Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 7 Sperrbildschirm vermutlich GVU Trojaner (https://www.trojaner-board.de/143977-windows-7-sperrbildschirm-vermutlich-gvu-trojaner.html)

tohert 02.11.2013 17:22
Windows 7 Sperrbildschirm vermutlich GVU Trojaner
 
Habe schon ein Scan mit FRST durchgeführt.Wie geht es nun weiter??

Hier das Logfile.Sorry wenn ich mich undeutlich ausdrücke,aber bin kein PC-Profi.
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by SYSTEM on MININT-6JFIC2U on 02-11-2013 16:03:31
Running from H:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TosNC] - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-09] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-08-26] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1409424 2011-06-29] (Nero AG)
HKLM-x32\...\Run: [SVPWUTIL] - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-10-23] (APN)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-30] (Apple Inc.)
HKU\Default\...\Run: [TOPI.EXE] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [846936 2011-05-15] (TOSHIBA)
HKU\Default User\...\Run: [TOPI.EXE] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [846936 2011-05-15] (TOSHIBA)
HKU\TH2\...\Run: [TOPI.EXE] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [846936 2011-05-15] (TOSHIBA)
HKU\TH2\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-08-26] (Google Inc.)
HKU\TH2\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\TH2\...\Run: [360Amigo] - C:\Program Files\360Amigo\360Amigo.exe [5156128 2012-08-10] (360Amigo)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\TH2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4odt7tmqlf.lnk
ShortcutTarget: 4odt7tmqlf.lnk -> C:\PROGRA~3\flqmt7tdo4.dss (Корпорация Майкрософт)
Startup: C:\Users\TH2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Services (Whitelisted) =================

S2 AntiVirFirewallService; C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [655928 2013-09-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [622648 2013-09-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-02] (Avira Operations GmbH & Co. KG)
S2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.)
S2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2012-06-06] ()
S2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [103736 2012-06-06] ()
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-09] (Toshiba Europe GmbH)
S2 Winmgmt; C:\PROGRA~3\4odt7tmqlf.pss [61024 2013-11-02] (Microsoft Corporation)
S2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-01-13] ()

==================== Drivers (Whitelisted) ====================

S3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [114608 2013-07-29] (Avira GmbH)
S1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [141376 2013-07-29] (Avira GmbH)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-02] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-02] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-07-29] (Avira Operations GmbH & Co. KG)
S3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.)
S3 cmntnet; C:\Windows\System32\DRIVERS\cmntnet.sys [141824 2012-11-05] (Wireless Data Device)
S3 cmnuusbser; C:\Windows\System32\DRIVERS\cmnuusbser.sys [123904 2012-11-05] (Wireless Device)
S3 Tosrfcom; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-02 15:47 - 2013-11-02 15:47 - 00000000 ____D C:\FRST
2013-11-02 04:39 - 2013-11-02 04:42 - 00000297 _____ C:\ProgramData\4odt7tmqlf.reg
2013-11-02 04:39 - 2013-11-02 04:39 - 01595904 ____T C:\ProgramData\4odt7tmqlf.fdd
2013-11-02 04:33 - 2013-11-02 05:22 - 00000000 _____ C:\ProgramData\4odt7tmqlf.fvv
2013-11-02 04:33 - 2013-11-02 04:33 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\4odt7tmqlf.pss
2013-11-02 04:32 - 2013-11-02 05:22 - 95025368 ____T C:\ProgramData\4odt7tmqlf.bxx
2013-11-02 04:32 - 2013-11-02 04:32 - 00151552 _____ (Корпорация Майкрософт) C:\ProgramData\flqmt7tdo4.dss
2013-11-02 03:05 - 2013-11-02 03:05 - 104569497 _____ C:\Windows\SysWOW64\龍�C
2013-10-31 22:40 - 2013-09-04 04:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-10-31 22:40 - 2013-09-04 04:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-10-31 22:40 - 2013-09-04 04:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2013-10-31 22:40 - 2013-09-04 04:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-10-31 22:40 - 2013-09-04 04:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-10-31 22:40 - 2013-09-04 04:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-10-31 22:40 - 2013-09-04 04:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2013-10-26 22:13 - 2013-10-26 22:13 - 00000000 ____D C:\Users\TH2\AppData\Roaming\Mozilla
2013-10-21 00:15 - 2013-10-21 00:15 - 00001790 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-21 00:14 - 2013-10-21 00:15 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-21 00:14 - 2013-10-21 00:15 - 00000000 ____D C:\Program Files\iTunes
2013-10-21 00:14 - 2013-10-21 00:15 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-21 00:14 - 2013-10-21 00:14 - 00000000 ____D C:\Program Files\iPod
2013-10-14 07:56 - 2013-09-22 15:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-14 07:56 - 2013-09-22 15:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-14 07:56 - 2013-09-22 15:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-14 07:56 - 2013-09-22 15:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-14 07:56 - 2013-09-22 15:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-14 07:56 - 2013-09-22 15:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-14 07:56 - 2013-09-22 15:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-14 07:56 - 2013-09-22 15:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-14 07:56 - 2013-09-22 15:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-14 07:56 - 2013-09-22 15:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-14 07:56 - 2013-09-22 15:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-14 07:56 - 2013-09-22 15:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-14 07:56 - 2013-09-22 15:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-14 07:56 - 2013-09-22 14:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-10-14 07:56 - 2013-09-22 14:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-10-14 07:56 - 2013-09-22 14:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-10-14 07:56 - 2013-09-22 14:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-10-14 07:56 - 2013-09-22 14:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-10-14 07:56 - 2013-09-22 14:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-10-14 07:56 - 2013-09-22 14:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-10-14 07:56 - 2013-09-22 14:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-10-14 07:56 - 2013-09-22 14:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-10-14 07:56 - 2013-09-22 14:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-10-14 07:56 - 2013-09-22 14:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-10-14 07:56 - 2013-09-22 14:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-10-14 07:56 - 2013-09-22 14:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-10-14 07:56 - 2013-09-22 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-10-14 07:56 - 2013-09-20 19:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-10-14 07:56 - 2013-09-20 19:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-14 07:56 - 2013-09-20 18:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-10-14 07:56 - 2013-09-20 18:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-14 07:22 - 2013-10-14 07:30 - 00000000 ____D C:\Users\TH2\AppData\Roaming\vlc
2013-10-14 07:21 - 2013-10-14 07:21 - 00001073 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-14 07:20 - 2013-10-14 07:20 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-10-14 07:18 - 2013-10-14 07:19 - 25132744 _____ C:\Users\TH2\Downloads\vlc-2.1.0-win32.exe
2013-10-13 23:49 - 2013-10-13 23:49 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec8b1f7ebf1eb.job
2013-10-13 23:47 - 2013-09-13 17:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-10-13 23:47 - 2013-09-07 18:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-10-13 23:47 - 2013-09-07 18:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2013-10-13 23:47 - 2013-09-07 18:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-13 23:47 - 2013-08-28 18:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-10-13 23:47 - 2013-08-27 17:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-10-13 23:47 - 2013-07-12 02:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-10-13 23:47 - 2013-07-12 02:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2013-10-13 23:47 - 2013-07-04 04:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2013-10-13 23:47 - 2013-07-04 04:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2013-10-13 23:47 - 2013-07-04 04:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2013-10-13 23:47 - 2013-07-04 03:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-13 23:47 - 2013-07-04 03:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-13 23:47 - 2013-07-04 03:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-13 23:47 - 2013-07-04 02:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2013-10-13 23:47 - 2013-07-02 20:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-10-13 23:47 - 2013-07-02 20:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2013-10-13 23:47 - 2013-06-25 14:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-10-13 23:47 - 2013-06-05 21:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2013-10-13 23:47 - 2013-06-05 21:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-10-13 23:47 - 2013-06-05 21:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2013-10-13 23:47 - 2013-06-05 21:47 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-10-13 23:47 - 2013-06-05 20:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-13 23:47 - 2013-06-05 20:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-13 23:47 - 2013-06-05 20:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-13 23:47 - 2013-06-05 19:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-10-13 23:47 - 2013-06-05 19:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-13 23:47 - 2013-06-05 19:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-13 23:46 - 2013-08-28 18:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-10-13 23:46 - 2013-08-28 18:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\tdh.dll
2013-10-13 23:46 - 2013-08-28 18:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-10-13 23:46 - 2013-08-28 18:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2013-10-13 23:46 - 2013-08-28 17:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-13 23:46 - 2013-08-28 17:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-13 23:46 - 2013-08-28 17:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-13 23:46 - 2013-08-28 17:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-13 23:46 - 2013-08-28 17:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-13 23:46 - 2013-08-28 17:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-13 23:46 - 2013-08-28 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-13 23:46 - 2013-08-28 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-13 23:46 - 2013-08-28 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-13 23:46 - 2013-08-28 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-13 23:46 - 2013-08-27 17:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\System32\scavengeui.dll
2013-10-13 23:46 - 2013-08-01 04:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-10-13 23:46 - 2013-07-20 02:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-10-13 23:46 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

==================== One Month Modified Files and Folders =======

2013-11-02 15:47 - 2013-11-02 15:47 - 00000000 ____D C:\FRST
2013-11-02 05:38 - 2011-11-25 14:32 - 01698423 _____ C:\Windows\WindowsUpdate.log
2013-11-02 05:30 - 2009-07-13 20:45 - 00024912 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-02 05:30 - 2009-07-13 20:45 - 00024912 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-02 05:22 - 2013-11-02 04:33 - 00000000 _____ C:\ProgramData\4odt7tmqlf.fvv
2013-11-02 05:22 - 2013-11-02 04:32 - 95025368 ____T C:\ProgramData\4odt7tmqlf.bxx
2013-11-02 05:21 - 2009-07-13 20:51 - 00066332 _____ C:\Windows\setupact.log
2013-11-02 04:51 - 2011-02-11 00:21 - 00654400 _____ C:\Windows\System32\perfh007.dat
2013-11-02 04:51 - 2011-02-11 00:21 - 00130240 _____ C:\Windows\System32\perfc007.dat
2013-11-02 04:51 - 2009-07-13 21:13 - 01498742 _____ C:\Windows\System32\PerfStringBackup.INI
2013-11-02 04:42 - 2013-11-02 04:39 - 00000297 _____ C:\ProgramData\4odt7tmqlf.reg
2013-11-02 04:39 - 2013-11-02 04:39 - 01595904 ____T C:\ProgramData\4odt7tmqlf.fdd
2013-11-02 04:33 - 2013-11-02 04:33 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\4odt7tmqlf.pss
2013-11-02 04:32 - 2013-11-02 04:32 - 00151552 _____ (Корпорация Майкрософт) C:\ProgramData\flqmt7tdo4.dss
2013-11-02 03:05 - 2013-11-02 03:05 - 104569497 _____ C:\Windows\SysWOW64\龍�C
2013-10-26 22:13 - 2013-10-26 22:13 - 00000000 ____D C:\Users\TH2\AppData\Roaming\Mozilla
2013-10-21 00:15 - 2013-10-21 00:15 - 00001790 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-21 00:15 - 2013-10-21 00:14 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-21 00:15 - 2013-10-21 00:14 - 00000000 ____D C:\Program Files\iTunes
2013-10-21 00:15 - 2013-10-21 00:14 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-21 00:14 - 2013-10-21 00:14 - 00000000 ____D C:\Program Files\iPod
2013-10-19 00:56 - 2012-04-26 04:47 - 00000000 ____D C:\Einkommensteuer
2013-10-18 23:49 - 2013-09-28 11:46 - 00106123 _____ C:\Users\TH2\ESt2012_Hertle_Torsten.elfo
2013-10-18 01:04 - 2012-04-25 04:30 - 00000000 ____D C:\BW Dateien
2013-10-15 07:06 - 2012-04-24 09:18 - 00000000 ____D C:\Users\TH2\AppData\Local\Google
2013-10-14 22:00 - 2009-07-13 20:45 - 00437048 _____ C:\Windows\System32\FNTCACHE.DAT
2013-10-14 21:57 - 2010-11-20 19:47 - 00226768 _____ C:\Windows\PFRO.log
2013-10-14 07:55 - 2013-03-13 04:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-14 07:55 - 2013-03-13 04:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-14 07:52 - 2013-07-28 02:25 - 00000000 ____D C:\Windows\System32\MRT
2013-10-14 07:50 - 2012-04-30 10:15 - 80541720 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-10-14 07:45 - 2012-06-03 03:08 - 00000000 ____D C:\Users\TH2\AppData\Roaming\Skype
2013-10-14 07:30 - 2013-10-14 07:22 - 00000000 ____D C:\Users\TH2\AppData\Roaming\vlc
2013-10-14 07:21 - 2013-10-14 07:21 - 00001073 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-14 07:20 - 2013-10-14 07:20 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-10-14 07:19 - 2013-10-14 07:18 - 25132744 _____ C:\Users\TH2\Downloads\vlc-2.1.0-win32.exe
2013-10-14 07:15 - 2013-02-05 09:51 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2013-10-13 23:49 - 2013-10-13 23:49 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec8b1f7ebf1eb.job

Files to move or delete:
====================
C:\ProgramData\4odt7tmqlf.reg
C:\ProgramData\flqmt7tdo4.dss


Some content of TEMP:
====================
C:\Users\TH2\AppData\Local\Temp\-m5vpuvf.dll
C:\Users\TH2\AppData\Local\Temp\-vkj23gi.dll
C:\Users\TH2\AppData\Local\Temp\0itsp5wm.dll
C:\Users\TH2\AppData\Local\Temp\0q3imghf.dll
C:\Users\TH2\AppData\Local\Temp\12ipae_h.dll
C:\Users\TH2\AppData\Local\Temp\3ismcqhp.dll
C:\Users\TH2\AppData\Local\Temp\3zbhuovz.dll
C:\Users\TH2\AppData\Local\Temp\44d_vjbx.dll
C:\Users\TH2\AppData\Local\Temp\5cvu_opg.dll
C:\Users\TH2\AppData\Local\Temp\7v9g1j-c.dll
C:\Users\TH2\AppData\Local\Temp\84ejk4jr.dll
C:\Users\TH2\AppData\Local\Temp\8s54xojq.dll
C:\Users\TH2\AppData\Local\Temp\a2sfukmu.dll
C:\Users\TH2\AppData\Local\Temp\abvjijzw.dll
C:\Users\TH2\AppData\Local\Temp\ahxzocqf.dll
C:\Users\TH2\AppData\Local\Temp\AskSLib.dll
C:\Users\TH2\AppData\Local\Temp\b1shat1e.dll
C:\Users\TH2\AppData\Local\Temp\bf5e8dpf.dll
C:\Users\TH2\AppData\Local\Temp\bfctk2ru.dll
C:\Users\TH2\AppData\Local\Temp\biciolo6.dll
C:\Users\TH2\AppData\Local\Temp\brufya7b.dll
C:\Users\TH2\AppData\Local\Temp\c-vv3bko.dll
C:\Users\TH2\AppData\Local\Temp\cemfgjcn.dll
C:\Users\TH2\AppData\Local\Temp\dzwrha9f.dll
C:\Users\TH2\AppData\Local\Temp\e1cxzhme.dll
C:\Users\TH2\AppData\Local\Temp\elkn4fjj.dll
C:\Users\TH2\AppData\Local\Temp\et9zgzyf.dll
C:\Users\TH2\AppData\Local\Temp\FileSystemView.dll
C:\Users\TH2\AppData\Local\Temp\gb0yoegd.dll
C:\Users\TH2\AppData\Local\Temp\h-1377227279.tmp.dll
C:\Users\TH2\AppData\Local\Temp\h4ymrflf.dll
C:\Users\TH2\AppData\Local\Temp\i9z-svyj.dll
C:\Users\TH2\AppData\Local\Temp\igmlndoq.dll
C:\Users\TH2\AppData\Local\Temp\immje1yf.dll
C:\Users\TH2\AppData\Local\Temp\itrqr2ao.dll
C:\Users\TH2\AppData\Local\Temp\j-hm86q3.dll
C:\Users\TH2\AppData\Local\Temp\khr7zk8k.dll
C:\Users\TH2\AppData\Local\Temp\ldsqis6f.dll
C:\Users\TH2\AppData\Local\Temp\lemi4kao.dll
C:\Users\TH2\AppData\Local\Temp\libnspr4.dll
C:\Users\TH2\AppData\Local\Temp\mfc80.dll
C:\Users\TH2\AppData\Local\Temp\mfc80u.dll
C:\Users\TH2\AppData\Local\Temp\mfcm80.dll
C:\Users\TH2\AppData\Local\Temp\mfcm80u.dll
C:\Users\TH2\AppData\Local\Temp\msvcm80.dll
C:\Users\TH2\AppData\Local\Temp\msvcp80.dll
C:\Users\TH2\AppData\Local\Temp\msvcr80.dll
C:\Users\TH2\AppData\Local\Temp\mykzo4ep.dll
C:\Users\TH2\AppData\Local\Temp\nqxgeohn.dll
C:\Users\TH2\AppData\Local\Temp\nwoagnsd.dll
C:\Users\TH2\AppData\Local\Temp\nxxhipuj.dll
C:\Users\TH2\AppData\Local\Temp\OfficeSetup.exe
C:\Users\TH2\AppData\Local\Temp\ov0utjtt.dll
C:\Users\TH2\AppData\Local\Temp\p-hkkn36.dll
C:\Users\TH2\AppData\Local\Temp\plczzxmi.dll
C:\Users\TH2\AppData\Local\Temp\plf9psh8.dll
C:\Users\TH2\AppData\Local\Temp\pqbzl4gv.dll
C:\Users\TH2\AppData\Local\Temp\ronm3wno.dll
C:\Users\TH2\AppData\Local\Temp\s9bw8vg0.dll
C:\Users\TH2\AppData\Local\Temp\setup.exe
C:\Users\TH2\AppData\Local\Temp\t3xcslrb.dll
C:\Users\TH2\AppData\Local\Temp\t5uyg5rf.dll
C:\Users\TH2\AppData\Local\Temp\ucphtzwg.dll
C:\Users\TH2\AppData\Local\Temp\uedjhiqf.dll
C:\Users\TH2\AppData\Local\Temp\Uninstaller.exe
C:\Users\TH2\AppData\Local\Temp\UninstallerGer.dll
C:\Users\TH2\AppData\Local\Temp\UninstallerIta.dll
C:\Users\TH2\AppData\Local\Temp\v7cujy8i.dll
C:\Users\TH2\AppData\Local\Temp\vjaobo0c.dll
C:\Users\TH2\AppData\Local\Temp\vlnv2dl5.dll
C:\Users\TH2\AppData\Local\Temp\w5mk5cms.dll
C:\Users\TH2\AppData\Local\Temp\w7mhkixg.dll
C:\Users\TH2\AppData\Local\Temp\wato9key.dll
C:\Users\TH2\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\TH2\AppData\Local\Temp\xk44_doc.dll
C:\Users\TH2\AppData\Local\Temp\xy8xnyp9.dll
C:\Users\TH2\AppData\Local\Temp\ydyy2ont.dll
C:\Users\TH2\AppData\Local\Temp\yhq7ut9g.dll
C:\Users\TH2\AppData\Local\Temp\yyfu2xbd.dll
C:\Users\TH2\AppData\Local\Temp\zjdy-dor.dll
C:\Users\TH2\AppData\Local\Temp\_hkvo8hb.dll
C:\Users\TH2\AppData\Local\Temp\_t48xrlz.dll


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

9
Restore point made on: 2013-07-24 06:58:53
Restore point made on: 2013-07-28 02:25:04
Restore point made on: 2013-07-29 07:23:34
Restore point made on: 2013-07-29 07:37:37
Restore point made on: 2013-07-29 08:23:35
Restore point made on: 2013-08-15 07:26:09
Restore point made on: 2013-09-16 08:45:53
Restore point made on: 2013-10-14 07:48:06
Restore point made on: 2013-11-02 01:08:15

==================== Memory info ===========================

Percentage of memory in use: 11%
Total physical RAM: 6121.76 MB
Available physical RAM: 5387.49 MB
Total Pagefile: 6119.96 MB
Available Pagefile: 5385.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:137.91 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:210.99 GB) NTFS
Drive e: (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (COD4MW) (CDROM) (Total:6.35 GB) (Free:0 GB) UDF
Drive h: (CORSAIR) (Removable) (Total:14.92 GB) (Free:0.19 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8A71E1AC)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)


LastRegBack: 2013-07-24 07:33

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 02.11.2013 17:43
hi,

Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Startup: C:\Users\TH2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4odt7tmqlf.lnk
ShortcutTarget: 4odt7tmqlf.lnk -> C:\PROGRA~3\flqmt7tdo4.dss (Корпорация Майкрософт)
S2 Winmgmt; C:\PROGRA~3\4odt7tmqlf.pss [61024 2013-11-02] (Microsoft Corporation)
C:\ProgramData\4odt7tmqlf.reg
C:\ProgramData\flqmt7tdo4.dss
C:\Users\TH2\AppData\Local\Temp\-m5vpuvf.dll
C:\Users\TH2\AppData\Local\Temp\-vkj23gi.dll
C:\Users\TH2\AppData\Local\Temp\0itsp5wm.dll
C:\Users\TH2\AppData\Local\Temp\0q3imghf.dll
C:\Users\TH2\AppData\Local\Temp\12ipae_h.dll
C:\Users\TH2\AppData\Local\Temp\3ismcqhp.dll
C:\Users\TH2\AppData\Local\Temp\3zbhuovz.dll
C:\Users\TH2\AppData\Local\Temp\44d_vjbx.dll
C:\Users\TH2\AppData\Local\Temp\5cvu_opg.dll
C:\Users\TH2\AppData\Local\Temp\7v9g1j-c.dll
C:\Users\TH2\AppData\Local\Temp\84ejk4jr.dll
C:\Users\TH2\AppData\Local\Temp\8s54xojq.dll
C:\Users\TH2\AppData\Local\Temp\a2sfukmu.dll
C:\Users\TH2\AppData\Local\Temp\abvjijzw.dll
C:\Users\TH2\AppData\Local\Temp\ahxzocqf.dll
C:\Users\TH2\AppData\Local\Temp\AskSLib.dll
C:\Users\TH2\AppData\Local\Temp\b1shat1e.dll
C:\Users\TH2\AppData\Local\Temp\bf5e8dpf.dll
C:\Users\TH2\AppData\Local\Temp\bfctk2ru.dll
C:\Users\TH2\AppData\Local\Temp\biciolo6.dll
C:\Users\TH2\AppData\Local\Temp\brufya7b.dll
C:\Users\TH2\AppData\Local\Temp\c-vv3bko.dll
C:\Users\TH2\AppData\Local\Temp\cemfgjcn.dll
C:\Users\TH2\AppData\Local\Temp\dzwrha9f.dll
C:\Users\TH2\AppData\Local\Temp\e1cxzhme.dll
C:\Users\TH2\AppData\Local\Temp\elkn4fjj.dll
C:\Users\TH2\AppData\Local\Temp\et9zgzyf.dll
C:\Users\TH2\AppData\Local\Temp\FileSystemView.dll
C:\Users\TH2\AppData\Local\Temp\gb0yoegd.dll
C:\Users\TH2\AppData\Local\Temp\h-1377227279.tmp.dll
C:\Users\TH2\AppData\Local\Temp\h4ymrflf.dll
C:\Users\TH2\AppData\Local\Temp\i9z-svyj.dll
C:\Users\TH2\AppData\Local\Temp\igmlndoq.dll
C:\Users\TH2\AppData\Local\Temp\immje1yf.dll
C:\Users\TH2\AppData\Local\Temp\itrqr2ao.dll
C:\Users\TH2\AppData\Local\Temp\j-hm86q3.dll
C:\Users\TH2\AppData\Local\Temp\khr7zk8k.dll
C:\Users\TH2\AppData\Local\Temp\ldsqis6f.dll
C:\Users\TH2\AppData\Local\Temp\lemi4kao.dll
C:\Users\TH2\AppData\Local\Temp\libnspr4.dll
C:\Users\TH2\AppData\Local\Temp\mfc80.dll
C:\Users\TH2\AppData\Local\Temp\mfc80u.dll
C:\Users\TH2\AppData\Local\Temp\mfcm80.dll
C:\Users\TH2\AppData\Local\Temp\mfcm80u.dll
C:\Users\TH2\AppData\Local\Temp\msvcm80.dll
C:\Users\TH2\AppData\Local\Temp\msvcp80.dll
C:\Users\TH2\AppData\Local\Temp\msvcr80.dll
C:\Users\TH2\AppData\Local\Temp\mykzo4ep.dll
C:\Users\TH2\AppData\Local\Temp\nqxgeohn.dll
C:\Users\TH2\AppData\Local\Temp\nwoagnsd.dll
C:\Users\TH2\AppData\Local\Temp\nxxhipuj.dll
C:\Users\TH2\AppData\Local\Temp\OfficeSetup.exe
C:\Users\TH2\AppData\Local\Temp\ov0utjtt.dll
C:\Users\TH2\AppData\Local\Temp\p-hkkn36.dll
C:\Users\TH2\AppData\Local\Temp\plczzxmi.dll
C:\Users\TH2\AppData\Local\Temp\plf9psh8.dll
C:\Users\TH2\AppData\Local\Temp\pqbzl4gv.dll
C:\Users\TH2\AppData\Local\Temp\ronm3wno.dll
C:\Users\TH2\AppData\Local\Temp\s9bw8vg0.dll
C:\Users\TH2\AppData\Local\Temp\setup.exe
C:\Users\TH2\AppData\Local\Temp\t3xcslrb.dll
C:\Users\TH2\AppData\Local\Temp\t5uyg5rf.dll
C:\Users\TH2\AppData\Local\Temp\ucphtzwg.dll
C:\Users\TH2\AppData\Local\Temp\uedjhiqf.dll
C:\Users\TH2\AppData\Local\Temp\Uninstaller.exe
C:\Users\TH2\AppData\Local\Temp\UninstallerGer.dll
C:\Users\TH2\AppData\Local\Temp\UninstallerIta.dll
C:\Users\TH2\AppData\Local\Temp\v7cujy8i.dll
C:\Users\TH2\AppData\Local\Temp\vjaobo0c.dll
C:\Users\TH2\AppData\Local\Temp\vlnv2dl5.dll
C:\Users\TH2\AppData\Local\Temp\w5mk5cms.dll
C:\Users\TH2\AppData\Local\Temp\w7mhkixg.dll
C:\Users\TH2\AppData\Local\Temp\wato9key.dll
C:\Users\TH2\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\TH2\AppData\Local\Temp\xk44_doc.dll
C:\Users\TH2\AppData\Local\Temp\xy8xnyp9.dll
C:\Users\TH2\AppData\Local\Temp\ydyy2ont.dll
C:\Users\TH2\AppData\Local\Temp\yhq7ut9g.dll
C:\Users\TH2\AppData\Local\Temp\yyfu2xbd.dll
C:\Users\TH2\AppData\Local\Temp\zjdy-dor.dll
C:\Users\TH2\AppData\Local\Temp\_hkvo8hb.dll
C:\Users\TH2\AppData\Local\Temp\_t48xrlz.dll
2013-11-02 05:22 - 2013-11-02 04:33 - 00000000 _____ C:\ProgramData\4odt7tmqlf.fvv
2013-11-02 05:22 - 2013-11-02 04:32 - 95025368 ____T C:\ProgramData\4odt7tmqlf.bxx
2013-11-02 04:39 - 2013-11-02 04:42 - 00000297 _____ C:\ProgramData\4odt7tmqlf.reg
2013-11-02 04:39 - 2013-11-02 04:39 - 01595904 ____T C:\ProgramData\4odt7tmqlf.fdd
2013-11-02 04:33 - 2013-11-02 05:22 - 00000000 _____ C:\ProgramData\4odt7tmqlf.fvv
2013-11-02 04:33 - 2013-11-02 04:33 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\4odt7tmqlf.pss
2013-11-02 04:32 - 2013-11-02 05:22 - 95025368 ____T C:\ProgramData\4odt7tmqlf.bxx
2013-11-02 04:32 - 2013-11-02 04:32 - 00151552 _____ (Корпорация Майкрософт) C:\ProgramData\flqmt7tdo4.dss
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.


Rechner normal starten.


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:25 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19