Trojaner-Board
Seite 3 von 4 12 3 4
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Trojaner Updater.exe (https://www.trojaner-board.de/136498-trojaner-updater-exe.html)

xmorgaine 23.06.2013 12:39
SystemLook 30.07.11 by jpshortstuff
Log created at 13:29 on 23/06/2013 by viktoria
Administrator - Elevation successful

========== filefind ==========

Searching for "*SoftwareUpdater*"
C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe --a---- 60928 bytes [09:38 07/05/2013] [19:49 20/06/2013] 4D62C3A7FA7C4FF08D5015D75124C92A
C:\Program Files\SoftwareUpdater\SoftwareUpdater.dll --a---- 168960 bytes [19:48 20/06/2013] [19:48 20/06/2013] 1EF11ADFB5DD20F4F78D5AACC309F633
C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe --a---- 1281536 bytes [19:48 20/06/2013] [19:48 20/06/2013] 99345050F950EAD86726BB63715FEDE6
C:\Windows\Prefetch\SOFTWAREUPDATER.BOOTSTRAPPER.-C1C0EF1D.pf --a---- 95920 bytes [11:19 02/04/2013] [11:28 23/06/2013] 617FE636AAB6DC0C12438BBA8BAA4777
C:\_OTL\MovedFiles\06182013_182330\C_Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe --a---- 60928 bytes [14:11 05/02/2013] [18:29 08/06/2013] 4D62C3A7FA7C4FF08D5015D75124C92A
C:\_OTL\MovedFiles\06182013_182330\C_Program Files\SoftwareUpdater\SoftwareUpdater.dll --a---- 168960 bytes [20:25 24/03/2013] [18:32 08/06/2013] 1EF11ADFB5DD20F4F78D5AACC309F633
C:\_OTL\MovedFiles\06182013_182330\C_Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe --a---- 1281536 bytes [20:25 24/03/2013] [18:33 08/06/2013] 99345050F950EAD86726BB63715FEDE6

========== folderfind ==========

Searching for "*SoftwareUpdater*"
C:\Program Files\SoftwareUpdater d------ [19:48 20/06/2013]
C:\_OTL\MovedFiles\06182013_182330\C_Program Files\SoftwareUpdater d------ [20:25 24/03/2013]

========== regfind ==========

Searching for "SoftwareUpdater"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\832AB1599439F4C48B17F26DC82AF097]
"SoftwareUpdater"="ProductFeature"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\SoftwareUpdater\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\832AB1599439F4C48B17F26DC82AF097\Features]
"SoftwareUpdater"="ProductFeature"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""

-= EOF =-

schrauber 23.06.2013 16:20
Hi,

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
:OTL
C:\Program Files\SoftwareUpdater
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\832AB1599439F4C48B17F26DC82AF097]
"SoftwareUpdater"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\SoftwareUpdater\"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SystemStoreService]
"ImagePath"=-
:Commands
[emptytemp]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

xmorgaine 25.06.2013 20:36
All processes killed
========== OTL ==========
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\832AB1599439F4C48B17F26DC82AF097\\SoftwareUpdater deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\SoftwareUpdater\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SystemStoreService\\ImagePath deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Malisa
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: viktoria
->Temp folder emptied: 865840 bytes
->Temporary Internet Files folder emptied: 8259390 bytes
->FireFox cache emptied: 81854251 bytes
->Google Chrome cache emptied: 7237581 bytes
->Opera cache emptied: 52428990 bytes
->Flash cache emptied: 2039 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18169923 bytes
RecycleBin emptied: 20814866 bytes

Total Files Cleaned = 181,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06252013_212607

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

schrauber 26.06.2013 08:23
Noch Probleme?

xmorgaine 26.06.2013 20:13
Ja, es ist immernoch da..

schrauber 27.06.2013 07:32
SoftwareUpdater ist immer noch da?

Bitte mal nen Screenshot, und neue Suche mit Systemlook.

xmorgaine 27.06.2013 16:20
Ja, immernoch. Er hat sich jetzt sogar 2 mal hintereinander nach ein paar Minuten geöffnet, obwohl das sonst immer längere Abstände hat. Und ähm den Screenshot hab ich dir doch schonmal gezeigt, es sieht noch haaregenau gleich aus..

hier der Systemlook (ich habe ihn gerade eben schonmal gemacht, aber den Text wieder geschlossen und es deswegen nochmal gemacht) :

SystemLook 30.07.11 by jpshortstuff
Log created at 17:11 on 27/06/2013 by viktoria
Administrator - Elevation successful

========== filefind ==========

Searching for "*SystemUpdater*"
No files found.

========== folderfind ==========

Searching for "*SystemUpdater*"
No folders found.

========== regfind ==========

Searching for "SystemUpdater"
No data found.

-= EOF =-

schrauber 27.06.2013 16:27
Selbe Suche bitte mal mit SoftwareUpdater anstatt Systemupdater :)

xmorgaine 27.06.2013 16:54
upps, sry :D

SystemLook 30.07.11 by jpshortstuff
Log created at 17:50 on 27/06/2013 by viktoria
Administrator - Elevation successful

========== filefind ==========

Searching for "*SoftwareUpdater*"
C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe --a---- 60928 bytes [09:38 07/05/2013] [19:49 20/06/2013] 4D62C3A7FA7C4FF08D5015D75124C92A
C:\Program Files\SoftwareUpdater\SoftwareUpdater.dll --a---- 168960 bytes [19:48 20/06/2013] [19:48 20/06/2013] 1EF11ADFB5DD20F4F78D5AACC309F633
C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe --a---- 1281536 bytes [19:48 20/06/2013] [19:48 20/06/2013] 99345050F950EAD86726BB63715FEDE6
C:\Windows\Prefetch\SOFTWAREUPDATER.BOOTSTRAPPER.-C1C0EF1D.pf --a---- 94716 bytes [11:19 02/04/2013] [14:58 27/06/2013] D13DF6F4A56DAE955FC45F1527E26F99
C:\_OTL\MovedFiles\06182013_182330\C_Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe --a---- 60928 bytes [14:11 05/02/2013] [18:29 08/06/2013] 4D62C3A7FA7C4FF08D5015D75124C92A
C:\_OTL\MovedFiles\06182013_182330\C_Program Files\SoftwareUpdater\SoftwareUpdater.dll --a---- 168960 bytes [20:25 24/03/2013] [18:32 08/06/2013] 1EF11ADFB5DD20F4F78D5AACC309F633
C:\_OTL\MovedFiles\06182013_182330\C_Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe --a---- 1281536 bytes [20:25 24/03/2013] [18:33 08/06/2013] 99345050F950EAD86726BB63715FEDE6

========== folderfind ==========

Searching for "*SoftwareUpdater*"
C:\Program Files\SoftwareUpdater d------ [19:48 20/06/2013]
C:\_OTL\MovedFiles\06182013_182330\C_Program Files\SoftwareUpdater d------ [20:25 24/03/2013]

========== regfind ==========

Searching for "SoftwareUpdater"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\832AB1599439F4C48B17F26DC82AF097\Features]
"SoftwareUpdater"="ProductFeature"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""

-= EOF =-

schrauber 27.06.2013 19:18

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
:files
C:\Program Files\SoftwareUpdater
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\832AB1599439F4C48B17F26DC82AF097\Features]
:Commands
[emptytemp]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread



Nach Reboot nochmal ne Suche mit Systemlook, zusätzlich danach suchen:

SystemStore

xmorgaine 29.06.2013 00:02
All processes killed
========== FILES ==========
C:\Program Files\SoftwareUpdater folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\832AB1599439F4C48B17F26DC82AF097\Features\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Malisa
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: viktoria
->Temp folder emptied: 114232 bytes
->Temporary Internet Files folder emptied: 12818004 bytes
->FireFox cache emptied: 17376084 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 840 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17947876 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 46,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06282013_230121

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...




SystemLook 30.07.11 by jpshortstuff
Log created at 00:25 on 29/06/2013 by viktoria
Administrator - Elevation successful

========== filefind ==========

Searching for "*Systemlook*"
C:\Users\viktoria\AppData\Roaming\Microsoft\Windows\Recent\SystemLook.lnk --a---- 493 bytes [18:37 17/06/2013] [21:18 28/06/2013] 922B9C1BD656782365FD6F258DD95C7C
C:\Users\viktoria\Desktop\SystemLook.exe --a---- 139264 bytes [11:28 23/06/2013] [11:28 23/06/2013] DEDB5F9E28EE2C9363E83A2A94BA83B9
C:\Users\viktoria\Desktop\SystemLook.txt --a---- 378 bytes [11:29 23/06/2013] [22:25 28/06/2013] C880D80CB0AFE82A17AB2EE914A1171F

========== folderfind ==========

Searching for "*Systemlook*"
No folders found.

========== regfind ==========

Searching for "Systemlook"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\viktoria\Desktop\SystemLook.exe"="SystemLook"
[HKEY_USERS\S-1-5-21-3688788964-3904659950-1743870479-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\viktoria\Desktop\SystemLook.exe"="SystemLook"
[HKEY_USERS\S-1-5-21-3688788964-3904659950-1743870479-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\viktoria\Desktop\SystemLook.exe"="SystemLook"

-= EOF =-





SystemLook 30.07.11 by jpshortstuff
Log created at 00:25 on 29/06/2013 by viktoria
Administrator - Elevation successful

========== filefind ==========

Searching for "*Systemlook*"
C:\Users\viktoria\AppData\Roaming\Microsoft\Windows\Recent\SystemLook.lnk --a---- 493 bytes [18:37 17/06/2013] [21:18 28/06/2013] 922B9C1BD656782365FD6F258DD95C7C
C:\Users\viktoria\Desktop\SystemLook.exe --a---- 139264 bytes [11:28 23/06/2013] [11:28 23/06/2013] DEDB5F9E28EE2C9363E83A2A94BA83B9
C:\Users\viktoria\Desktop\SystemLook.txt --a---- 378 bytes [11:29 23/06/2013] [22:25 28/06/2013] C880D80CB0AFE82A17AB2EE914A1171F

========== folderfind ==========

Searching for "*Systemlook*"
No folders found.

========== regfind ==========

Searching for "Systemlook"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\viktoria\Desktop\SystemLook.exe"="SystemLook"
[HKEY_USERS\S-1-5-21-3688788964-3904659950-1743870479-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\viktoria\Desktop\SystemLook.exe"="SystemLook"
[HKEY_USERS\S-1-5-21-3688788964-3904659950-1743870479-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\viktoria\Desktop\SystemLook.exe"="SystemLook"

-= EOF =-

schrauber 29.06.2013 08:24
Nach Systemstore suchen, nicht nach Systemlook :)

xmorgaine 29.06.2013 10:47
SystemLook 30.07.11 by jpshortstuff
Log created at 11:36 on 29/06/2013 by viktoria
Administrator - Elevation successful

========== filefind ==========

Searching for "*Systemstore*"
C:\_OTL\MovedFiles\06182013_182330\C_Program Files\SoftwareUpdater\SystemStore.exe --a---- 296448 bytes [20:25 24/03/2013] [20:01 30/04/2013] 9D40AC2003DCA9F045181241C2BF47A2
C:\_OTL\MovedFiles\06282013_230121\C_Program Files\SoftwareUpdater\SystemStore.exe --a---- 296448 bytes [19:48 20/06/2013] [19:48 20/06/2013] 9D40AC2003DCA9F045181241C2BF47A2

========== folderfind ==========

Searching for "*Systemstore*"
No folders found.

========== regfind ==========

Searching for "Systemstore"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Eventlog\Application\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\Eventlog\Application\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\Eventlog\Application\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\Eventlog\Application\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\Eventlog\Application\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\Eventlog\Application\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\SystemStoreService]
"ImagePath"=""C:\Program Files\SoftwareUpdater\SystemStore.exe" -displayname "System Store" -servicename "SystemStoreService""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\Eventlog\Application\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\SystemStoreService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SystemStoreService]

-= EOF =-

schrauber 29.06.2013 11:44

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
:reg
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\SystemStoreService]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SystemStoreService]
:commands
reboot
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

xmorgaine 29.06.2013 12:22
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\SystemStoreService\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SystemStoreService\ deleted successfully.
========== COMMANDS ==========
Error: Unable to interpret <reboot> in the current context!

OTL by OldTimer - Version 3.2.69.0 log created on 06292013_132119


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:34 Uhr.
Seite 3 von 4 12 3 4
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129