Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
"Windows Recovery" mit Malwarebytes entfernt -- Notebook evtl. noch nicht sauber?

"Windows Recovery" mit Malwarebytes entfernt -- Notebook evtl. noch nicht sauber?


Log-Analyse und Auswertung: "Windows Recovery" mit Malwarebytes entfernt -- Notebook evtl. noch nicht sauber?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 23.06.2011, 11:50   #14
Lois
 
"Windows Recovery" mit Malwarebytes entfernt -- Notebook evtl. noch nicht sauber? - Standard

"Windows Recovery" mit Malwarebytes entfernt -- Notebook evtl. noch nicht sauber?


Hi Arne,

here we go:


GMER log:

Code:
ATTFilter
GMER 1.0.15.15640 - hxxp://www.gmer.net
Rootkit scan 2011-06-23 12:02:09
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST916031 rev.SD03
Running: 7mylgf5d.exe; Driver: C:\DOKUME~1\***\LOKALE~1\Temp\axloquob.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0                                                                    SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass1                                                                    SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@{!s!\30!r!{!`!t!c!i!\24!t!j!s!y!s!\24!  19583823

---- EOF - GMER 1.0.15 ----






OSAM log:

Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 12:29:58 on 23.06.2011

OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"bdeadmin.cpl" - "Borland Software Corporation" - C:\WINDOWS\system32\bdeadmin.cpl
"btcpl.cpl" - "Broadcom Corporation." - C:\WINDOWS\system32\btcpl.cpl
"Ddbaccpl.cpl" - "DataDesign AG" - C:\WINDOWS\system32\Ddbaccpl.cpl
"ddBACCTM.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddBACCTM.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"ISUSPM.cpl" - "Macrovision Corporation" - C:\WINDOWS\system32\ISUSPM.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal - Free Antivirus " - ? - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl  (File not found)
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\MLCFG32.CPL

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Anchorfree HSS Adapter" (taphss) - "AnchorFree Inc" - C:\WINDOWS\System32\DRIVERS\taphss.sys
"axloquob" (axloquob) - ? - C:\DOKUME~1\***\LOKALE~1\Temp\axloquob.sys  (Hidden registry entry, rootkit activity | File not found)
"catchme" (catchme) - ? - C:\cofi16462c\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"ElbyCDIO Driver" (ElbyCDIO) - "Elaborate Bytes AG" - C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"VClone" (VClone) - "Elaborate Bytes AG" - C:\WINDOWS\System32\DRIVERS\VClone.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{16148659-720A-457d-850B-2DBD87BB129D} "AudibleShlExt Class" - "Audible, Inc." - C:\Programme\Audible\Bin\AudibleExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{16148659-720A-457d-850B-2DBD87BB129D} "AudibleShlExt Class" - "Audible, Inc." - C:\Programme\Audible\Bin\AudibleExt.dll
{6af09ec9-b429-11d4-a1fb-0090960218cb} "Bluetooth-Umgebung" - "Broadcom Corporation." - C:\WINDOWS\system32\BTNEIG~1.DLL
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} "Meine freigegebenen Ordner" - "Microsoft Corporation" - C:\Programme\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\WINDOWS\system32\btncopy.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\OLKFSTUB.DLL
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -   (File not found | COM-object registry key not found)
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{B7056B8E-4F99-44f8-8CBD-282390FE5428} "VirtualCloneDrive Shell Extension" - "Elaborate Bytes AG" - C:\Programme\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoViewer.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Autoplay Drop Target Shim" - ? -   (File not found | COM-object registry key not found)
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoViewer.dll
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Drop Target Shim" - ? -   (File not found | COM-object registry key not found)
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoViewer.dll
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Drop Target Shim" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Programme\WinRAR\rarext.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "{00F33137-EE26-412F-8D71-F84E4C2C6625}" - ? -   (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"eBay - Der weltweite Online-Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4  (HTTP value)
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Ask Toolbar" - "Ask.com" - C:\Programme\AskBarDis\bar\bin\askBar.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8100D56A-5661-482C-BEE8-AFECE305D968} "Facebook Photo Uploader 5 Control" - "The Facebook" - C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx / hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
{5D637FAD-E202-48D1-8F18-5B9C459BD1E3} "Image Uploader Control" - "Aurigma, Inc." - C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx / hxxp://www.fotokasten.de/javaapplet/ImageUploader5.cab
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} "Installation Support" - "Yahoo! Inc." - C:\Programme\Yahoo!\Common\Yinsthelper.dll / C:\Programme\Yahoo!\Common\Yinsthelper.dll
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
{166B1BCA-3F9C-11CF-8075-444553540000} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Adobe\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10s.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@btrez.dll,-4015" - ? - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
"eBay - Der weltweite Online-Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4  (HTTP value)
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Plug-In" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Ask Toolbar" - "Ask.com" - C:\Programme\AskBarDis\bar\bin\askBar.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{201f27d4-3704-41d6-89c1-aa35e39143ed} "AskBar BHO" - "Ask.com" - C:\Programme\AskBarDis\bar\bin\askBar.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{7E853D72-626A-48EC-A868-BA8D5E23E045} "{7E853D72-626A-48EC-A868-BA8D5E23E045}" - ? -   (File not found | COM-object registry key not found)

[Logon]
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE  (Shortcut exists | File exists)
"desktop.ini" - ? - C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Device Detection" - ? - C:\Programme\fotokasten comfort - Tchibo Edition\dd.exe
"swg" - "Google Inc." - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"GrooveMonitor" - "Microsoft Corporation" - "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
"LanguageShortcut" - ? - C:\Programme\HomeCinema\PowerDVD\Language\Language.exe
"MGSysCtrl" - "Mirco-Star International  CO., LTD." - C:\Programme\System Control Manager\MGSysCtrl.exe
"QuickFinder Scheduler" - "Corel Corporation" - "C:\Programme\WordPerfect Office X3\Programs\QFSCHD130.EXE"
"UCam_Menu" - "CyberLink Corp." - "C:\Programme\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Programme\HomeCinema\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
"VirtualCloneDrive" - "Elaborate Bytes AG" - "C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"WinampAgent" - "Nullsoft, Inc." - C:\Programme\Winamp\winampa.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Bluetooth-Druckeranschluss" - "Broadcom Corporation." - C:\WINDOWS\system32\bthcrp.dll
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll  (File not found)
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Programme\Cyberlink\Shared files\RichVideo.exe
"Google Software Updater" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"Micro Star SCM" (Micro Star SCM) - ? - C:\Programme\System Control Manager\MSIService.exe  (File found, but it contains no detailed information)
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"ProtexisLicensing" (ProtexisLicensing) - ? - C:\WINDOWS\system32\PSIService.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll  (File not found)

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru





MBRCheck log:

Code:
ATTFilter
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:			
Windows Version:		Windows XP Home Edition
Windows Information:		Service Pack 3 (build 2600)
Logical Drives Mask:		0x0000001c

Kernel Drivers (total 113):
  0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
  0x806E6000 \WINDOWS\system32\hal.dll
  0xF7AF3000 \WINDOWS\system32\KDCOM.DLL
  0xF7A03000 \WINDOWS\system32\BOOTVID.dll
  0xF74C3000 ACPI.sys
  0xF7AF5000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
  0xF74B2000 pci.sys
  0xF75F3000 isapnp.sys
  0xF7A07000 compbatt.sys
  0xF7A0B000 \WINDOWS\system32\DRIVERS\BATTC.SYS
  0xF7603000 MountMgr.sys
  0xF7493000 ftdisk.sys
  0xF7873000 PartMgr.sys
  0xF7A0F000 ACPIEC.sys
  0xF7BBB000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
  0xF7613000 VolSnap.sys
  0xF73CB000 iaStor.sys
  0xF7623000 disk.sys
  0xF7633000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
  0xF73AB000 fltMgr.sys
  0xF7399000 sr.sys
  0xF7643000 PxHelp20.sys
  0xF7382000 KSecDD.sys
  0xF72F5000 Ntfs.sys
  0xF72C8000 NDIS.sys
  0xF72AE000 Mup.sys
  0xF661F000 \SystemRoot\system32\DRIVERS\igxpmp32.sys
  0xF660B000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
  0xF65E3000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0xF65C9000 \SystemRoot\system32\DRIVERS\Rtenicxp.sys
  0xF78C3000 \SystemRoot\system32\DRIVERS\usbuhci.sys
  0xF6519000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0xF78CB000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0xF7753000 \SystemRoot\system32\DRIVERS\i8042prt.sys
  0xF78D3000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0xF64E3000 \SystemRoot\system32\DRIVERS\SynTP.sys
  0xF7B3B000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0xF78DB000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0xF721E000 \SystemRoot\system32\DRIVERS\CmBatt.sys
  0xF721A000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
  0xF7763000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0xF63F2000 \SystemRoot\system32\DRIVERS\btkrnl.sys
  0xF7C07000 \SystemRoot\system32\DRIVERS\audstub.sys
  0xF7773000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0xF7216000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0xF63DB000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0xF7783000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0xF7793000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0xF78E3000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0xF63CA000 \SystemRoot\system32\DRIVERS\psched.sys
  0xF77A3000 \SystemRoot\system32\DRIVERS\msgpc.sys
  0xF78EB000 \SystemRoot\system32\DRIVERS\ptilink.sys
  0xF78F3000 \SystemRoot\system32\DRIVERS\raspti.sys
  0xF77B3000 \SystemRoot\system32\DRIVERS\termdd.sys
  0xF77C3000 \SystemRoot\system32\DRIVERS\VClone.sys
  0xF63B2000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
  0xF7B3D000 \SystemRoot\system32\DRIVERS\swenum.sys
  0xF638F000 \SystemRoot\system32\DRIVERS\ks.sys
  0xF6331000 \SystemRoot\system32\DRIVERS\update.sys
  0xF7AAB000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0xF7953000 \SystemRoot\system32\DRIVERS\btport.sys
  0xF6C05000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0xA8890000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0xA8880000 \SystemRoot\system32\DRIVERS\redbook.sys
  0xA61BD000 \SystemRoot\system32\drivers\RtkHDAud.sys
  0xA6199000 \SystemRoot\system32\drivers\portcls.sys
  0xA8537000 \SystemRoot\system32\drivers\drmk.sys
  0xA8517000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0xF7BA3000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
  0xA778C000 \SystemRoot\System32\Drivers\Null.SYS
  0xF7BA5000 \SystemRoot\System32\Drivers\Beep.SYS
  0xA8740000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0xA8738000 \SystemRoot\System32\drivers\vga.sys
  0xF7BA7000 \SystemRoot\System32\Drivers\mnmdd.SYS
  0xF7BA9000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0xA8730000 \SystemRoot\System32\Drivers\Msfs.SYS
  0xA8728000 \SystemRoot\System32\Drivers\Npfs.SYS
  0xA6690000 \SystemRoot\system32\DRIVERS\rasacd.sys
  0xA606C000 \SystemRoot\system32\DRIVERS\ipsec.sys
  0xA6013000 \SystemRoot\system32\DRIVERS\tcpip.sys
  0xA5FEB000 \SystemRoot\system32\DRIVERS\netbt.sys
  0xA5FA1000 \SystemRoot\System32\drivers\afd.sys
  0xA5F7B000 \SystemRoot\system32\DRIVERS\ipnat.sys
  0xA8507000 \SystemRoot\system32\DRIVERS\netbios.sys
  0xA5F50000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0xA5EE0000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0xA84F7000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0xA84D7000 \SystemRoot\System32\Drivers\Fips.SYS
  0xA4814000 \SystemRoot\System32\Drivers\RTS5121.sys
  0xA66DC000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
  0x9EADF000 \SystemRoot\System32\Drivers\Fastfat.SYS
  0x9EA17000 \SystemRoot\System32\Drivers\dump_iaStor.sys
  0xBF800000 \SystemRoot\System32\win32k.sys
  0x9F925000 \SystemRoot\System32\drivers\Dxapi.sys
  0x9F808000 \SystemRoot\System32\watchdog.sys
  0xBF000000 \SystemRoot\System32\drivers\dxg.sys
  0xF7D16000 \SystemRoot\System32\drivers\dxgthk.sys
  0xBF024000 \SystemRoot\System32\igxpgd32.dll
  0xBF012000 \SystemRoot\System32\igxprd32.dll
  0xBF04F000 \SystemRoot\System32\igxpdv32.DLL
  0xBF1E7000 \SystemRoot\System32\igxpdx32.DLL
  0xBF47A000 \SystemRoot\System32\ATMFD.DLL
  0xF722A000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0x9E9EA000 \SystemRoot\system32\DRIVERS\mrxdav.sys
  0x9E9AD000 \SystemRoot\system32\drivers\wdmaud.sys
  0x9F2F6000 \SystemRoot\system32\drivers\sysaudio.sys
  0x9E773000 \SystemRoot\system32\DRIVERS\srv.sys
  0xF77E3000 \SystemRoot\System32\Drivers\Cdfs.SYS
  0x9E16A000 \SystemRoot\System32\Drivers\HTTP.sys
  0x9DECE000 \??\C:\DOKUME~1\***\LOKALE~1\Temp\axloquob.sys
  0x9DE42000 \SystemRoot\system32\DRIVERS\RT2860.sys
  0x9DD4C000 \SystemRoot\system32\drivers\kmixer.sys
  0x7C910000 \WINDOWS\system32\ntdll.dll

Processes (total 41):
       0 System Idle Process
       4 System
     744 C:\WINDOWS\system32\smss.exe
     792 csrss.exe
     816 C:\WINDOWS\system32\winlogon.exe
     860 C:\WINDOWS\system32\services.exe
     872 C:\WINDOWS\system32\lsass.exe
    1024 C:\WINDOWS\system32\svchost.exe
    1084 svchost.exe
    1124 C:\WINDOWS\system32\svchost.exe
    1148 C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    1204 svchost.exe
    1284 svchost.exe
    1516 C:\WINDOWS\system32\spoolsv.exe
    1616 svchost.exe
    1848 C:\WINDOWS\explorer.exe
    1988 C:\Programme\Java\jre6\bin\jqs.exe
    2020 C:\Programme\System Control Manager\MSIService.exe
     160 C:\WINDOWS\system32\PSIService.exe
     200 C:\Programme\Cyberlink\Shared files\RichVideo.exe
     244 C:\WINDOWS\system32\svchost.exe
    1840 C:\WINDOWS\system32\igfxtray.exe
    1884 C:\WINDOWS\system32\hkcmd.exe
    1868 C:\WINDOWS\system32\igfxpers.exe
     144 C:\WINDOWS\system32\igfxsrvc.exe
    2040 C:\WINDOWS\RTHDCPL.exe
    1704 C:\Programme\Synaptics\SynTP\SynTPEnh.exe
    1448 C:\Programme\System Control Manager\MGSysCtrl.exe
     976 C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
     520 C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
     664 C:\Programme\Winamp\winampa.exe
    1556 C:\Programme\fotokasten comfort - Tchibo Edition\dd.exe
    1348 C:\WINDOWS\system32\wbem\unsecapp.exe
    1372 C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    1400 C:\WINDOWS\system32\ctfmon.exe
    1432 wmiprvse.exe
    2208 C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE
    2336 alg.exe
    2400 C:\WINDOWS\system32\wscntfy.exe
    2540 C:\WINDOWS\system32\wbem\wmiapsrv.exe
    2344 C:\Dokumente und Einstellungen\***\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00  (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000021`7a521200  (FAT32)

PhysicalDrive0 Model Number: ST9160310AS, Rev: SD03    

      Size  Device Name          MBR Status
  --------------------------------------------
    149 GB  \\.\PhysicalDrive0   Windows XP MBR code detected
            SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11


Done!

Danke und Gruß,
Lois

 

Themen zu "Windows Recovery" mit Malwarebytes entfernt -- Notebook evtl. noch nicht sauber?
0x00000001, askbar, converter, disabletaskmgr, festplatte, flash player, geliefert, homepage, iexplore.exe, infizierte dateien, jar_cache, microsoft office word, nicht sicher, office 2007, plug-in, pum.hijack.taskmanager, realtek, schwarzer desktop, security update, shell32.dll, software, trojan.fakealert, trojan.fakealert.gen, usb 2.0, windows, windows internet, zugriff verweigert


« Metropolitan-Police Trojaner mit Systemwiederherstellung erfolgreich gelöscht? | Recovery-Opfer nach malware geht es wie mit otl weiter »


Ähnliche Themen: "Windows Recovery" mit Malwarebytes entfernt -- Notebook evtl. noch nicht sauber?


  1. "Fehler: Server nicht gefunden" immer noch nach "WAJAM.A.1"-Befall
    Plagegeister aller Art und deren Bekämpfung - 05.11.2014 (15)
  2. Vermutlich Adware probleme - "synzmetr.exe ; frag-den-doc.de ; evtl. noch mehr"
    Plagegeister aller Art und deren Bekämpfung - 25.07.2014 (15)
  3. Windows 8.1: Bitdefender Fund "gen.variant.symmi.[NUMMER]" Kann nicht entfernt werden.
    Log-Analyse und Auswertung - 16.02.2014 (2)
  4. Malwarebytes hat "Babylon" entdeckt und beseitigt, ist mein Rechner jetzt sauber?
    Plagegeister aller Art und deren Bekämpfung - 13.10.2013 (15)
  5. Laptop nach GVU-Trojaner Befall wieder am Laufen aber bestimmt noch nicht "sauber"
    Plagegeister aller Art und deren Bekämpfung - 23.07.2013 (11)
  6. Notebook bootet nicht, Fehlermeldung "windows\system 32\drivers\aswRvrt.sys" "status: 0Xc0000221"
    Plagegeister aller Art und deren Bekämpfung - 18.06.2013 (17)
  7. "C:\Windows\assembly\GAC_MSIL\Desktop.ini" kann nicht entfernt werden!
    Log-Analyse und Auswertung - 11.04.2012 (2)
  8. "Data Restore" entfernt - Rechner komplett sauber?
    Log-Analyse und Auswertung - 09.04.2012 (20)
  9. "Windows nicht mehr sicher" Trojaner/Virus entfernt?
    Plagegeister aller Art und deren Bekämpfung - 12.03.2012 (1)
  10. Nicht sicher, ob PC nach "System Fix" Entfernung wieder "sauber"
    Log-Analyse und Auswertung - 07.01.2012 (18)
  11. Überbleibsel des "Bundespolizei"/"Windows System Recovery" -Trojaners
    Log-Analyse und Auswertung - 25.11.2011 (47)
  12. "Malware Protection" entfernt und nun "Windows Vista Restore" und diverse Festplattenwarnungen
    Plagegeister aller Art und deren Bekämpfung - 17.06.2011 (28)
  13. PC clean? "Windows 7 Recovery " entfernt mit Trojaner-Board Anleitung
    Log-Analyse und Auswertung - 01.06.2011 (12)
  14. "Recovery"- und"Bundeskriminalamt"-Malware; Rkill und Malwarebytes öffnen sich nicht
    Plagegeister aller Art und deren Bekämpfung - 29.05.2011 (9)
  15. "Recovery"- und"Bundeskriminalamt"-Malware; Rkill und Malwarebytes öffnen sich nicht
    Antiviren-, Firewall- und andere Schutzprogramme - 29.05.2011 (2)
  16. "Stutter.X,"Windows XP recovery"-Aufforderung, "Festplatte beschädigt"-Meldung, Bildschrim schwarz,
    Log-Analyse und Auswertung - 28.05.2011 (20)
  17. Malwarebytes meldung "Security.Hijack" evtl. TrojanSpy:Win32/Bebloh.A infektion
    Plagegeister aller Art und deren Bekämpfung - 14.05.2010 (19)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema "Windows Recovery" mit Malwarebytes entfernt -- Notebook evtl. noch nicht sauber? - Hi Arne, here we go: GMER log: Code: Alles auswählen Aufklappen ATTFilter GMER 1.0.15.15640 - hxxp://www.gmer.net Rootkit scan 2011-06-23 12:02:09 Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST916031 rev.SD03 - "Windows Recovery" mit Malwarebytes entfernt -- Notebook evtl. noch nicht sauber?...
Archiv
Du betrachtest: "Windows Recovery" mit Malwarebytes entfernt -- Notebook evtl. noch nicht sauber? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19