ich in Ordnern etwas "gearbeitet/verschoben" habe usw. aber mittlerweile genügt es, überhaupt einen Ordner anzuklicken.
Sofort "friert" der Laptop ein, die Benachrichtigun "Windows Explorer funktioniert nicht mehr" erscheint, ich kann dann erst weiter arbeiten, wenn der WE geschlossen wurde. (Das selbe Probleme habe ich ca 3-4x am Tag mit Mozilla, jedoch "friert" dieses immer nur für ca 1 Min ein und somit hängt dann eben alles und erst dann kann ich weiter arbeiten. Das ist auch seeehr nervig, aber ich weiß nicht, ob es mit dem Windows Explorer Problem zusammen liegt!)
Ich habe unter Start / CMD und dem Befehl sfc scannow gesucht, das Ergebnis sah so aus:
Ergebnis:
Der Windows-Ressourcenschutz hat beschädigte Dateien gefunden und konnte einige der Dateien nicht reparieren.
Dateils finden sie in der Datei CBS.LOG
<windir\logs\CBS\CBS.log> z.b. in Windows\logs\CBS\cbs.log
Die Details konnte ich nicht abrufen, da ich keinen Zugriff hätte.
So, dann habe ich eben über die Ergebnisanzeige im System und Anwendung die "Fehler" und "Warnungen" mal genauer betrachtet und jedes mal stehen diese mit NTDLL.DLL in Verbindung.
Beispiel eines Aufrufes:
Name der fehlerhaften Anwendung: plugin-container.exe, Version: 1.9.2.4448, Zeitstempel: 0x4f563ac1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222b2
ID des fehlerhaften Prozesses: 0x644
Startzeit der fehlerhaften Anwendung: 0x01cd2969729afaee
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung: 7831d927-9565-11e1-9e7d-14dae9404578
Gibt es noch eine Möglichkeit das Problem zu beheben?
Eine Win7 CD habe ich nicht, da ja keine mit dem Laptop mitgeliefert wurde.
(Habe diesen: http://www.asus.com/Notebooks/Versatile_Performance/X54L/)
Kann ich im Notfall einfach auf einen anderen Gerätemanager umsteigen oder würde das nur eine zeitlich begrenzte Alternative darstellen?
Ich danke für eure Antworten im Voraus.
(Achja, bitte köpft mich nicht, ich bin eine absolute Laptop-nichtkennerin :-))
P.s. „Eigene Ordner“ (Eigene Bilder, Eigene Dokumente usw.) stürzen im Übrigen nicht so schnell ab, die später erstellten und sehr vollen Ordner sofort beim Anklicken.
Ich hab die Ordneroption auch schon „im eigenen Prozessor“ starten lassen, dann stürzt es noch schneller ab…………
UND: Zu guter Letzt habe ich noch die Maleware-Log Daten:
[spoiler]
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
blblabla :: blabla-PC [Administrator]
Schutz: Aktiviert
07.05.2012 21:02:53
mbam-log-2012-05-07 (23-00-07).txt
Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 544512
Laufzeit: 1 Stunde(n), 56 Minute(n), 35 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Backdoor.Agent) -> Daten: C:\Users\blabla\AppData\Local\bc4581c2\X -> Keine Aktion durchgeführt.
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 2
C:\$Recycle.Bin\S-1-5-21-2764755212-3932830633-3591871303-1001\$RA2P6PQ.exe (Adware.Agent) -> Keine Aktion durchgeführt.
C:\Users\blablaAppData\Local\bc4581c2\U\800000c f.@ (Rootkit.0Access) -> Keine Aktion durchgeführt.
(Ende)
[/spoiler]