Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojaner via ICQ erhalten // TR/Drop.Delf.gn [Trojan] (laut Avira)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 03.05.2012, 06:15   #1
nofact
 
Trojaner via ICQ erhalten // TR/Drop.Delf.gn [Trojan] (laut Avira) - Standard

Trojaner via ICQ erhalten // TR/Drop.Delf.gn [Trojan] (laut Avira)



Hallo,

meine Freundin hat gestern von einer vermeintlich bekannten Person eine Datei per ICQ gesendet bekommen und diese natürlich geöffnet. Kurz danach kam Avira mit folgender Meldung:

Guard: Malware gefunden.

In der Datei 'C:/Users/Nicole/Documents/ICQ/23393890*/server.exe' wurde ein Virus oder unerwünschtes Programm 'TR/Drop.Delf.gn' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern. (Wurde also erst einmal in die Quarantäne verschoben)

Code:
ATTFilter
.
DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 9.0.8112.16421
Run by Nicole at 22:10:44 on 2012-05-02
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.2009.777 [GMT 2:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\windows\system32\rundll32.exe
C:\windows\system32\mfevtps.exe
C:\windows\System32\IgrsSvcs.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\windows\system32\conhost.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\USB Camera2\VM332_STI.EXE
C:\Program Files\Lenovo\VeriFace\PManage.exe
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Users\Nicole\AppData\Roaming\Spotify\spotify.exe
C:\Users\Nicole\AppData\Roaming\x.com
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\windows\system32\conhost.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\windows\system32\conhost.exe
C:\Users\Nicole\AppData\Local\Temp\TeamViewer\Version7\TeamViewer.exe
C:\Users\Nicole\AppData\Local\Temp\TeamViewer\Version7\tv_w32.exe
c:\users\nicole\appdata\local\temp\teamviewer\version7\TeamViewer_Desktop.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Nicole\Downloads\Defogger.exe
C:\windows\system32\conhost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20101201063809.dll
BHO: Windows Live Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [Spotify] "c:\users\nicole\appdata\roaming\spotify\spotify.exe" /uri spotify:autostart
uRun: [{9BCA71D0-842B-DC0A-E02D-29ADBC54F113}] c:\users\nicole\appdata\roaming\x.com
uRun: [ntuser1] c:\users\nicole\appdata\roaming\x.com
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
mRun: [332BigDog] c:\program files\usb camera2\VM332_STI.EXE
mRun: [VeriFaceManager] c:\program files\lenovo\veriface\PManage.exe
mRun: [UpdateP2GShortCut] "c:\program files\lenovo\power2go\muitransfer\muistartmenu.exe" "c:\program files\lenovo\power2go" updatewithcreateonce "software\cyberlink\power2go\5.0"
mRun: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
mRun: [Energy Management] c:\program files\lenovo\energy management\Energy Management.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [EPSON Stylus D68 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [QuickTime Plugin Install] c:\program files\quicktime\plugins\DeleteMe1.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRunOnce: [WLStart] "c:\program files\windows live\installer\wlstart.exe" /nosearch /nohomepage
StartupFolder: c:\users\nicole\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: An OneNote s&enden - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\icq7.4\ICQ.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0E552FB9-EE3D-4E1D-868D-E6554C9CB1D7} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0E552FB9-EE3D-4E1D-868D-E6554C9CB1D7}\14C6963656D275C414E42394 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0E552FB9-EE3D-4E1D-868D-E6554C9CB1D7}\473747164776D687E25657 : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{0E552FB9-EE3D-4E1D-868D-E6554C9CB1D7}\75F686E657E6760233 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0E552FB9-EE3D-4E1D-868D-E6554C9CB1D7}\D45696E637 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{FC839D3E-2938-4E0C-83B4-B800C191E1B6} : DhcpNameServer = 10.111.81.129 10.129.32.1
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\nicole\appdata\roaming\mozilla\firefox\profiles\9ckhszup.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q=
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - component: c:\users\nicole\appdata\roaming\mozilla\firefox\profiles\9ckhszup.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\nicole\appdata\roaming\mozilla\firefox\profiles\9ckhszup.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-12-1 386840]
R1 funfrm;funfrm;c:\windows\system32\drivers\funfrm.sys [2010-9-8 54800]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-12-1 64304]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-12-1 164840]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\avira\antivir desktop\sched.exe [2010-11-29 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-11-29 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-11-29 66616]
R2 IGRS;IGRS;c:\program files\lenovo\readycomm\common\IGRS.exe [2009-7-14 38152]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-5-1 203280]
R2 McMPFSvc;McAfee Personal Firewall-Dienst;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-12-1 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-12-1 271480]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-12-1 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-12-1 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-12-1 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-12-1 141792]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2010-1-20 23136]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-12-1 55840]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-12-1 152960]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-12-1 52104]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-12-1 313288]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
R3 vm332avs;Lenovo Camera2;c:\windows\system32\drivers\vm332avs.sys [2010-9-8 198000]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
R3 wdmirror;wdmirror;c:\windows\system32\drivers\WDMirror.sys [2010-9-8 11792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-12 253088]
S3 b57nd60x;Broadcom NetXtreme-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 Bridge0;Bridge0;c:\windows\system32\drivers\wdbridge.sys [2010-9-8 63240]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-7-14 229888]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\lenovo\readycomm\AppSvc.exe [2010-9-8 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\lenovo\readycomm\ConnSvc.exe [2010-9-8 579400]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-12-1 84264]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-5-10 18432]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-23 52224]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\wat\WatAdminSvc.exe [2011-2-28 1343400]
S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-21 81704]
.
=============== Created Last 30 ================
.
2012-05-02 20:06:30	--------	d-----w-	c:\users\nicole\appdata\roaming\TeamViewer
2012-05-01 20:32:51	64322	----a-w-	c:\users\nicole\appdata\roaming\x.com
2012-04-12 17:14:47	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-04-11 19:58:02	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-04-11 19:58:01	141112	----a-w-	c:\program files\internet explorer\sqmapi.dll
2012-04-11 19:58:00	194048	----a-w-	c:\program files\internet explorer\IEShims.dll
2012-04-11 19:58:00	1799168	----a-w-	c:\windows\system32\jscript9.dll
2012-04-11 19:58:00	1127424	----a-w-	c:\windows\system32\wininet.dll
2012-04-11 19:57:59	678912	----a-w-	c:\program files\internet explorer\iedvtool.dll
2012-04-11 19:57:58	1427456	----a-w-	c:\windows\system32\inetcpl.cpl
2012-04-11 19:53:26	5120	----a-w-	c:\windows\system32\wmi.dll
2012-04-11 19:53:26	19824	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-04-11 19:53:26	172544	----a-w-	c:\windows\system32\wintrust.dll
2012-04-11 19:53:26	159232	----a-w-	c:\windows\system32\imagehlp.dll
2012-04-11 19:51:14	3968368	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-04-11 19:51:13	3913072	----a-w-	c:\windows\system32\ntoskrnl.exe
.
==================== Find3M  ====================
.
2012-04-15 08:47:21	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-17 05:34:22	826880	----a-w-	c:\windows\system32\rdpcore.dll
2012-02-17 04:14:08	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13:22	24576	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-02-15 10:01:50	4547944	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-02-15 10:01:50	43520	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2012-02-10 05:38:43	1077248	----a-w-	c:\windows\system32\DWrite.dll
2012-02-03 03:54:27	2343424	----a-w-	c:\windows\system32\win32k.sys
.
============= FINISH: 22:13:50,27 ===============
         
Code:
ATTFilter
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 29.11.2010 21:33:23
System Uptime: 02.05.2012 21:23:55 (1 hours ago)
.
Motherboard: LENOVO |  | NITU1
Processor: Pentium(R) Dual-Core CPU       T4500  @ 2.30GHz | U2E1 | 2300/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 253 GiB total, 182,159 GiB free.
D: is FIXED (NTFS) - 30 GiB total, 23,677 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP133: 31.03.2012 20:50:21 - Geplanter Pr¸fpunkt
RP134: 11.04.2012 18:30:48 - Geplanter Pr¸fpunkt
RP135: 11.04.2012 21:50:51 - Windows Update
RP136: 18.04.2012 22:31:42 - Geplanter Pr¸fpunkt
RP137: 27.04.2012 23:22:07 - Geplanter Pr¸fpunkt
.
==== Installed Programs ======================
.
7-Zip 9.20
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader X (10.1.1) - Deutsch
Adobe Stock Photos 1.0
ALPS Touch Pad Driver
Amazon MP3-Downloader 1.0.9
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avira AntiVir Personal - Free Antivirus
Bonjour
Broadcom 802.11 Wireless Driver
Compatibility Pack for the 2007 Office system
Conexant HD Audio
EasyBits GO
EasyCapture
Electronic Arts Product Registration
Energy Management
Harry Potter II
iCloud
ICQ7.4
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
IntelÆ Matrix Storage Manager
iTunes
Junk Mail filter update
Lenovo EasyCamera
Lenovo OneKey Recovery
Lenovo ReadyComm 5
Lenovo ReadyComm 5.0 Service
McAfee AntiVirus Plus
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2003 German User Interface Pack
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MobileMe Control Panel
Mozilla Firefox 11.0 (x86 de)
Mozilla Thunderbird 9.0.1 (x86 de)
MSVCRT
PDFCreator
PhotoScape
Power2Go
QuickTime
Realtek Ethernet Controller Driver For Windows 7
Realtek USB 2.0 Card Reader
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Skype Click to Call
Skypeô 5.5
Spotify
Theme Park TM Manager
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VeriFace
Windows Live-Uploadtool
Windows Live Anmelde-Assistent
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Sync
Windows Live Writer
.
==== End Of File ===========================
         

Vielen Dank für Ihre Hilfe.

Freundlichen Gruß

 

Themen zu Trojaner via ICQ erhalten // TR/Drop.Delf.gn [Trojan] (laut Avira)
32 bit, acrobat update, antivir, antivir guard, avira, bonjour, browser, desktop, error, excel, firefox, flash player, home, lenovo, malware, mcafee firewall, mozilla, programm, realtek, siteadvisor, software, svchost.exe, system, trojan, trojaner, usb, usb 2.0, virus, vista, vista 32 bit, windows, windows 7 home




Ähnliche Themen: Trojaner via ICQ erhalten // TR/Drop.Delf.gn [Trojan] (laut Avira)


  1. GVU Trojaner-Problem!(Exploit.Drop.GS;Exploit.drop.GSA;trojan.ransom.SUGen;--->Malwarebytes-Funde)
    Plagegeister aller Art und deren Bekämpfung - 02.03.2013 (6)
  2. Exploit.Drop.GS / Trojan.Delf / Trojan.Ransom.Gen
    Log-Analyse und Auswertung - 11.01.2013 (7)
  3. Infektion mit GVU Trojaner;Trjan.0Accsess,Ransom.Gen,Delf,Dropper.BCMiner,Drop.Gs
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (3)
  4. Auf meinem PC: PUM.Disabled.SecurityCenter, Exploit.Drop.GS, Trojan.Delf, Trojan.Ransom.Gen
    Plagegeister aller Art und deren Bekämpfung - 02.10.2012 (29)
  5. TR/Drop.Delf.cip; TR/Drop.Delf.cio; BkCln.Unknown
    Plagegeister aller Art und deren Bekämpfung - 17.01.2009 (13)
  6. trojaner TR/Drop.Delf.czz kann jemand logfile auswerten
    Log-Analyse und Auswertung - 03.01.2008 (7)
  7. Trojaner Dropper Delf.0.1 und TR/Drop AgentAHR.2
    Log-Analyse und Auswertung - 10.12.2007 (9)
  8. TR/Drop.Delf.AHG.2 HELP!
    Plagegeister aller Art und deren Bekämpfung - 31.10.2007 (0)
  9. HILFE Trojaner Drop.Delf.FD.1
    Log-Analyse und Auswertung - 22.08.2007 (6)
  10. Trojaner: drop.delf.MQ
    Plagegeister aller Art und deren Bekämpfung - 14.09.2005 (15)
  11. TR/Drop.Delf.KY.2
    Log-Analyse und Auswertung - 18.07.2005 (33)
  12. Habe den Trojaner TR/Drop.Delf.FD.1
    Plagegeister aller Art und deren Bekämpfung - 10.04.2005 (15)
  13. TR/Drop.Delf.DJ.3
    Log-Analyse und Auswertung - 14.11.2004 (8)
  14. TR/drop.delf.dj.4 usw...
    Log-Analyse und Auswertung - 11.10.2004 (11)
  15. TR/Drop.Delf.DJ.3
    Plagegeister aller Art und deren Bekämpfung - 07.10.2004 (4)
  16. Tr/drop.delf.dj3
    Plagegeister aller Art und deren Bekämpfung - 23.09.2004 (3)
  17. Bitte um Hilfe:Trojaner Drop.Delf.Dj.3
    Log-Analyse und Auswertung - 11.08.2004 (2)

Zum Thema Trojaner via ICQ erhalten // TR/Drop.Delf.gn [Trojan] (laut Avira) - Hallo, meine Freundin hat gestern von einer vermeintlich bekannten Person eine Datei per ICQ gesendet bekommen und diese natürlich geöffnet. Kurz danach kam Avira mit folgender Meldung: Guard: Malware gefunden. - Trojaner via ICQ erhalten // TR/Drop.Delf.gn [Trojan] (laut Avira)...
Archiv
Du betrachtest: Trojaner via ICQ erhalten // TR/Drop.Delf.gn [Trojan] (laut Avira) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.