Nach drei Monaten melde ich mich endlich wieder zurück...
Und das leider mit nicht so guten Nachrichten denn Ich habe heute da der erste Tag des Monats ist mal wieder Malwarebytes durchlaufen lassen und entdeckt das mein PC anscheinend ein paar Trojaner beheimatet.
Als ich das sah habe ich gleich nach der Firewall geschaut und gesehen das ich anscheinend das selbe Problem wie schon das letzte mal habe.
Was demnach heißt das wenn ich versuche meine Firewall anzuschalten der Fehlercode: ,,0x80070424,, auftaucht habe danach auch noch einen Scan mit ESET gemacht und hier sind die Logs:
Hier einmal von Malewarebytes: Code:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Datenbank Version: v2012.11.01.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Max :: GLEIßBERG-PC [Administrator]
01.11.2012 15:34:27
mbam-log-2012-11-01 (15-34-27).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|G:\|H:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 914631
Laufzeit: 3 Stunde(n), 11 Minute(n), 17 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 9
C:\Users\Max.Gleißberg-PC\AppData\Local\Temp\Rar$EX01.574\Mx.skype.recorder.4.2.0.key.generator.by.TSRh.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Max.Gleißberg-PC\Downloads\etypesetup.exe (PUP.BundleInstaller.BI) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Max.Gleißberg-PC\Downloads\VLCMediaPlayerSetup.exe (PUP.BundleInstaller.BI) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\000000cb.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\08042012_140016\C_Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\80000000.@ (Rootkit.0Access.64) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\08042012_140016\C_Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\80000064.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\08122012_002506\C_Users\Max.Gleißberg-PC\AppData\Local\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\80000000.@ (Rootkit.0Access.64) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\08122012_002506\C_Windows\assembly\GAC_64\Desktop.ini (Rootkit.0access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
Und hier noch mal von ESET: Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=002657dfdd6c9d49beb2c3c1f62f9eba
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-31 01:06:12
# local_time=2012-07-31 03:06:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 55264935 55264935 0 0
# compatibility_mode=5893 16776574 66 94 35277660 95305363 0 0
# compatibility_mode=8192 67108863 100 0 460 460 0 0
# scanned=861371
# found=43
# cleaned=0
# scan_time=21259
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\PDFCreator\message.exe a variant of Win32/InstallCore.A application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\aso3sys.dll probably a variant of Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\ASOHelper.dll a variant of Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\RegistryReviver.exe a variant of Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\SendLogs.exe Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\bg\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\cs\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\DA\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\DTCH\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\el\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\ENG\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\ES\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\fi\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\FR\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\GRMN\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\hu\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\in\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\ITLY\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\JA\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\no\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\pt\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\ro\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\sv\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\th\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Reviversoft\Registry Reviver\ZH\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll a variant of Win32/Toolbar.SearchSuite application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Max.Gleißberg-PC\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015d HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\Users\Max.Gleißberg-PC\AppData\Local\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\000000cb.@ Win64/Conedex.B trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Max.Gleißberg-PC\AppData\Local\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\80000032.@ a variant of Win32/Sirefef.FD trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Max.Gleißberg-PC\AppData\Roaming\OpenCandy\OpenCandy_83F6C16F4B7241F5B5B897533DACD919\RegistryReviverSetup-ppi_.exe Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\00000008.@ Win64/Agent.BA trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\000000cb.@ Win64/Conedex.B trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\80000032.@ a variant of Win32/Sirefef.FD trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows.old\Users\Max Gleißberg\Downloads\SoftonicDownloader17614(2).exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Windows.old\Users\Max Gleißberg\Downloads\SoftonicDownloader17614.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Windows.old\Users\Max Gleißberg\Downloads\SoftonicDownloader47285.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Windows.old\Users\Max Gleißberg\Downloads\SoftonicDownloader48960.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
${Memory} multiple threats 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=002657dfdd6c9d49beb2c3c1f62f9eba
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-19 08:28:51
# local_time=2012-08-19 10:28:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 129579 96977916 0 0
# compatibility_mode=8192 67108863 100 0 1673013 1673013 0 0
# scanned=707564
# found=35
# cleaned=0
# scan_time=16864
C:\Program Files (x86)\PDFCreator\message.exe a variant of Win32/InstallCore.A application (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Windows\System32\Services.exe.vir Win64/Patched.B.Gen trojan (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\aso3sys.dll probably a variant of Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\ASOHelper.dll a variant of Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\RegistryReviver.exe a variant of Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\SendLogs.exe Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\bg\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\cs\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\DA\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\DTCH\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\el\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\ENG\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\ES\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\fi\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\FR\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\GRMN\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\hu\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\in\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\ITLY\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\JA\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\no\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\pt\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\ro\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\sv\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\th\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\ZH\regclean.ini Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll a variant of Win32/Toolbar.SearchSuite application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Users\Max.Gleißberg-PC\AppData\Roaming\OpenCandy\OpenCandy_83F6C16F4B7241F5B5B897533DACD919\RegistryReviverSetup-ppi_.exe Win32/RegistryReviver application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\80000000.@ Win64/Sirefef.AP trojan (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Windows.old\Users\Max Gleißberg\Downloads\SoftonicDownloader17614(2).exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Windows.old\Users\Max Gleißberg\Downloads\SoftonicDownloader17614.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Windows.old\Users\Max Gleißberg\Downloads\SoftonicDownloader47285.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Windows.old\Users\Max Gleißberg\Downloads\SoftonicDownloader48960.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08122012_002506\C_Users\Max.Gleißberg-PC\AppData\Local\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\80000000.@ Win64/Sirefef.AP trojan (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08122012_002506\C_Windows\assembly\GAC_64\Desktop.ini Win64/Sirefef.AD trojan (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=002657dfdd6c9d49beb2c3c1f62f9eba
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-11-01 10:25:42
# local_time=2012-11-01 11:25:42 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 94 113962 103423689 0 0
# compatibility_mode=8192 67108863 100 0 8118786 8118786 0 0
# scanned=535215
# found=43
# cleaned=0
# scan_time=14903
C:\Program Files (x86)\PDFCreator\message.exe Variante von Win32/InstallCore.A Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Windows\System32\Services.exe.vir Win64/Patched.B.Gen Trojaner (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\Users\Max.Gleißberg-PC\AppData\Local\Temp\biclient.exe Variante von Win32/Somoto.A Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\00000004.@ Win64/Conedex.C Trojaner (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\00000008.@ Win64/Agent.BA Trojaner (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\000000cb.@ Win64/Conedex.B Trojaner (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\80000000.@ Win64/Sirefef.AW Trojaner (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\80000032.@ möglicherweise Variante von Win32/Sirefef.FD Trojaner (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\80000064.@ Variante von Win64/Sirefef.AN Trojaner (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\aso3sys.dll möglicherweise Variante von Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\ASOHelper.dll Variante von Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\RegistryReviver.exe Variante von Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\SendLogs.exe Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\bg\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\cs\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\DA\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\DTCH\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\el\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\ENG\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\ES\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\fi\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\FR\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\GRMN\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\hu\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\in\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\ITLY\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\JA\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\no\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\pt\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\ro\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\sv\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\th\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\Reviversoft\Registry Reviver\ZH\regclean.ini Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll Variante von Win32/Toolbar.SearchSuite Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Users\Max.Gleißberg-PC\AppData\Roaming\OpenCandy\OpenCandy_83F6C16F4B7241F5B5B897533DACD919\RegistryReviverSetup-ppi_.exe Win32/RegistryReviver Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Windows\Installer\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\00000004.@ Win64/Conedex.C Trojaner (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Windows.old\Users\Max Gleißberg\Downloads\SoftonicDownloader17614(2).exe Variante von Win32/SoftonicDownloader.A Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Windows.old\Users\Max Gleißberg\Downloads\SoftonicDownloader17614.exe Variante von Win32/SoftonicDownloader.A Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Windows.old\Users\Max Gleißberg\Downloads\SoftonicDownloader47285.exe Variante von Win32/SoftonicDownloader.A Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08042012_140016\C_Windows.old\Users\Max Gleißberg\Downloads\SoftonicDownloader48960.exe Variante von Win32/SoftonicDownloader.A Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08122012_002506\C_Users\Max.Gleißberg-PC\AppData\Local\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\00000004.@ Win64/Conedex.C Trojaner (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\08122012_002506\C_Users\Max.Gleißberg-PC\AppData\Local\{f133ba2a-ae86-ceed-75cd-206ecaa4a271}\U\80000064.@ Win64/Sirefef.AN Trojaner (Säubern nicht möglich) 00000000000000000000000000000000 I
${Memory} Variante von Win32/Sirefef.EZ Trojaner 00000000000000000000000000000000 I
Ich hoffe ihr helft mir genauso tatkräftig wie das vorige mal. | 