Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Auch der GVU Trojaner

Auch der GVU Trojaner


Log-Analyse und Auswertung: Auch der GVU Trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 03.10.2012, 15:04   #7
mc_fly
 
Auch der GVU Trojaner - Standard

Auch der GVU Trojaner


Sooo...der PC lässt sich wieder hochfahren und die LOG habe ich auch gefunden:

Code:
ATTFilter
========== OTL ==========
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\Angelika_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "hxxp://google.de" removed from browser.startup.homepage
Prefs.js: {66E978CD-981F-47DF-AC42-E3CF417C1467}:0.4.3 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
E:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File E:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
E:\Program Files\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_USERS\Angelika_ON_E\Software\Microsoft\Windows\CurrentVersion\Run\\gqptoicagqparbc deleted successfully.
E:\Windows\gqptoica.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
E:\autoexec.bat moved successfully.
X:\AUTORUN.INF moved successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== FILES ==========
E:\ProgramData\gqptoica.exe moved successfully.
E:\ProgramData\Temp\{64EF903E-D00A-414C-94A4-FBA368FFCDC9} folder moved successfully.
E:\ProgramData\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D} folder moved successfully.
E:\ProgramData\Temp folder moved successfully.
File\Folder E:\Users\Angelika\*.tmp not found.
E:\Users\Angelika\AppData\Local\{3FC21171-5791-4A23-9457-C69E74E011BE} folder moved successfully.
E:\Users\Angelika\AppData\Local\{4DE84F27-A69A-425D-B8DA-CF884BA51D28} folder moved successfully.
E:\Users\Angelika\AppData\Local\{BEE09430-43DB-4D17-99CB-E5574B8AC05E} folder moved successfully.
E:\Users\Angelika\AppData\Local\Temp\derm32.exe moved successfully.
E:\Users\Angelika\AppData\Local\Temp\jre-7u3-windows-i586-iftw.exe moved successfully.
E:\Users\Angelika\AppData\Local\Temp\jre-7u6-windows-i586-iftw.exe moved successfully.
E:\Users\Angelika\AppData\Local\Temp\lj1018-HB-pd-win32-enp.exe moved successfully.
E:\Users\Angelika\AppData\Local\Temp\LMkRstPt.exe moved successfully.
E:\Users\Angelika\AppData\Local\Temp\ose00000.exe moved successfully.
E:\Users\Angelika\AppData\Local\Temp\pdf24-creator-update.exe moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
E:\Users\Angelika\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
E:\cmd.bat deleted successfully.
E:\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Angelika
->Temp folder emptied: 144714613 bytes
->Temporary Internet Files folder emptied: 322509217 bytes
->FireFox cache emptied: 85242455 bytes
->Flash cache emptied: 152333 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes
 
User: Default User
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 127404002 bytes
 
Total Files Cleaned = 649.00 mb
 
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 10042012_003756

 

Themen zu Auch der GVU Trojaner
andere, anderen, avira searchfree toolbar, bringe, chip, doofe, forum, frage, getrennt, hänge, infizierte, infizierten, laden, laufe, laufen, launch, otlpe, packard bell, plug-in, poste, posten, rechner, stelle, stick, troja, trojaner, versuch, versucht, wildtangent games


« Bundespolizei Trojaner entfernen | GVU Trojana 2.07 Vista »


Ähnliche Themen: Auch der GVU Trojaner


  1. Viren eingefangen (JAVA/dldr.lamar.TP), auch Trojaner (Polizei.Trojaner) gefunden
    Log-Analyse und Auswertung - 07.05.2013 (15)
  2. Möchte meinen PC Trojaner frei bekommen (auch Trojaner Downloader)
    Plagegeister aller Art und deren Bekämpfung - 27.02.2013 (12)
  3. GVU Trojaner auch bei mir
    Log-Analyse und Auswertung - 11.09.2012 (23)
  4. Auch GUV Trojaner
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (17)
  5. Auch Trojaner GVU 2.07
    Plagegeister aller Art und deren Bekämpfung - 11.08.2012 (13)
  6. Habe auch den 50€ trojaner
    Alles rund um Windows - 27.04.2012 (1)
  7. auch bei mir ein 50€-Trojaner..
    Plagegeister aller Art und deren Bekämpfung - 12.04.2012 (10)
  8. Bundespolizei - Trojaner auch bei mir!
    Plagegeister aller Art und deren Bekämpfung - 08.03.2012 (19)
  9. auch BKA Trojaner
    Plagegeister aller Art und deren Bekämpfung - 30.07.2011 (1)
  10. BKA Trojaner auch bei mir ...
    Log-Analyse und Auswertung - 15.07.2011 (1)
  11. kazy.mekml.1 auch bei mir , ich bin auch dabei
    Plagegeister aller Art und deren Bekämpfung - 28.04.2011 (13)
  12. TR/Shutdowner.fft bei mir auch Hilfe kopiert sich auch auf jede SDkarte mit ?
    Plagegeister aller Art und deren Bekämpfung - 20.12.2010 (6)
  13. 20 Tan Trojaner auch bei mir
    Plagegeister aller Art und deren Bekämpfung - 30.10.2010 (47)
  14. 20 TAN Trojaner auch bei mir
    Plagegeister aller Art und deren Bekämpfung - 29.10.2010 (3)
  15. 40 TAN Trojaner - auch ich...
    Plagegeister aller Art und deren Bekämpfung - 13.08.2010 (8)
  16. auch ratlos hier ist auch mein logfile bitte helfen
    Mülltonne - 30.03.2006 (1)
  17. tach auch könnt ihr auch hier ein auge drauf werfen
    Log-Analyse und Auswertung - 25.02.2005 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Auch der GVU Trojaner - Sooo...der PC lässt sich wieder hochfahren und die LOG habe ich auch gefunden: Code: Alles auswählen Aufklappen ATTFilter ========== OTL ========== HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! HKU\Angelika_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 - Auch der GVU Trojaner...
Archiv
Du betrachtest: Auch der GVU Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132