Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Trojaner Windows Restore

Trojaner Windows Restore


Log-Analyse und Auswertung: Trojaner Windows Restore

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 26.05.2011, 10:26   #5
Dugells
 
Trojaner Windows Restore - Standard

Trojaner Windows Restore


OTL Log Datei "OTL.txt"OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 26.05.2011 11:19:27 - Run 1
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Markus\Downloads
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,97 Gb Total Physical Memory | 0,82 Gb Available Physical Memory | 41,47% Memory free
4,16 Gb Paging File | 2,42 Gb Available in Paging File | 58,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 15,38 Gb Free Space | 20,64% Space Free | Partition Type: NTFS
Drive D: | 7,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 3,75 Gb Total Space | 3,74 Gb Free Space | 99,76% Space Free | Partition Type: FAT32
Drive J: | 931,51 Gb Total Space | 842,26 Gb Free Space | 90,42% Space Free | Partition Type: NTFS
Drive S: | 485,07 Mb Total Space | 350,09 Mb Free Space | 72,17% Space Free | Partition Type: FAT32
 
Computer Name: MARKUS-PC | User Name: Markus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Markus\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Steganos Safe 12\Safe.exe (Steganos Software GmbH)
PRC - C:\Programme\Steganos Safe 12\fredirstarter.exe (Steganos Software GmbH)
PRC - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\starter4g.exe (4G Systems GmbH & Co. KG)
PRC - C:\Windows\service4g.exe (4G Systems GmbH & Co. KG)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated)
PRC - C:\Programme\XSManager\WTGService.exe ()
PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\VideoLAN\VLC\vlc.exe ()
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
PRC - C:\Programme\Common Files\NMSAccessU.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Markus\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (PassThru Service) -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (XS Stick Service) -- C:\Windows\service4g.exe (4G Systems GmbH & Co. KG)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (WTGService) -- C:\Programme\XSManager\WTGService.exe ()
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) Intel(R) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (NMSAccessU) -- C:\Programme\Common Files\NMSAccessU.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (cmnsusbser) -- C:\Windows\System32\drivers\cmnsusbser.sys (Mobile Connector)
DRV - (htcnprot) -- C:\Windows\System32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (SLEE_17_DRIVER) -- C:\Windows\System32\drivers\SleeN17.sys (Softwareentwicklung Remus - ArchiCrypt - )
DRV - (SsInstal) -- C:\Windows\System32\drivers\SsInstal.sys (Brainboxes Limited)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (fwlanusbn) -- C:\Windows\System32\drivers\fwlanusbn.sys (AVM GmbH)
DRV - (SsEnum) -- C:\Windows\System32\drivers\SsEnum.sys (Brainboxes Limited)
DRV - (SsPort) -- C:\Windows\System32\drivers\SsPort.sys (Brainboxes Limited)
DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin)
DRV - (slabser) -- C:\Windows\System32\drivers\slabser.sys (MCCI Corporation)
DRV - (slabbus) Argus over USB driver (WDM) -- C:\Windows\System32\drivers\slabbus.sys (MCCI Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/home.php"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - prefs.js..network.proxy.type: 4
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.08 02:11:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.08 02:11:31 | 000,000,000 | ---D | M]
 
[2010.12.26 14:09:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Markus\AppData\Roaming\mozilla\Extensions
[2011.05.25 18:38:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\tfl6w3a2.default\extensions
[2010.12.26 14:10:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\tfl6w3a2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.05.19 11:57:56 | 000,000,950 | ---- | M] () -- C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\tfl6w3a2.default\searchplugins\icqplugin.xml
[2011.05.07 01:49:22 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.07.06 10:18:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- 
[2009.09.22 22:51:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009.11.02 10:02:47 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2010.07.06 10:18:04 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\MARKUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TFL6W3A2.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.05.08 02:11:26 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010.07.06 10:17:46 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll
[2011.05.08 02:11:28 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.05.08 02:11:28 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2011.05.08 02:11:28 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.05.08 02:11:28 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.05.08 02:11:28 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.05.08 02:11:28 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.09.27 21:42:58 | 000,000,935 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1 im.adtech.de
O1 - Hosts: 127.0.0.1 adserver.adtech.de
O1 - Hosts: 127.0.0.1 adtech.de
O1 - Hosts: 127.0.0.1 atwola.com
O1 - Hosts: 127.0.0.1 adserver.71i.de
O1 - Hosts: 127.0.0.1 adicqserver.71i.de
O1 - Hosts: 127.0.0.1 71i.de
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [nwiz]  File not found
O4 - HKLM..\Run: [SAFE12 File Redirection Starter] C:\Program Files\Steganos Safe 12\fredirstarter.exe (Steganos Software GmbH)
O4 - HKLM..\Run: [SAFE12 HotKeys] C:\Program Files\Steganos Safe 12\SteganosHotKeyService.exe (Steganos Software GmbH)
O4 - HKLM..\Run: [starter4g] C:\Windows\starter4g.exe (4G Systems GmbH & Co. KG)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [GameShadow]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8 - Extra context menu item: Free YouTube Download - C:\Users\Markus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Markus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Markus\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Markus\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.08.22 07:57:52 | 000,230,728 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - D:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.05.30 08:54:04 | 000,000,047 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010.01.26 11:15:22 | 000,000,191 | ---- | M] () - J:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{66efe11f-eac1-11df-b91b-001e371e9a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{66efe11f-eac1-11df-b91b-001e371e9a5f}\Shell\AutoRun\command - "" = E:\pushinst.exe
O33 - MountPoints2\{8a204b85-a395-11de-8169-001e371e9a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{8a204b85-a395-11de-8169-001e371e9a5f}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{92429659-c130-11df-b95d-001e371e9a5f}\Shell\AutoRun\command - "" = J:\SanDiskMediaManager.EXE
O33 - MountPoints2\{965227b2-6fe9-11e0-9009-001e371e9a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{965227b2-6fe9-11e0-9009-001e371e9a5f}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{b9a176c9-b8b9-11de-a577-001e371e9a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{b9a176c9-b8b9-11de-a577-001e371e9a5f}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{de7f6b72-a439-11de-b4a6-001e371e9a5f}\Shell - "" = AutoRun
O33 - MountPoints2\{de7f6b72-a439-11de-b4a6-001e371e9a5f}\Shell\AutoRun\command - "" = F:\CDautorun.exe
O33 - MountPoints2\{fc093504-a165-11de-bd93-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fc093504-a165-11de-bd93-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2008.08.22 07:57:52 | 000,230,728 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.25 23:01:19 | 001,431,344 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Markus\Desktop\TDSSKiller.exe
[2011.05.25 15:06:24 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Luwe
[2011.05.25 15:06:24 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Isyzsi
[2011.05.25 13:27:05 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Malwarebytes
[2011.05.25 13:26:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.25 13:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.25 13:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.25 13:26:52 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.05.24 22:36:55 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
[2011.05.17 17:35:52 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\LolClient
[2011.05.17 16:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011.05.17 15:36:13 | 000,000,000 | ---D | C] -- C:\Users\Markus\Desktop\LeagueOfLegends
[2011.05.17 15:35:28 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\PMB Files
[2011.05.17 15:35:22 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011.05.17 15:03:50 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2011.05.17 15:03:50 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2011.05.17 14:55:20 | 000,000,000 | ---D | C] -- C:\Riot Games
[2011.05.17 14:44:39 | 000,000,000 | ---D | C] -- C:\Users\Markus\Documents\FIFA 07
[2011.05.13 08:34:09 | 000,000,000 | ---D | C] -- C:\Users\Markus\Desktop\Neuer Ordner
[2011.05.06 08:52:25 | 000,000,000 | ---D | C] -- C:\Users\Markus\Desktop\Bilder Backnang
[2011.04.27 22:41:25 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.27 22:41:24 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.27 22:41:19 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.04.26 13:20:20 | 000,312,488 | R--- | C] (4G Systems GmbH & Co. KG) -- C:\Windows\updater4g.exe
[2011.04.26 13:20:20 | 000,160,424 | R--- | C] (4G Systems GmbH & Co. KG) -- C:\Windows\starter4g.exe
[2011.04.26 13:20:18 | 000,133,120 | ---- | C] (C-motech Co.,Ltd.) -- C:\Windows\System32\drivers\cm_netamd.sys
[2011.04.26 13:20:18 | 000,118,272 | ---- | C] (C-motech Co.,Ltd.) -- C:\Windows\System32\drivers\cm_seramd.sys
[2011.04.26 13:20:18 | 000,112,640 | ---- | C] (C-motech Co.,Ltd.) -- C:\Windows\System32\drivers\cm_net32.sys
[2011.04.26 13:20:18 | 000,103,680 | ---- | C] (C-motech Co.,Ltd.) -- C:\Windows\System32\drivers\cm_ser32.sys
[2011.04.26 13:20:18 | 000,103,424 | ---- | C] (Mobile Connector) -- C:\Windows\System32\drivers\cmnsusbser.sys
[2011.04.26 13:20:18 | 000,052,128 | ---- | C] (Siano) -- C:\Windows\System32\drivers\smsbda.sys
[2011.04.26 13:20:18 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\XSManager
[2011.04.26 13:15:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSManager
[2011.04.26 13:15:11 | 000,000,000 | ---D | C] -- C:\Programme\XSManager
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.26 11:15:21 | 000,004,880 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.26 11:15:21 | 000,004,880 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.26 10:50:26 | 000,224,256 | ---- | M] () -- C:\Users\Markus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.26 10:26:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.26 07:59:44 | 000,001,073 | ---- | M] () -- C:\Users\Markus\Desktop\Privat.lnk
[2011.05.26 07:59:33 | 000,644,580 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.26 07:59:33 | 000,601,134 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.26 07:59:33 | 000,131,380 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.26 07:59:33 | 000,108,758 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.26 07:13:34 | 000,285,745 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.05.26 07:13:34 | 000,285,745 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.05.26 07:13:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.26 00:02:26 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{651C758F-489E-45AC-B507-9169CF622E9A}.job
[2011.05.25 22:54:40 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.25 22:54:25 | 2110,058,496 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.25 22:53:08 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.05.25 13:26:55 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.25 07:10:16 | 001,431,344 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Markus\Desktop\TDSSKiller.exe
[2011.05.24 22:36:56 | 000,000,144 | ---- | M] () -- C:\ProgramData\~46194424r
[2011.05.24 22:36:56 | 000,000,112 | ---- | M] () -- C:\ProgramData\~46194424
[2011.05.24 22:36:51 | 000,000,344 | ---- | M] () -- C:\ProgramData\46194424
[2011.05.23 08:19:08 | 000,055,144 | ---- | M] () -- C:\Users\Markus\Desktop\bookmarks.html
[2011.05.23 07:31:28 | 000,071,944 | ---- | M] () -- C:\Users\Markus\Desktop\bookmarks-2011-05-23.json
[2011.05.19 15:25:26 | 000,000,680 | ---- | M] () -- C:\Users\Markus\AppData\Local\d3d9caps.dat
[2011.04.30 23:45:17 | 000,843,254 | ---- | M] () -- C:\Users\Markus\Desktop\3.jpg
[2011.04.30 23:43:31 | 000,022,754 | ---- | M] () -- C:\Users\Markus\Desktop\1.jpg
[2011.04.30 23:43:19 | 000,057,746 | ---- | M] () -- C:\Users\Markus\Desktop\2.jpg
[2011.04.30 23:43:05 | 000,129,932 | ---- | M] () -- C:\Users\Markus\Desktop\216221_168782513180532_100001463540079_408431_4047046_n.jpg
[2011.04.26 13:15:15 | 000,001,712 | ---- | M] () -- C:\Users\Public\Desktop\XSManager.lnk
[2011.04.26 13:15:12 | 000,103,424 | ---- | M] (Mobile Connector) -- C:\Windows\System32\drivers\cmnsusbser.sys
[2011.04.26 13:15:12 | 000,101,056 | ---- | M] () -- C:\Windows\System32\drivers\dvb_nova_12mhz_b0.inp
[2011.04.26 13:15:12 | 000,092,456 | ---- | M] () -- C:\Windows\System32\drivers\isdbt_nova_12mhz_b0.inp
[2011.04.26 13:15:12 | 000,079,036 | ---- | M] () -- C:\Windows\System32\drivers\tdmb_nova_12mhz_b0.inp
[2011.04.26 13:15:12 | 000,052,128 | ---- | M] (Siano) -- C:\Windows\System32\drivers\smsbda.sys
[2011.04.26 13:15:12 | 000,000,040 | ---- | M] () -- C:\Windows\System32\drivers\smsbda.cfg
[2011.04.26 13:15:11 | 000,133,120 | ---- | M] (C-motech Co.,Ltd.) -- C:\Windows\System32\drivers\cm_netamd.sys
[2011.04.26 13:15:11 | 000,118,272 | ---- | M] (C-motech Co.,Ltd.) -- C:\Windows\System32\drivers\cm_seramd.sys
[2011.04.26 13:15:11 | 000,112,640 | ---- | M] (C-motech Co.,Ltd.) -- C:\Windows\System32\drivers\cm_net32.sys
[2011.04.26 13:15:11 | 000,103,680 | ---- | M] (C-motech Co.,Ltd.) -- C:\Windows\System32\drivers\cm_ser32.sys
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.05.26 07:59:44 | 000,001,073 | ---- | C] () -- C:\Users\Markus\Desktop\Privat.lnk
[2011.05.25 22:43:37 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.25 22:43:37 | 000,001,712 | ---- | C] () -- C:\Users\Public\Desktop\XSManager.lnk
[2011.05.25 22:43:37 | 000,001,614 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.05.25 22:43:37 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.lnk
[2011.05.25 22:43:37 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011.05.25 22:43:37 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.05.25 22:43:37 | 000,000,776 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2011.05.25 13:26:55 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.24 22:36:56 | 000,000,144 | ---- | C] () -- C:\ProgramData\~46194424r
[2011.05.24 22:36:56 | 000,000,112 | ---- | C] () -- C:\ProgramData\~46194424
[2011.05.24 22:36:50 | 000,000,344 | ---- | C] () -- C:\ProgramData\46194424
[2011.05.23 08:19:08 | 000,055,144 | ---- | C] () -- C:\Users\Markus\Desktop\bookmarks.html
[2011.05.23 07:31:28 | 000,071,944 | ---- | C] () -- C:\Users\Markus\Desktop\bookmarks-2011-05-23.json
[2011.05.08 12:42:44 | 000,169,196 | ---- | C] () -- C:\Users\Markus\Desktop\me.JPG
[2011.04.30 23:45:17 | 000,843,254 | ---- | C] () -- C:\Users\Markus\Desktop\3.jpg
[2011.04.30 23:43:19 | 000,057,746 | ---- | C] () -- C:\Users\Markus\Desktop\2.jpg
[2011.04.30 23:43:05 | 000,129,932 | ---- | C] () -- C:\Users\Markus\Desktop\216221_168782513180532_100001463540079_408431_4047046_n.jpg
[2011.04.30 23:42:55 | 000,022,754 | ---- | C] () -- C:\Users\Markus\Desktop\1.jpg
[2011.04.26 13:20:18 | 000,101,056 | ---- | C] () -- C:\Windows\System32\drivers\dvb_nova_12mhz_b0.inp
[2011.04.26 13:20:18 | 000,092,456 | ---- | C] () -- C:\Windows\System32\drivers\isdbt_nova_12mhz_b0.inp
[2011.04.26 13:20:18 | 000,079,036 | ---- | C] () -- C:\Windows\System32\drivers\tdmb_nova_12mhz_b0.inp
[2011.04.26 13:20:18 | 000,000,040 | ---- | C] () -- C:\Windows\System32\drivers\smsbda.cfg
[2011.03.26 23:21:54 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010.11.12 17:09:48 | 000,015,573 | ---- | C] () -- C:\Windows\System32\drivers\fwlanusbn.bin
[2010.10.13 18:03:14 | 006,814,952 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2010.10.13 18:03:14 | 000,017,766 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Music Converter.dat
[2010.09.17 21:25:36 | 000,000,097 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010.09.15 09:39:01 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010.09.15 09:39:01 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2010.01.13 13:07:30 | 000,022,328 | ---- | C] () -- C:\Users\Markus\AppData\Roaming\PnkBstrK.sys
[2010.01.13 13:07:13 | 002,337,865 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2009.12.24 15:25:23 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2009.12.24 15:25:23 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2009.12.15 23:36:21 | 000,000,052 | ---- | C] () -- C:\Windows\Relax.ini
[2009.11.09 08:23:32 | 000,024,206 | ---- | C] () -- C:\Users\Markus\AppData\Roaming\UserTile.png
[2009.10.04 12:39:01 | 000,000,035 | ---- | C] () -- C:\Windows\WorldBuilder.INI
[2009.09.19 13:33:10 | 000,224,256 | ---- | C] () -- C:\Users\Markus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.17 17:00:27 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2009.09.17 15:53:29 | 000,000,114 | ---- | C] () -- C:\Windows\wininit.ini
[2009.09.17 15:21:12 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.09.17 15:21:08 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009.09.17 15:20:45 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.09.17 15:17:41 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.09.17 15:17:41 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.09.17 15:17:41 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.09.17 14:52:14 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.09.17 08:47:55 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.09.17 08:47:46 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.17 08:46:35 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.17 08:46:35 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.09.17 08:20:28 | 000,285,745 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.09.17 08:20:24 | 000,285,745 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.09.14 21:47:10 | 000,000,680 | ---- | C] () -- C:\Users\Markus\AppData\Local\d3d9caps.dat
[2007.01.25 04:52:26 | 000,065,536 | ---- | C] () -- C:\Programme\Common Files\NMSAccessU.exe
[2006.11.02 17:42:41 | 000,644,580 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:42:41 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:42:41 | 000,131,380 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:42:41 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:43 | 000,254,696 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,601,134 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,108,758 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.09 17:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

< End of report >
--- --- ---
 

Themen zu Trojaner Windows Restore
administrator, anleitung, dateien, fehlermeldungen, folge, forum, guten, komplette, langsamer, ordner, poste, probleme, restore, runter, sichtbar, starte, startet, ständige, super, tdss, tool, troja, trojaner, windows, windows recovery, wirklich, zusammen


« Recycler auf USB | Windows Security Alert- »


Ähnliche Themen: Trojaner Windows Restore


  1. Probleme nach "Windows Restore" Trojaner
    Log-Analyse und Auswertung - 18.12.2011 (42)
  2. Windows Restore Malware eingefangen - geht nicht weg
    Plagegeister aller Art und deren Bekämpfung - 03.11.2011 (10)
  3. [Schadprogramm] Windows Restore beseitigt und t.w. noch Probleme
    Plagegeister aller Art und deren Bekämpfung - 29.06.2011 (50)
  4. Windows 7 Restore, Google Redirect.
    Plagegeister aller Art und deren Bekämpfung - 11.06.2011 (2)
  5. Internet Explorer Skriptfehler nach Windows Restore
    Log-Analyse und Auswertung - 20.05.2011 (26)
  6. TR/kazy.mekml.1 und Windows Restore: ist es wirklich weg?
    Log-Analyse und Auswertung - 14.05.2011 (10)
  7. Windows restore / Daten wiederherstellbar?
    Plagegeister aller Art und deren Bekämpfung - 29.04.2011 (41)
  8. Windows Restore
    Log-Analyse und Auswertung - 20.04.2011 (21)
  9. Ebenfalls Windows Restore Befall
    Plagegeister aller Art und deren Bekämpfung - 19.04.2011 (13)
  10. Trojaner: CleanThis, MS Removal Tool und Windows Restore
    Log-Analyse und Auswertung - 17.04.2011 (15)
  11. windows restore
    Alles rund um Windows - 14.04.2011 (12)
  12. Windows Restore
    Log-Analyse und Auswertung - 14.04.2011 (1)
  13. Windows Restore, Internetbrowser funktionieren nicht
    Plagegeister aller Art und deren Bekämpfung - 14.04.2011 (3)
  14. Windows Restore auf dem Notebook
    Plagegeister aller Art und deren Bekämpfung - 13.04.2011 (7)
  15. Windows restore
    Plagegeister aller Art und deren Bekämpfung - 13.04.2011 (4)
  16. Probleme mit Windows Restore - Schnellstartleiste wiederherstellen.
    Log-Analyse und Auswertung - 13.04.2011 (1)
  17. Windows Restore entfernen
    Anleitungen, FAQs & Links - 05.04.2011 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojaner Windows Restore - OTL Log Datei "OTL.txt"OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 26.05.2011 11:19:27 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Markus\Downloads Windows Vista - Trojaner Windows Restore...
Archiv
Du betrachtest: Trojaner Windows Restore auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132