Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Fix-Log fuer Windowsverschluesselungs-Trojaner

Fix-Log fuer Windowsverschluesselungs-Trojaner


Log-Analyse und Auswertung: Fix-Log fuer Windowsverschluesselungs-Trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 16.05.2012, 15:00   #3
mfg
 
Fix-Log fuer Windowsverschluesselungs-Trojaner - Standard

Fix-Log fuer Windowsverschluesselungs-Trojaner


Hallo Kira,
Danke erstmal fuer die Hilfestellung.

Der Fix ist durchgelaufen und der log ist unten angefuegt.
Nach dem Reboot kann ich bereits im normalen Modus weiter arbeiten! Keine WinBlockung & i-net funktiniert auch wieder. *phew* )

Werde mich im Laufe des Nachmittags an die weiteren schritte rantasten.
vielen lieben Dank schonmal,
m

Code:
ATTFilter
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\Manuel_ON_F\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\Manuel_ON_F\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\Manuel_ON_F\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\Manuel_ON_F\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\Manuel_ON_F\Software\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully.
Registry value HKEY_USERS\Manuel_ON_F\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ deleted successfully.
HKU\Manuel_ON_F\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
File F:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) not found.
Registry key HKEY_LOCAL_MACHINE\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File F:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry key HKEY_USERS\Manuel_ON_F\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
F:\Users\Manuel\AppData\Roaming\Sctbht\7D2CAFBC10AE3BF66E36.exe moved successfully.
Registry key HKEY_USERS\Manuel_ON_F\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
F:\updates64\395D483BBD1.exe moved successfully.
Registry key HKEY_USERS\LocalService_ON_F\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce not found.
Registry key HKEY_USERS\NetworkService_ON_F\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1addd759-d29e-11df-bdb0-705ab6182a25}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1addd759-d29e-11df-bdb0-705ab6182a25}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1addd759-d29e-11df-bdb0-705ab6182a25}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1addd759-d29e-11df-bdb0-705ab6182a25}\ not found.
File F:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54c30523-c637-11df-90d3-705ab6182a25}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54c30523-c637-11df-90d3-705ab6182a25}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54c30523-c637-11df-90d3-705ab6182a25}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54c30523-c637-11df-90d3-705ab6182a25}\ not found.
File E:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69bd1dec-3192-11df-8636-705ab6182a25}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69bd1dec-3192-11df-8636-705ab6182a25}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69bd1dec-3192-11df-8636-705ab6182a25}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69bd1dec-3192-11df-8636-705ab6182a25}\ not found.
File E:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69bd1df7-3192-11df-8636-705ab6182a25}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69bd1df7-3192-11df-8636-705ab6182a25}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69bd1df7-3192-11df-8636-705ab6182a25}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69bd1df7-3192-11df-8636-705ab6182a25}\ not found.
File G:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a33b265-2205-11e0-b53f-705ab6182a25}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a33b265-2205-11e0-b53f-705ab6182a25}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a33b265-2205-11e0-b53f-705ab6182a25}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a33b265-2205-11e0-b53f-705ab6182a25}\ not found.
File E:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c070afc5-6d4d-11df-bb5e-705ab6182a25}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c070afc5-6d4d-11df-bb5e-705ab6182a25}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c070afc5-6d4d-11df-bb5e-705ab6182a25}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c070afc5-6d4d-11df-bb5e-705ab6182a25}\ not found.
File F:\LaunchU3.exe -a not found.
F:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
F:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS F:\ProgramData\Temp:4D066AD2 deleted successfully.
ADS F:\ProgramData\Temp:0B9176C0 deleted successfully.
ADS F:\ProgramData\Temp:4CF61E54 deleted successfully.
ADS F:\ProgramData\Temp:5D7E5A8F deleted successfully.
ADS F:\ProgramData\Temp:E3C56885 deleted successfully.
ADS F:\ProgramData\Temp:ABE89FFE deleted successfully.
ADS F:\ProgramData\Temp:E1F04E8D deleted successfully.
ADS F:\ProgramData\Temp:AB689DEA deleted successfully.
ADS F:\ProgramData\Temp:93DE1838 deleted successfully.
ADS F:\ProgramData\Temp:444C53BA deleted successfully.
========== FILES ==========
File\Folder F:\Users\Manuel\AppData\Roaming\Sctbht\7D2CAFBC10AE3BF66E36.exe not found.
File\Folder F:\updates64\395D483BBD1.exe not found.
< ipconfig /flushdns /c >
Windows IP Configuration
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes
 
User: Default User
 
User: Manuel
->Temp folder emptied: 34295369 bytes
->Temporary Internet Files folder emptied: 268535820 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 112303156 bytes
->Flash cache emptied: 73661 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4018045 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46374103 bytes
 
Total Files Cleaned = 444.00 mb
 
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 05162012_184656
__________________
 

Themen zu Fix-Log fuer Windowsverschluesselungs-Trojaner
alternate, anleitung, conduit, download, fix, freue, google earth, launch, leitung, logfile, mail, nvstor.sys, otlpe, packard bell, plug-in, problem, scan, verschluesselung trojaner windows blockiert, version=1.0, vorgehensweise


« Trojaner - Blockiert Benutzerprofil, schwarzer Bildschirm, Auforderung per Paysafe zu zahlen | Windows UPDATE Trojaner »


Ähnliche Themen: Fix-Log fuer Windowsverschluesselungs-Trojaner


  1. l+f: https-fuer-Fortgeschrittene
    Nachrichten - 26.08.2015 (0)
  2. Danke Schrauber fuer Deinen grossartigen Support bei Virusbeseitigung
    Lob, Kritik und Wünsche - 12.04.2015 (1)
  3. Deeprybka (Juergen) - Vielen Dank fuer Deine Arbeit - es ist alles clean
    Lob, Kritik und Wünsche - 09.07.2014 (1)
  4. Trojaner Bundesamt fuer Sicherheit in der Informationstechnik, 100 Euro bezahlen, ...
    Log-Analyse und Auswertung - 12.08.2013 (5)
  5. PC haengt alle paar Minuten fuer 5 - 20 Sekunden
    Log-Analyse und Auswertung - 12.11.2010 (1)
  6. TR/Vundo.Gen, Hilfe Fuer Idioten Gesucht
    Plagegeister aller Art und deren Bekämpfung - 04.05.2008 (1)
  7. Software fuer Troijaner zu vernichten?
    Antiviren-, Firewall- und andere Schutzprogramme - 07.11.2007 (2)
  8. Vielen Dank fuer den Kauf von NOKIA 8800
    Plagegeister aller Art und deren Bekämpfung - 27.04.2007 (6)
  9. Trojaner hat Treiber fuer WLAN "gefressen" ...
    Plagegeister aller Art und deren Bekämpfung - 11.11.2006 (1)
  10. websitescanner fuer forum gesucht
    Plagegeister aller Art und deren Bekämpfung - 12.06.2006 (5)
  11. Trojaner werbung fuer AVGold -.- (Problem)
    Plagegeister aller Art und deren Bekämpfung - 11.07.2005 (5)
  12. Microsoft Java Virtual Machine (JVM) fuer Windows XP deinstallieren
    Log-Analyse und Auswertung - 27.06.2004 (3)
  13. Hilfe fuer TR Wintrim.W
    Plagegeister aller Art und deren Bekämpfung - 23.04.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Fix-Log fuer Windowsverschluesselungs-Trojaner - Hallo Kira, Danke erstmal fuer die Hilfestellung. Der Fix ist durchgelaufen und der log ist unten angefuegt. Nach dem Reboot kann ich bereits im normalen Modus weiter arbeiten! Keine WinBlockung - Fix-Log fuer Windowsverschluesselungs-Trojaner...
Archiv
Du betrachtest: Fix-Log fuer Windowsverschluesselungs-Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132