Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows restore / Daten wiederherstellbar?

Windows restore / Daten wiederherstellbar?


Plagegeister aller Art und deren Bekämpfung: Windows restore / Daten wiederherstellbar?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.04.2011, 11:35   #1
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows restore / Daten wiederherstellbar? - Standard

Windows restore / Daten wiederherstellbar?


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
[2011.04.14 09:23:18 | 000,000,254 | ---- | C] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2011.04.14 08:16:08 | 000,118,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\1228.sys
[2011.04.14 08:15:07 | 000,000,829 | -H-- | C] () -- C:\Dokumente und Einstellungen\EuFH\Desktop\Windows Fix Disk.lnk
[2011.04.14 08:15:07 | 000,000,128 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18734900r
[2011.04.14 08:15:07 | 000,000,096 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18734900
[2011.04.14 08:15:02 | 000,118,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\7895.sys
[2011.04.14 08:15:01 | 000,000,336 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18734900
[2011.04.12 18:58:24 | 000,008,947 | -H-- | C] () -- C:\Dokumente und Einstellungen\EuFH\Desktop\Prüfungsanmeldung.pdf
[2011.04.10 19:57:59 | 000,000,136 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18407220r
[2011.04.10 19:57:58 | 000,000,104 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18407220
[2011.04.10 19:57:37 | 000,000,336 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18407220
[2011.04.10 18:47:47 | 000,000,136 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~19717940r
[2011.04.10 18:47:45 | 000,000,104 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~19717940
[2011.04.10 18:47:31 | 000,000,328 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\19717940
[2011.04.14 08:15:06 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\EuFH\Startmenü\Programme\Windows Fix Disk
[2011.04.13 17:52:25 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\EuFH\Desktop\Windows_restore
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.24 08:33:12 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{01a1b78b-f9de-11de-bb40-001a6b7a9d4e}\Shell\AutoRun\command - "" = cold\hott\sysdiag64.exe
O33 - MountPoints2\{01a1b78b-f9de-11de-bb40-001a6b7a9d4e}\Shell\Explore\Command - "" = cold\hott\sysdiag64.exe
O33 - MountPoints2\{01a1b78b-f9de-11de-bb40-001a6b7a9d4e}\Shell\open\command - "" = cold\hott\sysdiag64.exe
O33 - MountPoints2\{1cbf077a-fc4d-11de-bb45-001a6b7a9d4e}\Shell\AutoRun\command - "" = F:\cold\hott\sysdiag64.exe
O33 - MountPoints2\{1cbf077a-fc4d-11de-bb45-001a6b7a9d4e}\Shell\Explore\Command - "" = F:\cold\hott\sysdiag64.exe
O33 - MountPoints2\{1cbf077a-fc4d-11de-bb45-001a6b7a9d4e}\Shell\open\command - "" = F:\cold\hott\sysdiag64.exe
O33 - MountPoints2\{3e4ad4f6-eb00-11de-bb28-001a6b7a9d4e}\Shell - "" = AutoRun
O33 - MountPoints2\{3e4ad4f6-eb00-11de-bb28-001a6b7a9d4e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3e4ad4f6-eb00-11de-bb28-001a6b7a9d4e}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{3e4ad4f7-eb00-11de-bb28-001a6b7a9d4e}\Shell\AutoRun\command - "" = G:\cold\hott\sysdiag64.exe
O33 - MountPoints2\{3e4ad4f7-eb00-11de-bb28-001a6b7a9d4e}\Shell\Explore\Command - "" = G:\cold\hott\sysdiag64.exe
O33 - MountPoints2\{3e4ad4f7-eb00-11de-bb28-001a6b7a9d4e}\Shell\open\command - "" = G:\cold\hott\sysdiag64.exe
O33 - MountPoints2\{3e4ad503-eb00-11de-bb28-001c2390cc69}\Shell\AutoRun\command - "" = cold\hott\sysdiag64.exe
O33 - MountPoints2\{3e4ad503-eb00-11de-bb28-001c2390cc69}\Shell\Explore\Command - "" = cold\hott\sysdiag64.exe
O33 - MountPoints2\{3e4ad503-eb00-11de-bb28-001c2390cc69}\Shell\open\command - "" = cold\hott\sysdiag64.exe
O33 - MountPoints2\{65b10c4e-ebb3-11de-bb2a-001a6b7a9d4e}\Shell\AutoRun\command - "" = F:\cold\hott\sysdiag64.exe
O33 - MountPoints2\{65b10c4e-ebb3-11de-bb2a-001a6b7a9d4e}\Shell\Explore\Command - "" = F:\cold\hott\sysdiag64.exe
O33 - MountPoints2\{65b10c4e-ebb3-11de-bb2a-001a6b7a9d4e}\Shell\open\command - "" = F:\cold\hott\sysdiag64.exe
O33 - MountPoints2\{db85db26-c52e-11de-bad9-001a6b7a9d4e}\Shell\AutoRun\command - "" = cold\hott\sysdiag64.exe
O33 - MountPoints2\{db85db26-c52e-11de-bad9-001a6b7a9d4e}\Shell\Explore\Command - "" = cold\hott\sysdiag64.exe
O33 - MountPoints2\{db85db26-c52e-11de-bad9-001a6b7a9d4e}\Shell\open\command - "" = cold\hott\sysdiag64.exe
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.gopher: ""
FF - prefs.js..network.proxy.backup.gopher_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "Proxy"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "Proxy"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "Proxy"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "Proxy"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "Proxy"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 4
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.04.2011, 12:16   #2
Guda
 
Windows restore / Daten wiederherstellbar? - Standard

Windows restore / Daten wiederherstellbar?


All processes killed
========== OTL ==========
C:\WINDOWS\tasks\RegistryBooster.job moved successfully.
C:\WINDOWS\system32\drivers\1228.sys moved successfully.
C:\Dokumente und Einstellungen\EuFH\Desktop\Windows Fix Disk.lnk moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18734900r moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18734900 moved successfully.
C:\WINDOWS\system32\drivers\7895.sys moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18734900 moved successfully.
C:\Dokumente und Einstellungen\EuFH\Desktop\Prüfungsanmeldung.pdf moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18407220r moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18407220 moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18407220 moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~19717940r moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~19717940 moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\19717940 moved successfully.
C:\Dokumente und Einstellungen\EuFH\Startmenü\Programme\Windows Fix Disk folder moved successfully.
C:\Dokumente und Einstellungen\EuFH\Desktop\Windows_restore folder moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01a1b78b-f9de-11de-bb40-001a6b7a9d4e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01a1b78b-f9de-11de-bb40-001a6b7a9d4e}\ not found.
File cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01a1b78b-f9de-11de-bb40-001a6b7a9d4e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01a1b78b-f9de-11de-bb40-001a6b7a9d4e}\ not found.
File cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01a1b78b-f9de-11de-bb40-001a6b7a9d4e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01a1b78b-f9de-11de-bb40-001a6b7a9d4e}\ not found.
File cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1cbf077a-fc4d-11de-bb45-001a6b7a9d4e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1cbf077a-fc4d-11de-bb45-001a6b7a9d4e}\ not found.
File F:\cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1cbf077a-fc4d-11de-bb45-001a6b7a9d4e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1cbf077a-fc4d-11de-bb45-001a6b7a9d4e}\ not found.
File F:\cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1cbf077a-fc4d-11de-bb45-001a6b7a9d4e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1cbf077a-fc4d-11de-bb45-001a6b7a9d4e}\ not found.
File F:\cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e4ad4f6-eb00-11de-bb28-001a6b7a9d4e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e4ad4f6-eb00-11de-bb28-001a6b7a9d4e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e4ad4f6-eb00-11de-bb28-001a6b7a9d4e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e4ad4f6-eb00-11de-bb28-001a6b7a9d4e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e4ad4f6-eb00-11de-bb28-001a6b7a9d4e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e4ad4f6-eb00-11de-bb28-001a6b7a9d4e}\ not found.
File F:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e4ad4f7-eb00-11de-bb28-001a6b7a9d4e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e4ad4f7-eb00-11de-bb28-001a6b7a9d4e}\ not found.
File G:\cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e4ad4f7-eb00-11de-bb28-001a6b7a9d4e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e4ad4f7-eb00-11de-bb28-001a6b7a9d4e}\ not found.
File G:\cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e4ad4f7-eb00-11de-bb28-001a6b7a9d4e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e4ad4f7-eb00-11de-bb28-001a6b7a9d4e}\ not found.
File G:\cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e4ad503-eb00-11de-bb28-001c2390cc69}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e4ad503-eb00-11de-bb28-001c2390cc69}\ not found.
File cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e4ad503-eb00-11de-bb28-001c2390cc69}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e4ad503-eb00-11de-bb28-001c2390cc69}\ not found.
File cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e4ad503-eb00-11de-bb28-001c2390cc69}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e4ad503-eb00-11de-bb28-001c2390cc69}\ not found.
File cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65b10c4e-ebb3-11de-bb2a-001a6b7a9d4e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65b10c4e-ebb3-11de-bb2a-001a6b7a9d4e}\ not found.
File F:\cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65b10c4e-ebb3-11de-bb2a-001a6b7a9d4e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65b10c4e-ebb3-11de-bb2a-001a6b7a9d4e}\ not found.
File F:\cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65b10c4e-ebb3-11de-bb2a-001a6b7a9d4e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65b10c4e-ebb3-11de-bb2a-001a6b7a9d4e}\ not found.
File F:\cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db85db26-c52e-11de-bad9-001a6b7a9d4e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{db85db26-c52e-11de-bad9-001a6b7a9d4e}\ not found.
File cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db85db26-c52e-11de-bad9-001a6b7a9d4e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{db85db26-c52e-11de-bad9-001a6b7a9d4e}\ not found.
File cold\hott\sysdiag64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db85db26-c52e-11de-bad9-001a6b7a9d4e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{db85db26-c52e-11de-bad9-001a6b7a9d4e}\ not found.
File cold\hott\sysdiag64.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Programme\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Programme\ICQ6Toolbar\ICQToolBar.dll not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from keyword.URL
Prefs.js: "" removed from network.proxy.backup.ftp
Prefs.js: 0 removed from network.proxy.backup.ftp_port
Prefs.js: "" removed from network.proxy.backup.gopher
Prefs.js: 0 removed from network.proxy.backup.gopher_port
Prefs.js: "" removed from network.proxy.backup.socks
Prefs.js: 0 removed from network.proxy.backup.socks_port
Prefs.js: "" removed from network.proxy.backup.ssl
Prefs.js: 0 removed from network.proxy.backup.ssl_port
Prefs.js: "Proxy" removed from network.proxy.ftp
Prefs.js: 3128 removed from network.proxy.ftp_port
Prefs.js: "Proxy" removed from network.proxy.gopher
Prefs.js: 3128 removed from network.proxy.gopher_port
Prefs.js: "Proxy" removed from network.proxy.http
Prefs.js: 3128 removed from network.proxy.http_port
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: "Proxy" removed from network.proxy.socks
Prefs.js: 3128 removed from network.proxy.socks_port
Prefs.js: "Proxy" removed from network.proxy.ssl
Prefs.js: 3128 removed from network.proxy.ssl_port
Prefs.js: 4 removed from network.proxy.type
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Programme\ICQ6Toolbar\ICQ Service.exe moved successfully.
Service MDM stopped successfully!
Service MDM deleted successfully!
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: admin
->Temp folder emptied: 236753864 bytes
->Temporary Internet Files folder emptied: 373253334 bytes
->Java cache emptied: 4962819 bytes
->FireFox cache emptied: 15974042 bytes
->Flash cache emptied: 2010282 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: EuFH
->Temp folder emptied: 834321815 bytes
->Temporary Internet Files folder emptied: 943398861 bytes
->Java cache emptied: 9142589 bytes
->FireFox cache emptied: 89776218 bytes
->Flash cache emptied: 2948699 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 14472095 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1908702 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2147662 bytes
%systemroot%\System32 .tmp files removed: 429459 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2278254 bytes
RecycleBin emptied: 29638893 bytes

Total Files Cleaned = 2.445,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04142011_125650

Files\Folders moved on Reboot...
File\Folder C:\Dokumente und Einstellungen\EuFH\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\Q7K36T81\1729516519@Top1,TopRight,Right,Middle1,Right1,Right2,Right3,Right4,Right5,Right6,Bottom,Middle,Middle2,Middle3,Position1,Po sition2,Position3,x01,x02,x03,x04,x05,x70,Bottom1[1] not found!
File\Folder C:\Dokumente und Einstellungen\EuFH\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\C7M5610J\1149521306@Top1,TopRight,Right,Middle1,Right1,Right2,Right3,Right4,Right5,Right6,Bottom,Middle,Middle2,Middle3,Position1,Po sition2,Position3,x01,x02,x03,x04,x05,x70,Bottom1[1] not found!
File\Folder C:\Dokumente und Einstellungen\EuFH\Lokale Einstellungen\Temp\~DF805A.tmp not found!
File\Folder C:\Dokumente und Einstellungen\EuFH\Lokale Einstellungen\Temp\~DFD68.tmp not found!
C:\Dokumente und Einstellungen\EuFH\Lokale Einstellungen\Temporary Internet Files\Content.IE5\IQKCRG71\97421-windows-restore-daten-wiederherstellbar-2[1].html moved successfully.

Registry entries deleted on Reboot...
__________________
Antwort

Themen zu Windows restore / Daten wiederherstellbar?
board, data, data recovery, dateien, daten, eingefangen, entfernen, folge, folgendes, gen, hallo zusammen, malware, nicht mehr, problem, programme, recovery, restore, smart, software, trojaner, trojaner board, trojaner eingefangen, verloren, verschwunden, versucht, windows, zusammen


« Windowssicherheitscenter deaktiviert sich | Trojaner TR/Kazy.mekml.1 »


Ähnliche Themen: Windows restore / Daten wiederherstellbar?


  1. Daten von Millionen zurückgesetzten Android-Smartphones wiederherstellbar
    Nachrichten - 22.05.2015 (0)
  2. [Schadprogramm] Windows Restore beseitigt und t.w. noch Probleme
    Plagegeister aller Art und deren Bekämpfung - 29.06.2011 (50)
  3. Windows 7 Restore, Google Redirect.
    Plagegeister aller Art und deren Bekämpfung - 11.06.2011 (2)
  4. Trojaner Windows Restore
    Log-Analyse und Auswertung - 26.05.2011 (4)
  5. Internet Explorer Skriptfehler nach Windows Restore
    Log-Analyse und Auswertung - 20.05.2011 (26)
  6. TR/kazy.mekml.1 und Windows Restore: ist es wirklich weg?
    Log-Analyse und Auswertung - 14.05.2011 (10)
  7. Windows konnte alle Daten fur die Datei \\System32\\496A8300 nicht speichern. Daten verloren.
    Log-Analyse und Auswertung - 22.04.2011 (10)
  8. Windows Restore
    Log-Analyse und Auswertung - 20.04.2011 (21)
  9. Ebenfalls Windows Restore Befall
    Plagegeister aller Art und deren Bekämpfung - 19.04.2011 (13)
  10. windows restore
    Alles rund um Windows - 14.04.2011 (12)
  11. Windows Restore
    Log-Analyse und Auswertung - 14.04.2011 (1)
  12. Windows Restore, Internetbrowser funktionieren nicht
    Plagegeister aller Art und deren Bekämpfung - 14.04.2011 (3)
  13. Windows Restore auf dem Notebook
    Plagegeister aller Art und deren Bekämpfung - 13.04.2011 (7)
  14. Windows restore
    Plagegeister aller Art und deren Bekämpfung - 13.04.2011 (4)
  15. Probleme mit Windows Restore - Schnellstartleiste wiederherstellen.
    Log-Analyse und Auswertung - 13.04.2011 (1)
  16. Windows Restore entfernen
    Anleitungen, FAQs & Links - 05.04.2011 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows restore / Daten wiederherstellbar? - Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert - Windows restore / Daten wiederherstellbar?...
Archiv
Du betrachtest: Windows restore / Daten wiederherstellbar? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131