Log-Analyse und Auswertung: Windows 7: BKA Trojaner - Sperrbildschirm - abges. Modus startet nichtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
11.06.2014, 15:28 | #1 |
| Windows 7: BKA Trojaner - Sperrbildschirm - abges. Modus startet nicht Hallo, ich habe den Laptop eines Arbeitskollegen erhalten um dort den BKA Trojaner zu entfernen. Das hat bisher schon öfters geklappt. Bei diesem beisse ich mir jedoch die Zähne aus. Ich kann nämlich den abgesicherten Modus nicht starten... Aus diesem Grund habe ich schon einmal, wie in den Anleitungen beschrieben, FRST drüber laufen lassen. Hier mal der Output: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014 01 Ran by SYSTEM on MININT-IG5NB2L on 11-06-2014 16:09:59 Running from E:\ Platform: Windows 7 Ultimate (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log. ATTENTION!:=====> THE OPERATING SYSTEM IS A X86 SYSTEM BUT THE BOOT DISK THAT IS USED TO BOOT TO RECOVERY ENVIRONMENT IS A X64 SYSTEM DISK. The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AppMon Utility] => C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe [542560 2007-09-20] (Sony Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated) HKLM-x32\...\Winlogon: [Userinit] [X] HKLM-x32\...\Winlogon: [Shell] [ ] () <=== ATTENTION Startup: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorer.lnk ShortcutTarget: explorer.lnk -> C:\ProgramData\CAF74D6A386B4A4C2F0D0974B41974CA\gkz8rffo.cpp () Startup: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Services (Whitelisted) ================= S2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192 2012-12-18] (Adobe Systems Incorporated) S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [42856 2009-06-10] (Microsoft Corporation) S3 idsvc; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [878416 2009-06-10] (Microsoft Corporation) S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [118680 2014-05-04] (Mozilla Foundation) S3 odserv; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation) S2 Winmgmt; C:\ProgramData\CAF74D6A386B4A4C2F0D0974B41974CA\gkz8rffo.cpp [168821 2014-06-09] () ==================== Drivers (Whitelisted) ==================== S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation) S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation) S3 E1G60; C:\Windows\System32\DRIVERS\E1G60I32.sys [118784 2009-07-13] (Intel Corporation) S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation) S3 netw5v32; C:\Windows\System32\DRIVERS\netw5v32.sys [4231168 2009-07-13] (Intel Corporation) S3 R5U870FLx86; C:\Windows\System32\Drivers\R5U870FLx86.sys [73472 2013-03-02] (Ricoh) S3 R5U870FUx86; C:\Windows\System32\Drivers\R5U870FUx86.sys [43904 2013-03-02] (Ricoh) S3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Realtek Corporation ) S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL3.SYS [207360 2009-07-13] (Conexant Systems, Inc.) S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV3.SYS [980992 2009-07-13] (Conexant Systems, Inc.) S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT3.SYS [661504 2009-07-13] (Conexant Systems, Inc.) S3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [818688 2013-03-02] (Texas Instruments) S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-11 16:09 - 2014-06-11 16:09 - 00000000 ____D () C:\FRST 2014-06-11 15:44 - 2014-06-11 15:44 - 00000000 ____D () C:\Temp 2014-06-11 14:55 - 2014-06-11 14:58 - 00000564 _____ () C:\ProgramData\RUNDLL32.EXE-1940-F.txt 2014-06-11 14:48 - 2014-06-11 14:51 - 00000452 _____ () C:\ProgramData\RUNDLL32.EXE-1908-F.txt 2014-06-11 14:46 - 2014-06-11 14:46 - 00000111 _____ () C:\ProgramData\RUNDLL32.EXE-1852-F.txt 2014-06-11 14:37 - 2014-06-11 14:38 - 00000174 _____ () C:\ProgramData\RUNDLL32.EXE-1708-F.txt 2014-06-11 14:36 - 2014-06-11 14:36 - 00000057 _____ () C:\ProgramData\RUNDLL32.EXE-1488-F.txt 2014-06-11 04:27 - 2014-06-11 04:29 - 00000230 _____ () C:\ProgramData\RUNDLL32.EXE-1976-F.txt 2014-06-11 04:24 - 2014-06-11 04:26 - 00000345 _____ () C:\ProgramData\RUNDLL32.EXE-1876-F.txt 2014-06-11 04:20 - 2014-06-11 04:20 - 00000058 _____ () C:\ProgramData\RUNDLL32.EXE-1924-F.txt 2014-06-11 04:14 - 2014-06-11 04:18 - 00000512 _____ () C:\ProgramData\RUNDLL32.EXE-1844-F.txt 2014-06-11 04:11 - 2014-06-11 04:12 - 00000173 _____ () C:\ProgramData\RUNDLL32.EXE-1880-F.txt 2014-06-11 04:09 - 2014-06-11 04:09 - 00000057 _____ () C:\ProgramData\RUNDLL32.EXE-1888-F.txt 2014-06-11 04:07 - 2014-06-11 04:08 - 00000175 _____ () C:\ProgramData\RUNDLL32.EXE-1748-F.txt 2014-06-10 13:14 - 2014-06-10 13:14 - 00000116 _____ () C:\ProgramData\RUNDLL32.EXE-1992-F.txt 2014-06-10 08:01 - 2014-06-10 08:08 - 00001943 _____ () C:\ProgramData\RUNDLL32.EXE-592-F.txt 2014-06-09 22:06 - 2014-06-09 22:11 - 00002348 _____ () C:\ProgramData\RUNDLL32.EXE-2120-F.txt 2014-06-09 22:03 - 2014-06-09 22:03 - 00000610 _____ () C:\ProgramData\RUNDLL32.EXE-2072-F.txt 2014-06-09 22:01 - 2014-06-09 22:01 - 00000365 _____ () C:\ProgramData\RUNDLL32.EXE-2116-F.txt 2014-06-09 21:53 - 2014-06-09 21:55 - 00001334 _____ () C:\ProgramData\RUNDLL32.EXE-280-F.txt 2014-06-09 21:46 - 2014-06-09 21:46 - 00000000 ____D () C:\ProgramData\CAF74D6A386B4A4C2F0D0974B41974CA 2014-05-22 08:57 - 2014-05-22 08:58 - 00000000 ____D () C:\Users\Martina\AppData\Local\Microsoft Games ==================== One Month Modified Files and Folders ======= 2014-06-11 16:09 - 2014-06-11 16:09 - 00000000 ____D () C:\FRST 2014-06-11 15:44 - 2014-06-11 15:44 - 00000000 ____D () C:\Temp 2014-06-11 14:59 - 2013-03-02 21:57 - 01117419 _____ () C:\Windows\WindowsUpdate.log 2014-06-11 14:59 - 2009-07-14 05:39 - 00075385 _____ () C:\Windows\setupact.log 2014-06-11 14:59 - 2009-07-14 05:34 - 00014016 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-11 14:59 - 2009-07-14 05:34 - 00014016 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-11 14:58 - 2014-06-11 14:55 - 00000564 _____ () C:\ProgramData\RUNDLL32.EXE-1940-F.txt 2014-06-11 14:55 - 2013-03-02 21:55 - 00000000 ____D () C:\Users\Martina\AppData\Local\Temp 2014-06-11 14:54 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-11 14:51 - 2014-06-11 14:48 - 00000452 _____ () C:\ProgramData\RUNDLL32.EXE-1908-F.txt 2014-06-11 14:46 - 2014-06-11 14:46 - 00000111 _____ () C:\ProgramData\RUNDLL32.EXE-1852-F.txt 2014-06-11 14:38 - 2014-06-11 14:37 - 00000174 _____ () C:\ProgramData\RUNDLL32.EXE-1708-F.txt 2014-06-11 14:36 - 2014-06-11 14:36 - 00000057 _____ () C:\ProgramData\RUNDLL32.EXE-1488-F.txt 2014-06-11 04:29 - 2014-06-11 04:27 - 00000230 _____ () C:\ProgramData\RUNDLL32.EXE-1976-F.txt 2014-06-11 04:26 - 2014-06-11 04:24 - 00000345 _____ () C:\ProgramData\RUNDLL32.EXE-1876-F.txt 2014-06-11 04:20 - 2014-06-11 04:20 - 00000058 _____ () C:\ProgramData\RUNDLL32.EXE-1924-F.txt 2014-06-11 04:18 - 2014-06-11 04:14 - 00000512 _____ () C:\ProgramData\RUNDLL32.EXE-1844-F.txt 2014-06-11 04:12 - 2014-06-11 04:11 - 00000173 _____ () C:\ProgramData\RUNDLL32.EXE-1880-F.txt 2014-06-11 04:09 - 2014-06-11 04:09 - 00000057 _____ () C:\ProgramData\RUNDLL32.EXE-1888-F.txt 2014-06-11 04:08 - 2014-06-11 04:07 - 00000175 _____ () C:\ProgramData\RUNDLL32.EXE-1748-F.txt 2014-06-10 13:14 - 2014-06-10 13:14 - 00000116 _____ () C:\ProgramData\RUNDLL32.EXE-1992-F.txt 2014-06-10 08:08 - 2014-06-10 08:01 - 00001943 _____ () C:\ProgramData\RUNDLL32.EXE-592-F.txt 2014-06-09 22:11 - 2014-06-09 22:06 - 00002348 _____ () C:\ProgramData\RUNDLL32.EXE-2120-F.txt 2014-06-09 22:03 - 2014-06-09 22:03 - 00000610 _____ () C:\ProgramData\RUNDLL32.EXE-2072-F.txt 2014-06-09 22:01 - 2014-06-09 22:01 - 00000365 _____ () C:\ProgramData\RUNDLL32.EXE-2116-F.txt 2014-06-09 21:55 - 2014-06-09 21:53 - 00001334 _____ () C:\ProgramData\RUNDLL32.EXE-280-F.txt 2014-06-09 21:46 - 2014-06-09 21:46 - 00000000 ____D () C:\ProgramData\CAF74D6A386B4A4C2F0D0974B41974CA 2014-06-09 21:37 - 2009-11-10 19:44 - 01472002 _____ () C:\Windows\System32\PerfStringBackup.INI 2014-06-09 21:37 - 2009-07-14 09:47 - 00643866 _____ () C:\Windows\System32\perfh007.dat 2014-06-09 21:37 - 2009-07-14 09:47 - 00126394 _____ () C:\Windows\System32\perfc007.dat 2014-06-08 19:15 - 2013-07-21 20:37 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird 2014-05-23 20:22 - 2009-07-14 05:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-05-22 08:58 - 2014-05-22 08:57 - 00000000 ____D () C:\Users\Martina\AppData\Local\Microsoft Games 2014-05-21 22:57 - 2014-05-04 14:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-21 22:55 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\NDF 2014-05-12 19:34 - 2013-05-20 14:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-05-12 08:46 - 2013-05-20 15:29 - 00000000 ____D () C:\Users\Martina\AppData\Local\Mozilla Some content of TEMP: ==================== C:\Users\Martina\AppData\Local\Temp\jr6Q.dll C:\Users\Martina\AppData\Local\Temp\ose00000.exe ==================== Known DLLs (Whitelisted) ================ C:\Windows\SysWOW64\clbcatq.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\ole32.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\advapi32.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\COMDLG32.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\gdi32.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\IERTUTIL.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\IMAGEHLP.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\IMM32.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\kernel32.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\LPK.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\MSCTF.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\MSVCRT.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\NORMALIZ.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\NSI.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\OLEAUT32.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\PSAPI.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\rpcrt4.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\sechost.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\Setupapi.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\SHELL32.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\SHLWAPI.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\URLMON.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\user32.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\USP10.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\WININET.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\WLDAP32.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\WS2_32.dll IS MISSING <==== ATTENTION! C:\Windows\SysWOW64\DifxApi.dll IS MISSING <==== ATTENTION! ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe [2009-07-14 00:37] - [2009-07-14 02:14] - 0285696 ____A (Microsoft Corporation) 8EC6A4AB12B8F3759E21F8E3A388F2CF C:\Windows\System32\wininit.exe [2009-07-14 00:36] - [2009-07-14 02:14] - 0096256 ____A (Microsoft Corporation) B5C5DCAD3899512020D135600129D665 C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!. C:\Windows\explorer.exe [2009-11-10 19:48] - [2009-08-03 06:35] - 2613248 ____A (Microsoft Corporation) B95EEB0F4E5EFBF1038A35B3351CF047 C:\Windows\SysWOW64\explorer.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\svchost.exe [2009-07-14 00:19] - [2009-07-14 02:14] - 0020992 ____A (Microsoft Corporation) 54A47F6B5E09A77E61649109C6A08866 C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\services.exe [2009-07-14 00:11] - [2009-07-14 02:14] - 0259072 ____A (Microsoft Corporation) 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 C:\Windows\System32\User32.dll [2009-07-14 00:24] - [2009-07-14 02:16] - 0811520 ____A (Microsoft Corporation) 34B7E222E81FAFA885F0C5F2CFA56861 C:\Windows\SysWOW64\User32.dll IS MISSING <==== ATTENTION!. C:\Windows\System32\userinit.exe [2009-07-14 00:34] - [2009-07-14 02:14] - 0026112 ____A (Microsoft Corporation) 6DE80F60D7DE9CE6B8C2DDFDF79EF175 C:\Windows\SysWOW64\userinit.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\rpcss.dll [2009-07-14 00:45] - [2009-07-14 02:16] - 0376320 ____A (Microsoft Corporation) B82CD39E336973359D7C9BF911E8E84F ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\Windows\System32\Drivers\volsnap.sys [2009-07-14 00:11] - [2009-07-14 02:19] - 0245328 ____A (Microsoft Corporation) 58DF9D2481A56EDDE167E51B334D44FD ==================== Restore Points ========================= Restore point made on: 2013-10-02 17:23:28 Restore point made on: 2013-12-01 20:14:15 Restore point made on: 2014-01-20 13:01:19 Restore point made on: 2014-02-10 16:41:56 Restore point made on: 2014-02-26 18:52:33 ==================== Memory info =========================== Percentage of memory in use: 24% Total physical RAM: 2046.43 MB Available physical RAM: 1540.77 MB Total Pagefile: 2046.43 MB Available Pagefile: 1538.47 MB Total Virtual: 8192 MB Available Virtual: 8191.88 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:74.52 GB) (Free:43 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (GRMCPRXVOL_DE_DVD) (CDROM) (Total:2.86 GB) (Free:0 GB) UDF Drive e: () (Removable) (Total:0.94 GB) (Free:0.9 GB) NTFS Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: 83E265E5) Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 961 MB) (Disk ID: 49E2A461) Partition 1: (Active) - (Size=960 MB) - (Type=07 NTFS) LastRegBack: 2014-05-30 21:24 ==================== End Of Log ============================ Es wäre sehr nett, wenn mir jemand helfen könnte. Gruß LarsDon |
11.06.2014, 17:36 | #2 |
/// TB-Ausbilder | Windows 7: BKA Trojaner - Sperrbildschirm - abges. Modus startet nicht Hi,
__________________startet der Rechner wieder normal nach diesem Fix? Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Startup: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorer.lnk ShortcutTarget: explorer.lnk -> C:\ProgramData\CAF74D6A386B4A4C2F0D0974B41974CA\gkz8rffo.cpp () S2 Winmgmt; C:\ProgramData\CAF74D6A386B4A4C2F0D0974B41974CA\gkz8rffo.cpp [168821 2014-06-09] () 2014-06-09 21:46 - 2014-06-09 21:46 - 00000000 ____D () C:\ProgramData\CAF74D6A386B4A4C2F0D0974B41974CA
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________ |
11.06.2014, 18:00 | #3 |
| Windows 7: BKA Trojaner - Sperrbildschirm - abges. Modus startet nicht Hallo aharonov,
__________________danke, dass du dich meiner annimmst!!! Juhu, der Laptop startet jetzt ganz normal. Es kommt kein BKA Trojaner mehr Hier der Inhalt der Fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-06-2014 01 Ran by SYSTEM at 2014-06-11 18:56:55 Run:1 Running from E:\ Boot Mode: Recovery ============================================== Content of fixlist: ***************** Startup: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorer.lnk ShortcutTarget: explorer.lnk -> C:\ProgramData\CAF74D6A386B4A4C2F0D0974B41974CA\gkz8rffo.cpp () S2 Winmgmt; C:\ProgramData\CAF74D6A386B4A4C2F0D0974B41974CA\gkz8rffo.cpp [168821 2014-06-09] () 2014-06-09 21:46 - 2014-06-09 21:46 - 00000000 ____D () C:\ProgramData\CAF74D6A386B4A4C2F0D0974B41974CA ***************** C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorer.lnk => Moved successfully. C:\ProgramData\CAF74D6A386B4A4C2F0D0974B41974CA\gkz8rffo.cpp => Moved successfully. Winmgmt => Service restored successfully. C:\ProgramData\CAF74D6A386B4A4C2F0D0974B41974CA => Moved successfully. ==== End of Fixlog ==== |
11.06.2014, 20:28 | #4 |
/// TB-Ausbilder | Windows 7: BKA Trojaner - Sperrbildschirm - abges. Modus startet nicht Prima. Dann weiter im normalen Modus: Verschiebe die frst.exe vom USB-Stick auf den Desktop.
__________________ cheers, Leo |
Themen zu Windows 7: BKA Trojaner - Sperrbildschirm - abges. Modus startet nicht |
adobe, adware, cdrom, check, dll, download, dvd, explorer, fontcache, free, google, laptop, link, microsoft, office, opera, realtek, registry, rundll, scan, system, system32, trojaner, userinit, usp10.dll, windows, winlogon |