| |
| |||||||
Log-Analyse und Auswertung: GVU Trojaner erhaltenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
22.08.2012, 22:17
| #1 |
| /// Helfer-Team  |  GVU Trojaner erhalten Sehr gut!  Lasse die Funde loeschen, dann: Deinstalliere: Emsisoft Anti-Malware ESET Online Scanner Vorbereitung
|
|
01.09.2012, 11:44
| #2 |
 | GVU Trojaner erhalten Gut, habe ich gemacht,
__________________hier das Ergebnis: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=cfec486d22d9b04d88162ea0d4dc20dc
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-31 12:08:49
# local_time=2012-08-31 02:08:49 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1280 16777215 100 0 0 0 0 0
# compatibility_mode=1792 16777191 100 0 4124515 4124515 0 0
# compatibility_mode=8192 67108863 100 0 489 489 0 0
# scanned=75284
# found=16
# cleaned=16
# scan_time=4684
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.23.10\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.23.10\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Programme\Uniblue\RegistryBooster\Launcher.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Programme\Uniblue\RegistryBooster\rbnotifier.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Programme\Uniblue\RegistryBooster\rb_move_serial.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Programme\Uniblue\RegistryBooster\rb_ubm.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Programme\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{36592031-A863-415E-A65A-3988E16D8A6C}\RP531\A0072389.dll a variant of Win32/Toolbar.Babylon application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{36592031-A863-415E-A65A-3988E16D8A6C}\RP531\A0072390.exe probably a variant of Win32/Toolbar.Babylon application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{36592031-A863-415E-A65A-3988E16D8A6C}\RP531\A0072392.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{36592031-A863-415E-A65A-3988E16D8A6C}\RP531\A0072393.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{36592031-A863-415E-A65A-3988E16D8A6C}\RP531\A0072394.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{36592031-A863-415E-A65A-3988E16D8A6C}\RP531\A0072395.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{36592031-A863-415E-A65A-3988E16D8A6C}\RP531\A0072396.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{36592031-A863-415E-A65A-3988E16D8A6C}\RP531\A0072397.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
Polzi |
|
| Themen zu GVU Trojaner erhalten |
| adobe, antivirus, avira, babylon toolbar, babylontoolbar, bho, browser, einstellungen, explorer, firefox, flash player, format, google earth, gvu 2.07, heuristiks/extra, heuristiks/shuriken, home, homepage, intranet, kaspersky, locker, logfile, object, opera, plug-in, realtek, registry, scan, searchscopes, software, stick, taskleiste, temp, trojaner, wbemess.dll |
Hybrid-Darstellung
