Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Yontoo 1.10.02, RootKitAccess

Yontoo 1.10.02, RootKitAccess


Plagegeister aller Art und deren Bekämpfung: Yontoo 1.10.02, RootKitAccess

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 4 von 4 « Erste 23 4
Alt 07.04.2013, 20:50   #46
aharonov
/// TB-Ausbilder
 
Yontoo 1.10.02, RootKitAccess - Standard

Yontoo 1.10.02, RootKitAccess


Ok, dann:


Lade dir bitte BlitzBlank (von Emsisoft) herunter und speichere es auf den Desktop.
  • Starte die BlitzBlank.exe und bestätige die Warnung mit OK.
  • Wechsle in den Reiter Script.
  • Kopiere nun folgenden Inhalt aus der Codebox und füge ihn ins Textfeld von BlitzBlank ein:
    (Wichtig: Falls du deinen Benutzernamen unkenntlich gemacht hast (z.B. durch ***), dann mach das hier im Skript wieder rückgängig.)
    Code:
    ATTFilter
    DeleteFolder:
C:\028400ff82ebe131fa4ddb
C:\04f306920f957153640e166e24
C:\1070ab2172b984fda4
C:\144a34f9014e5a04ed565c636d
C:\29bd94c6368a461105db
C:\2c5bc8a548f55b6e74166070e2
C:\37d7b130e47b51ef6ab1b4a7a893bda5
C:\3ce31d4563a9032f7a1695dc91
C:\41322c52a401c9771995
C:\497c50009f4d943ea04e
C:\4c95bf441978a49f4e959b9286
C:\505d135c245ac49998
C:\5079e70917c8c1ae1f
C:\530ba9c8fad932f9358a1324
C:\5d3cd820d23d38204b1f50803608
C:\630dc4c59e58d39240234ae8
C:\637779ce29fabb2b072e868c
C:\6434b20709812de8465309a0de
C:\72ee744f4ea283cefa9ea2
C:\788a1c8d5697a210a7
C:\7909414813e615744eac
C:\79a538ecf621240df134
C:\82d0d7a58f91d6f543d33d
C:\86cc027f15c92c73789210e35360ba
C:\87bfbef07d97463aaa26979f943585aa
C:\87cb6e9bf70b6adda316d2a93226853a
C:\9383f6469f2b42ffcc43bcc2
C:\9448ee8ea0acdbb7f0d0217900
C:\977b324f966c710b3a2ca9706a7b254d
C:\a57ebd56f0ff7aea7d446a396bbb
C:\a61cb58f46d80aaf6874a7ab8c609e
C:\a9e57554d4565affc23c
C:\ad7961677f5c4817098ff628804a
C:\b3932403f1f740cef70ba005
C:\b44e8dc639c80aeac0a076cb7e
C:\c00f737d3b6ba838f4
C:\c8615056f13303404f
C:\d6b0378eabefe90263ce1478b92796
C:\e2f4d2fbe0b96c60f45f0d
C:\e486b76e32143330e605fbabdb
C:\eceedb9faf0ada27dfc1d456fa
C:\efb932a808458c293935c879f422d675
C:\f24f6388f31fd1971adbb8
C:\f2f891b9c806289f198083
C:\f463bd2e88e7bd909ad379f4a1
C:\fb2ce738514d20f2b6f3c6f8
C:\fe1c11490544867598f939a27c8a0f
  • Schliesse jetzt alle anderen laufenden Programme und Anwendungen.
  • Drücke dann auf Jetzt ausführen.
  • Bestätige die Warnung und den Neustart jeweils mit OK. Der Rechner wird neu gestartet.
  • Nach dem Neustart findest du ein Logfile unter C:\blitzblank.log. Poste dessen Inhalt bitte hier in deinen Thread.
__________________
cheers,
Leo

Alt 07.04.2013, 21:45   #47
SMC36
 
Yontoo 1.10.02, RootKitAccess - Standard

Yontoo 1.10.02, RootKitAccess


Hallo!

Hier der BlitzBlank-Logfile:

Code:
ATTFilter
BlitzBlank 1.0.0.32

File/Registry Modification Engine native application
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\028400ff82ebe131fa4ddb", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\028400ff82ebe131fa4ddb\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\028400ff82ebe131fa4ddb\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\028400ff82ebe131fa4ddb\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\04f306920f957153640e166e24", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\04f306920f957153640e166e24\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\04f306920f957153640e166e24\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\04f306920f957153640e166e24\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\1070ab2172b984fda4", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\1070ab2172b984fda4\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\1070ab2172b984fda4\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\1070ab2172b984fda4\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\144a34f9014e5a04ed565c636d", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\144a34f9014e5a04ed565c636d\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\144a34f9014e5a04ed565c636d\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\144a34f9014e5a04ed565c636d\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\29bd94c6368a461105db", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\29bd94c6368a461105db\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\29bd94c6368a461105db\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\29bd94c6368a461105db\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\2c5bc8a548f55b6e74166070e2", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\2c5bc8a548f55b6e74166070e2\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\2c5bc8a548f55b6e74166070e2\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\2c5bc8a548f55b6e74166070e2\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\37d7b130e47b51ef6ab1b4a7a893bda5", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\37d7b130e47b51ef6ab1b4a7a893bda5\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\37d7b130e47b51ef6ab1b4a7a893bda5\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\37d7b130e47b51ef6ab1b4a7a893bda5\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\3ce31d4563a9032f7a1695dc91", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\3ce31d4563a9032f7a1695dc91\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\3ce31d4563a9032f7a1695dc91\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\3ce31d4563a9032f7a1695dc91\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\41322c52a401c9771995", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\41322c52a401c9771995\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\41322c52a401c9771995\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\41322c52a401c9771995\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\497c50009f4d943ea04e", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\497c50009f4d943ea04e\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\497c50009f4d943ea04e\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\497c50009f4d943ea04e\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\4c95bf441978a49f4e959b9286", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\4c95bf441978a49f4e959b9286\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\4c95bf441978a49f4e959b9286\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\4c95bf441978a49f4e959b9286\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\505d135c245ac49998", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\505d135c245ac49998\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\505d135c245ac49998\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\505d135c245ac49998\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\5079e70917c8c1ae1f", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\5079e70917c8c1ae1f\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\5079e70917c8c1ae1f\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\5079e70917c8c1ae1f\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\530ba9c8fad932f9358a1324", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\530ba9c8fad932f9358a1324\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\530ba9c8fad932f9358a1324\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\530ba9c8fad932f9358a1324\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\5d3cd820d23d38204b1f50803608", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\5d3cd820d23d38204b1f50803608\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\5d3cd820d23d38204b1f50803608\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\5d3cd820d23d38204b1f50803608\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\630dc4c59e58d39240234ae8", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\630dc4c59e58d39240234ae8\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\630dc4c59e58d39240234ae8\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\630dc4c59e58d39240234ae8\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\637779ce29fabb2b072e868c", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\637779ce29fabb2b072e868c\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\637779ce29fabb2b072e868c\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\637779ce29fabb2b072e868c\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\6434b20709812de8465309a0de", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\6434b20709812de8465309a0de\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\6434b20709812de8465309a0de\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\6434b20709812de8465309a0de\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\72ee744f4ea283cefa9ea2", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\72ee744f4ea283cefa9ea2\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\72ee744f4ea283cefa9ea2\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\72ee744f4ea283cefa9ea2\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\788a1c8d5697a210a7", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\788a1c8d5697a210a7\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\788a1c8d5697a210a7\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\788a1c8d5697a210a7\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\7909414813e615744eac", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\7909414813e615744eac\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\7909414813e615744eac\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\7909414813e615744eac\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\79a538ecf621240df134", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\79a538ecf621240df134\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\79a538ecf621240df134\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\79a538ecf621240df134\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\82d0d7a58f91d6f543d33d", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\82d0d7a58f91d6f543d33d\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\82d0d7a58f91d6f543d33d\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\82d0d7a58f91d6f543d33d\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\86cc027f15c92c73789210e35360ba", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\86cc027f15c92c73789210e35360ba\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\86cc027f15c92c73789210e35360ba\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\86cc027f15c92c73789210e35360ba\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\87bfbef07d97463aaa26979f943585aa", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\87bfbef07d97463aaa26979f943585aa\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\87bfbef07d97463aaa26979f943585aa\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\87bfbef07d97463aaa26979f943585aa\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\87cb6e9bf70b6adda316d2a93226853a", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\87cb6e9bf70b6adda316d2a93226853a\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\87cb6e9bf70b6adda316d2a93226853a\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\87cb6e9bf70b6adda316d2a93226853a\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\9383f6469f2b42ffcc43bcc2", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\9383f6469f2b42ffcc43bcc2\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\9383f6469f2b42ffcc43bcc2\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\9383f6469f2b42ffcc43bcc2\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\9448ee8ea0acdbb7f0d0217900", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\9448ee8ea0acdbb7f0d0217900\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\9448ee8ea0acdbb7f0d0217900\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\9448ee8ea0acdbb7f0d0217900\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\977b324f966c710b3a2ca9706a7b254d", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\977b324f966c710b3a2ca9706a7b254d\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\977b324f966c710b3a2ca9706a7b254d\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\977b324f966c710b3a2ca9706a7b254d\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\a57ebd56f0ff7aea7d446a396bbb", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\a57ebd56f0ff7aea7d446a396bbb\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\a57ebd56f0ff7aea7d446a396bbb\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\a57ebd56f0ff7aea7d446a396bbb\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\a61cb58f46d80aaf6874a7ab8c609e", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\a61cb58f46d80aaf6874a7ab8c609e\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\a61cb58f46d80aaf6874a7ab8c609e\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\a61cb58f46d80aaf6874a7ab8c609e\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\a9e57554d4565affc23c", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\a9e57554d4565affc23c\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\a9e57554d4565affc23c\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\a9e57554d4565affc23c\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\ad7961677f5c4817098ff628804a", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\ad7961677f5c4817098ff628804a\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\ad7961677f5c4817098ff628804a\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\ad7961677f5c4817098ff628804a\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\b3932403f1f740cef70ba005", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\b3932403f1f740cef70ba005\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\b3932403f1f740cef70ba005\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\b3932403f1f740cef70ba005\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\b44e8dc639c80aeac0a076cb7e", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\b44e8dc639c80aeac0a076cb7e\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\b44e8dc639c80aeac0a076cb7e\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\b44e8dc639c80aeac0a076cb7e\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\c00f737d3b6ba838f4", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\c00f737d3b6ba838f4\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\c00f737d3b6ba838f4\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\c00f737d3b6ba838f4\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\c8615056f13303404f", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\c8615056f13303404f\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\c8615056f13303404f\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\c8615056f13303404f\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\d6b0378eabefe90263ce1478b92796", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\d6b0378eabefe90263ce1478b92796\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\d6b0378eabefe90263ce1478b92796\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\d6b0378eabefe90263ce1478b92796\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\e2f4d2fbe0b96c60f45f0d", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\e2f4d2fbe0b96c60f45f0d\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\e2f4d2fbe0b96c60f45f0d\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\e2f4d2fbe0b96c60f45f0d\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\e486b76e32143330e605fbabdb", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\e486b76e32143330e605fbabdb\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\e486b76e32143330e605fbabdb\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\e486b76e32143330e605fbabdb\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\eceedb9faf0ada27dfc1d456fa", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\eceedb9faf0ada27dfc1d456fa\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\eceedb9faf0ada27dfc1d456fa\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\eceedb9faf0ada27dfc1d456fa\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\efb932a808458c293935c879f422d675", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\efb932a808458c293935c879f422d675\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\efb932a808458c293935c879f422d675\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\efb932a808458c293935c879f422d675\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\f24f6388f31fd1971adbb8", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\f24f6388f31fd1971adbb8\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\f24f6388f31fd1971adbb8\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\f24f6388f31fd1971adbb8\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\f2f891b9c806289f198083", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\f2f891b9c806289f198083\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\f2f891b9c806289f198083\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\f2f891b9c806289f198083\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\f463bd2e88e7bd909ad379f4a1", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\f463bd2e88e7bd909ad379f4a1\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\f463bd2e88e7bd909ad379f4a1\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\f463bd2e88e7bd909ad379f4a1\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\fb2ce738514d20f2b6f3c6f8", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\fb2ce738514d20f2b6f3c6f8\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\fb2ce738514d20f2b6f3c6f8\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\fb2ce738514d20f2b6f3c6f8\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\fe1c11490544867598f939a27c8a0f", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\fe1c11490544867598f939a27c8a0f\bProtectorForWindows", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\fe1c11490544867598f939a27c8a0f\bProtectorForWindows\2.2.463.83", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\fe1c11490544867598f939a27c8a0f\searchplugins", destinationDirectory = "(null)", replaceWithDummy = 0
O.K.?

SMC36
__________________
Alt 07.04.2013, 21:54   #48
aharonov
/// TB-Ausbilder
 
Yontoo 1.10.02, RootKitAccess - Standard

Yontoo 1.10.02, RootKitAccess


OK, bestehen jetzt im Moment noch Probleme auf dem Rechner?
__________________
__________________
Alt 08.04.2013, 17:10   #49
SMC36
 
Yontoo 1.10.02, RootKitAccess - Standard

Yontoo 1.10.02, RootKitAccess


Zitat:
Zitat von aharonov Beitrag anzeigen
OK, bestehen jetzt im Moment noch Probleme auf dem Rechner?
Hallo!

Ich habe noch 6 solcher Ordner (bprotector? "Zugriff verweigert") auf dem C-Boot, die offensichtlich nicht gelöscht wurden. Muss ich das noch nachholen?

Ansonsten ist wohl alles o.k.

Grüße
SMC36

Alt 08.04.2013, 17:11   #50
aharonov
/// TB-Ausbilder
 
Yontoo 1.10.02, RootKitAccess - Standard

Yontoo 1.10.02, RootKitAccess


  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
dir /a/b "C:\" /c
c:|bprotector;true;true;true /FP
  • Schliesse bitte alle anderen Programme.
  • Klicke nun auf None (deutsch "Nichts") und danach auf den Scan Button.
  • Kopiere danach den Inhalt der OTL.txt hier in deinen Thread.

__________________
cheers,
Leo
Geändert von aharonov (08.04.2013 um 17:48 Uhr)

Alt 08.04.2013, 20:14   #51
SMC36
 
Yontoo 1.10.02, RootKitAccess - Standard

Yontoo 1.10.02, RootKitAccess


Hallo!
PC ist beim OTL-Scan abgestürzt. Soll ich den Scan nochmal probieren?
Grüße
SMC36

Alt 08.04.2013, 20:19   #52
aharonov
/// TB-Ausbilder
 
Yontoo 1.10.02, RootKitAccess - Standard

Yontoo 1.10.02, RootKitAccess


Ja, versuch es bitte noch einmal.
__________________
cheers,
Leo

Alt 09.04.2013, 13:12   #53
SMC36
 
Yontoo 1.10.02, RootKitAccess - Standard

Yontoo 1.10.02, RootKitAccess


Hallo!

Der OTL-Scan:

Code:
ATTFilter
OTL logfile created on: 09.04.2013 13:53:20 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Stefan\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,76 Gb Available Physical Memory | 37,95% Memory free
4,21 Gb Paging File | 2,73 Gb Available in Paging File | 64,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 122,59 Gb Total Space | 73,76 Gb Free Space | 60,17% Space Free | Partition Type: NTFS
Drive D: | 26,45 Gb Total Space | 17,17 Gb Free Space | 64,93% Space Free | Partition Type: FAT32
 
Computer Name: STEFAN-PC | User Name: Stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
========== Custom Scans ==========
 
< dir /a/b "C:\" /c >
$RECYCLE.BIN
2438174a4b512dea4ce3950edb
6f14471a14ed234dbe95db0655c274ce
885e2c574b6663e090
8e22877e5abde1486614352ccfe3fc
autoexec.bat
b173c7f3ba70a278ece0
blitzblank.log
Boot
bootmgr
BOOTSECT.BAK
chatzum_nt.exe
config.sys
DelFix.txt
Documents and Settings
Dokumente und Einstellungen
ea13a4c05e4f60363acc2b
eula.1031.txt
found.000
found.001
Fraps
Games
GAMIGO
globdata.ini
HbUser
install.ini
install.res.1031.dll
Intel
IO.SYS
MSDOS.SYS
MSOCache
NET.INI
pagefile.sys
pcwdbg.log
PDVD.iss
PerfLogs
Program Files
ProgramData
Programme
searchplugins
System Volume Information
T-Online_Software_6
Team17
temp
TO_InstallLog.txt
ugdiqpob.sys
Users
vcredist.bmp
VC_RED.cab
VC_RED.MSI
Windows
_OTL
 
< c:|bprotector;true;true;true /FP >
[2013.04.05 19:59:17 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_bProtectorForWindows
[2012.09.18 10:56:18 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:17 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_\bProtectorForWindows
[2012.11.23 17:51:31 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_028400ff82ebe131fa4ddb\bProtectorForWindows
[2012.09.25 13:45:33 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_04f306920f957153640e166e24\bProtectorForWindows
[2012.11.20 17:06:19 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_1070ab2172b984fda4\bProtectorForWindows
[2012.09.11 14:26:38 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_144a34f9014e5a04ed565c636d\bProtectorForWindows
[2012.07.28 09:54:14 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_29bd94c6368a461105db\bProtectorForWindows
[2013.01.05 14:52:15 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_2c5bc8a548f55b6e74166070e2\bProtectorForWindows
[2012.09.21 17:29:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_37d7b130e47b51ef6ab1b4a7a893bda5\bProtectorForWindows
[2012.10.05 14:29:48 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_3ce31d4563a9032f7a1695dc91\bProtectorForWindows
[2012.09.04 14:03:17 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_41322c52a401c9771995\bProtectorForWindows
[2012.10.19 17:47:53 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_497c50009f4d943ea04e\bProtectorForWindows
[2012.07.17 15:57:42 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_4c95bf441978a49f4e959b9286\bProtectorForWindows
[2012.10.19 17:48:25 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_505d135c245ac49998\bProtectorForWindows
[2013.01.18 11:52:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_5079e70917c8c1ae1f\bProtectorForWindows
[2012.07.15 18:57:11 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_530ba9c8fad932f9358a1324\bProtectorForWindows
[2012.12.07 19:13:17 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_5d3cd820d23d38204b1f50803608\bProtectorForWindows
[2012.11.16 18:57:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_630dc4c59e58d39240234ae8\bProtectorForWindows
[2013.01.23 17:41:25 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_637779ce29fabb2b072e868c\bProtectorForWindows
[2012.10.09 14:52:04 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_6434b20709812de8465309a0de\bProtectorForWindows
[2012.10.18 20:33:57 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_72ee744f4ea283cefa9ea2\bProtectorForWindows
[2012.09.18 12:13:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_788a1c8d5697a210a7\bProtectorForWindows
[2012.09.07 10:15:40 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_7909414813e615744eac\bProtectorForWindows
[2012.07.26 13:13:08 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_79a538ecf621240df134\bProtectorForWindows
[2012.11.02 16:59:10 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_82d0d7a58f91d6f543d33d\bProtectorForWindows
[2012.08.03 11:34:07 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_86cc027f15c92c73789210e35360ba\bProtectorForWindows
[2012.12.01 10:19:26 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_87bfbef07d97463aaa26979f943585aa\bProtectorForWindows
[2012.11.13 18:00:12 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_87cb6e9bf70b6adda316d2a93226853a\bProtectorForWindows
[2012.07.20 15:06:36 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_9383f6469f2b42ffcc43bcc2\bProtectorForWindows
[2012.11.09 18:04:18 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_9448ee8ea0acdbb7f0d0217900\bProtectorForWindows
[2012.07.10 14:10:15 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_977b324f966c710b3a2ca9706a7b254d\bProtectorForWindows
[2012.10.02 13:05:08 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_a57ebd56f0ff7aea7d446a396bbb\bProtectorForWindows
[2012.08.01 15:44:12 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_a61cb58f46d80aaf6874a7ab8c609e\bProtectorForWindows
[2012.10.23 15:57:57 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_a9e57554d4565affc23c\bProtectorForWindows
[2013.01.03 21:58:39 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_ad7961677f5c4817098ff628804a\bProtectorForWindows
[2012.08.17 19:14:37 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_b3932403f1f740cef70ba005\bProtectorForWindows
[2012.11.06 12:06:58 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_b44e8dc639c80aeac0a076cb7e\bProtectorForWindows
[2012.08.24 12:53:26 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_c00f737d3b6ba838f4\bProtectorForWindows
[2012.12.19 15:53:37 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_c8615056f13303404f\bProtectorForWindows
[2012.12.30 21:11:52 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_d6b0378eabefe90263ce1478b92796\bProtectorForWindows
[2012.08.30 09:07:39 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_e2f4d2fbe0b96c60f45f0d\bProtectorForWindows
[2012.09.28 13:57:45 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_e486b76e32143330e605fbabdb\bProtectorForWindows
[2012.09.06 11:13:43 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_eceedb9faf0ada27dfc1d456fa\bProtectorForWindows
[2013.01.08 18:38:37 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_efb932a808458c293935c879f422d675\bProtectorForWindows
[2012.11.16 19:03:03 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_f24f6388f31fd1971adbb8\bProtectorForWindows
[2012.10.12 14:28:00 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_f2f891b9c806289f198083\bProtectorForWindows
[2012.08.21 10:20:34 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_f463bd2e88e7bd909ad379f4a1\bProtectorForWindows
[2012.08.31 12:16:38 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_fb2ce738514d20f2b6f3c6f8\bProtectorForWindows
[2012.10.30 15:55:46 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_fe1c11490544867598f939a27c8a0f\bProtectorForWindows
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Fraps\bProtectorForWindows
[2012.07.08 19:46:44 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Fraps\bProtectorForWindows\2.1.419.7
[2012.09.04 15:12:01 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Fraps\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_GAMIGO\LastChaosGER\bProtectorForWindows
[2012.07.09 16:32:14 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_GAMIGO\LastChaosGER\bProtectorForWindows\2.1.419.7
[2012.07.09 16:32:14 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_GAMIGO\LastChaosGER\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Common Files\Mcafee\HackerWatch\bProtectorForWindows
[2012.07.09 13:02:34 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Common Files\Mcafee\HackerWatch\bProtectorForWindows\2.1.419.7
[2012.07.11 13:53:28 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Common Files\Mcafee\HackerWatch\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Common Files\Mcafee\McSvcHost\bProtectorForWindows
[2012.07.09 13:00:26 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Common Files\Mcafee\McSvcHost\bProtectorForWindows\2.1.419.7
[2012.07.09 15:34:54 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Common Files\Mcafee\McSvcHost\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\EA Games\bProtectorForWindows
[2012.08.17 19:29:19 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\EA Games\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\EA Games\Need for Speed Underground 2\bProtectorForWindows
[2012.08.22 12:13:20 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\EA Games\Need for Speed Underground 2\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\EA Games\NFS Underground\bProtectorForWindows
[2012.09.25 19:20:49 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\EA Games\NFS Underground\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Electronic Arts\Need For Speed III\3dSetup\bProtectorForWindows
[2012.11.09 20:06:50 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Electronic Arts\Need For Speed III\3dSetup\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Google\bProtectorForWindows
[2012.11.26 18:21:39 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Google\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Google\Picasa3\bProtectorForWindows
[2012.09.22 20:49:45 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Google\Picasa3\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Malwarebytes' Anti-Malware\bProtectorForWindows
[2012.09.04 14:46:29 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Malwarebytes' Anti-Malware\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Maxis\Die Sims\bProtectorForWindows
[2012.07.22 13:00:49 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Maxis\Die Sims\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:21 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\MPF\bProtectorForWindows
[2012.07.29 13:18:33 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\MPF\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\MPS\bProtectorForWindows
[2012.09.22 15:02:09 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\MPS\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\MQS\bProtectorForWindows
[2012.09.22 15:02:15 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\MQS\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\MSC\bProtectorForWindows
[2012.07.09 13:02:29 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\MSC\bProtectorForWindows\2.1.419.7
[2012.07.11 13:52:32 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\MSC\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\SiteAdvisor\bProtectorForWindows
[2012.07.22 12:09:04 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\SiteAdvisor\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\VirusScan\bProtectorForWindows
[2012.07.09 13:02:32 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\VirusScan\bProtectorForWindows\2.1.419.7
[2012.07.11 13:53:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee\VirusScan\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee.com\Agent\bProtectorForWindows
[2012.07.09 13:02:29 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee.com\Agent\bProtectorForWindows\2.1.419.7
[2012.07.09 16:31:53 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\McAfee.com\Agent\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\PC Performer\bProtectorForWindows
[2012.07.09 15:30:15 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\PC Performer\bProtectorForWindows\2.1.419.7
[2012.07.09 15:30:14 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\PC Performer\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Samsung\Samsung New PC Studio\bProtectorForWindows
[2012.09.22 16:33:34 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Samsung\Samsung New PC Studio\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\T-Online\T-Online_Software_6\Banking\bProtectorForWindows
[2012.09.21 21:25:32 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\T-Online\T-Online_Software_6\Banking\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\T-Online\T-Online_Software_6\Browser\bProtectorForWindows
[2012.09.22 20:47:17 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\T-Online\T-Online_Software_6\Browser\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\TuneUp Utilities 2011\bProtectorForWindows
[2012.07.30 17:07:44 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\TuneUp Utilities 2011\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Ubisoft\Detection\bProtectorForWindows
[2012.09.11 11:35:14 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Ubisoft\Detection\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Ubisoft\Register\bProtectorForWindows
[2012.09.11 11:26:29 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Program Files\Ubisoft\Register\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\c_ProgramData\bProtectorForWindows
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\c_ProgramData\bProtectorForWindows\2.6.1125.80
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\c_ProgramData\Electronic Arts\Need For Speed World\bProtectorForWindows
[2012.08.31 11:59:47 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\c_ProgramData\Electronic Arts\Need For Speed World\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\c_ProgramData\T-Online\T-Online_Software_6\Basis-Software\update\clone\bProtectorForWindows
[2012.09.21 21:25:22 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\c_ProgramData\T-Online\T-Online_Software_6\Basis-Software\update\clone\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Team17\Worms 3D\bProtectorForWindows
[2012.10.12 14:22:33 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Team17\Worms 3D\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\AppData\Local\VirtualStore\Program Files\Aldi Süd Foto Service\bProtectorForWindows
[2012.09.22 14:44:00 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\AppData\Local\VirtualStore\Program Files\Aldi Süd Foto Service\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\AppData\Local\VirtualStore\Program Files\McAfee Online Backup\bProtectorForWindows
[2012.10.02 11:13:25 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\AppData\Local\VirtualStore\Program Files\McAfee Online Backup\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\AppData\Local\VirtualStore\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\bProtectorForWindows
[2012.07.30 16:24:05 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\AppData\Local\VirtualStore\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\AppData\Local\VirtualStore\Windows\bProtectorForWindows
[2012.10.21 16:54:00 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\AppData\Local\VirtualStore\Windows\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\Documents\Pfarrei Hl. Engel\bProtectorForWindows
[2013.01.26 18:55:18 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\Documents\Pfarrei Hl. Engel\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\Documents\Privat\bProtectorForWindows
[2012.12.11 19:56:56 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\Documents\Privat\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\Downloads\bProtectorForWindows
[2013.01.05 14:42:51 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\Downloads\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\Pictures\bProtectorForWindows
[2012.10.09 16:47:45 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\Pictures\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:23 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\Pictures\Diashow Stefan\bProtectorForWindows
[2012.09.22 17:12:02 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\Pictures\Diashow Stefan\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:24 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\Videos\bProtectorForWindows
[2012.10.10 16:49:58 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\EMail und InterNet\Videos\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:24 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\Public\Pictures\Sample Pictures\bProtectorForWindows
[2012.12.20 22:12:03 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\Public\Pictures\Sample Pictures\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:24 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\Stefan\AppData\Local\VirtualStore\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\bProtectorForWindows
[2012.07.19 20:03:31 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\Stefan\AppData\Local\VirtualStore\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:24 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\Stefan\Downloads\bProtectorForWindows
[2012.09.04 15:11:37 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Users\Stefan\Downloads\bProtectorForWindows\2.2.463.83
[2013.04.05 19:59:24 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Windows\Microsoft.NET\Framework\v4.0.30319\bProtectorForWindows
[2012.11.16 18:59:13 | 000,000,000 | ---D | M] -- c:\_OTL\MovedFiles\04052013_195914\C_Windows\Microsoft.NET\Framework\v4.0.30319\bProtectorForWindows\2.2.463.83
[2013.03.21 13:03:13 | 000,003,338 | ---- | M] () -- c:\_OTL\MovedFiles\04052013_195914\C_Windows\System32\Tasks\bProtector
 
<           >

< End of report >
Was sagst du zum Scan?

Grüße
SMC36

Alt 09.04.2013, 13:35   #54
aharonov
/// TB-Ausbilder
 
Yontoo 1.10.02, RootKitAccess - Standard

Yontoo 1.10.02, RootKitAccess


Ok, die gefundenen bprotector sind alle bereits in Quarantäne. Der ist weg.
Falls von deiner Seite nichts mehr offen ist, können wir das Thema beenden.
__________________
cheers,
Leo

Alt 09.04.2013, 17:18   #55
SMC36
 
Yontoo 1.10.02, RootKitAccess - Standard

Yontoo 1.10.02, RootKitAccess


Wunderbar, Leo!
Nochmals danke für deine Hilfe, deine Tipps und deine Geduld.
Alles Gute für dich und euer Team!

Viele Grüße
SMC36

Alt 09.04.2013, 17:19   #56
aharonov
/// TB-Ausbilder
 
Yontoo 1.10.02, RootKitAccess - Standard

Yontoo 1.10.02, RootKitAccess


Prima, dann noch einmal delfix und das wär's.

Downloade dir bitte delfix auf deinen Desktop.
  • Schliesse alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
  • DelFix entfernt u.a. alle von uns verwendeten Programme und löscht sich anschliessend selbst.
    Sollte denoch etwas übrig bleiben, kannst du es manuell löschen.



Freut mich, dass wir helfen konnten.

Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun.

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________
cheers,
Leo

Antwort
Seite 4 von 4 « Erste 23 4

Themen zu Yontoo 1.10.02, RootKitAccess
access, bildschirm, browser, compu, daten, empfehlung, entdeck, entdeckt, forum, gefunde, infiziert., malware, möglicherweise, namen, neu, ordner, retten, rootkitaccess, sofort, stehe, verbindung, vermute, vermutet, versucht, werbung, wichtige, yontoo 1.10.02, zerstören


« Habe Archiv entpackt und nun gesehen da sind Viren drinne, Problem? | 1und1 Warnmail wegen Zeus Trojaner »


Ähnliche Themen: Yontoo 1.10.02, RootKitAccess


  1. Pup.Optional.Yontoo
    Plagegeister aller Art und deren Bekämpfung - 26.10.2015 (15)
  2. Yontoo 2.051 entfernen
    Log-Analyse und Auswertung - 15.06.2015 (1)
  3. Yontoo nervt
    Plagegeister aller Art und deren Bekämpfung - 04.04.2015 (16)
  4. Wie entferne ich Yontoo?
    Plagegeister aller Art und deren Bekämpfung - 29.04.2014 (10)
  5. Yontoo 2.051
    Plagegeister aller Art und deren Bekämpfung - 16.11.2013 (9)
  6. Yontoo entfernen
    Anleitungen, FAQs & Links - 31.10.2013 (2)
  7. v9.com und adware yontoo.gen
    Log-Analyse und Auswertung - 07.07.2013 (14)
  8. Sicherheitsrisiko Yontoo
    Antiviren-, Firewall- und andere Schutzprogramme - 26.06.2013 (3)
  9. wss4191.tmp und yontoo
    Plagegeister aller Art und deren Bekämpfung - 24.06.2013 (33)
  10. AdWare.IS.Yontoo.a
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (11)
  11. Wie werde ich Yontoo los?
    Log-Analyse und Auswertung - 20.05.2013 (7)
  12. Was ist Yontoo 1.10.02 für ein Programm
    Diskussionsforum - 19.05.2013 (4)
  13. Yontoo - ein ernstzunehmender Schädling?
    Plagegeister aller Art und deren Bekämpfung - 03.05.2013 (10)
  14. Yontoo 2.051 / YontooDesktop.exe*32
    Plagegeister aller Art und deren Bekämpfung - 09.04.2013 (17)
  15. Yontoo 2.04 and many more..
    Log-Analyse und Auswertung - 01.03.2013 (6)
  16. ADWARE/Yontoo.E.1 gefunden
    Plagegeister aller Art und deren Bekämpfung - 14.02.2013 (15)
  17. TR/atrap.gen2 und tr/sirefef in C:\Users\Famous\AppData\Local - RootkitAccess
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (21)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Yontoo 1.10.02, RootKitAccess - Ok, dann: Lade dir bitte BlitzBlank (von Emsisoft ) herunter und speichere es auf den Desktop. Starte die BlitzBlank.exe und bestätige die Warnung mit OK . Wechsle in den Reiter - Yontoo 1.10.02, RootKitAccess...
Archiv
Du betrachtest: Yontoo 1.10.02, RootKitAccess auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131