Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
GVÜ- Trojaner Windows 7 32 bit

GVÜ- Trojaner Windows 7 32 bit


Log-Analyse und Auswertung: GVÜ- Trojaner Windows 7 32 bit

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 20.08.2013, 08:01   #1
terryly
 
GVÜ- Trojaner Windows 7 32 bit - Standard

GVÜ- Trojaner Windows 7 32 bit


Hallo allerseits, ich brauche bitte mal Eure Hilfe;

Mein Vater hat sich gestern diese "Seuche" auf seinem Laptop eingefangen und es erscheint die bekannte Seite.

Ich habe die Anleitungen schon befolgt und poste Euch mal die Logfiles:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2013 03
Ran by SYSTEM on 20-08-2013 08:48:29
Running from D:\
Windows 7 Ultimate (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7739936 2010-01-15] (Realtek Semiconductor)
HKLM\...\Run: [Apple_KbdMgr] - C:\Program Files\Boot Camp\Bootcamp.exe [526208 2011-08-15] (Apple Inc.)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13826664 2010-01-05] (NVIDIA Corporation)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [VirtualCloneDrive] - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [630784 2012-09-13] (Brother Industries, Ltd.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe
HKU\Pippo\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [ 2011-06-04] (Acresso Corporation)
HKU\Pippo\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\Pippo\AppData\Local\Temp\hujodpntdskxyscvc.exe [ 2013-08-17] (Valve Corporation) <===== ATTENTION
HKU\Pippo\...\RunOnce: [Shockwave Updater] - C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_6.1;_de;_rv:1.9.2.6)_Gecko/20100625_Firefox/3.6.6" -"hxxp://cc.porsche.com/icc_euro/ui/pva/application/bpModules/interior_3D.jsp?pluginsInstalled=true&RT=1280141163462" [x]
HKU\Pippo\...\Winlogon: [Shell] cmd.exe [ 2010-11-20] (Microsoft Corporation) <==== ATTENTION 
HKU\Pippo\...\Command Processor: "C:\Users\Pippo\AppData\Local\Temp\hujodpntdskxyscvc.exe" <===== ATTENTION!
Startup: C:\Users\Pippo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

========================== Services (Whitelisted) =================

S2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [194432 2011-08-15] ()
S2 AppleTimeSrv; C:\Windows\system32\AppleTimeSrv.exe [99640 2010-01-16] (Apple Inc.)
S2 DragonSvc; C:\Program Files\Common Files\Nuance\dgnsvc.exe [296808 2011-06-04] (Nuance Communications, Inc.)
S2 NIS; C:\Program Files\Norton Internet Security\Engine\20.4.0.40\diMaster.dll [556336 2013-05-29] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

S0 AppleHFS; C:\Windows\System32\Drivers\AppleHFS.sys [58200 2011-08-15] (Apple Inc.)
S0 AppleMNT; C:\Windows\System32\Drivers\AppleMNT.sys [15320 2011-08-15] (Apple Inc.)
S3 applemtm; C:\Windows\System32\DRIVERS\applemtm.sys [10880 2011-01-31] (Apple Inc.)
S3 applemtp; C:\Windows\System32\DRIVERS\applemtp.sys [29824 2011-01-31] (Apple Inc.)
S1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx86.sys [1002072 2013-05-20] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1404000.028\ccSetx86.sys [134744 2013-04-15] (Symantec Corporation)
S0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2013-02-28] (Symantec Corporation)
S1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
S3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-20] (Symantec Corporation)
S1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130813.001\IDSvix86.sys [386720 2013-08-09] (Symantec Corporation)
S3 IRRemoteFlt; C:\Windows\System32\DRIVERS\IRFilter.sys [16512 2009-07-22] (Apple Inc.)
S2 KeyAgent; C:\Windows\system32\drivers\KeyAgent.sys [15064 2011-08-15] (Apple Inc.)
S3 KeyMagic; C:\Windows\System32\DRIVERS\KeyMagic.sys [26624 2011-06-02] (Apple Inc.)
S2 MacHALDriver; C:\Windows\system32\drivers\MacHALDriver.sys [12928 2010-11-11] (Apple Inc.)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130819.017\NAVENG.SYS [93272 2013-08-17] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130819.017\NAVEX15.SYS [1611992 2013-08-17] (Symantec Corporation)
S1 SRTSP; C:\Windows\System32\Drivers\NIS\1404000.028\SRTSP.SYS [603224 2013-05-15] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NIS\1404000.028\SRTSPX.SYS [32344 2013-03-04] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NIS\1404000.028\SYMDS.SYS [367704 2013-05-20] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NIS\1404000.028\SYMEFA.SYS [934488 2013-05-22] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-08-12] (Symantec Corporation)
S1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [36512 2013-03-04] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NIS\1404000.028\Ironx86.SYS [175264 2013-03-04] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NIS\1404000.028\SYMNETS.SYS [339544 2013-04-24] (Symantec Corporation)
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 UacCtl2; system32\DRIVERS\uacctl2.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-17 11:28 - 2013-08-20 07:27 - 00001232 _____ C:\Windows\setupact.log
2013-08-17 11:28 - 2013-08-17 11:28 - 00408960 _____ C:\Windows\System32\FNTCACHE.DAT
2013-08-17 11:28 - 2013-08-17 11:28 - 00000000 _____ C:\Windows\setuperr.log
2013-08-17 10:29 - 2013-08-17 11:29 - 01084835 _____ C:\ProgramData\2433f433
2013-08-17 10:29 - 2013-08-17 11:29 - 01084811 _____ C:\Users\Pippo\AppData\Roaming\2433f433
2013-08-17 10:29 - 2013-08-17 11:29 - 01084807 _____ C:\Users\Pippo\AppData\Local\2433f433
2013-08-14 15:31 - 2013-08-14 15:32 - 00000000 ____D C:\Windows\System32\MRT
2013-08-14 15:27 - 2013-07-26 04:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-14 15:27 - 2013-07-26 04:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-14 15:27 - 2013-07-26 04:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-08-14 15:27 - 2013-07-26 04:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-14 15:27 - 2013-07-26 04:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-14 15:27 - 2013-07-26 04:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-14 15:27 - 2013-07-26 04:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-14 15:27 - 2013-07-26 04:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-08-14 15:27 - 2013-07-26 04:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-08-14 15:27 - 2013-07-26 04:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-08-14 15:27 - 2013-07-26 04:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-14 15:27 - 2013-07-26 04:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-14 15:27 - 2013-07-26 04:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-08-14 15:27 - 2013-07-26 03:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-14 15:27 - 2013-07-26 02:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-14 15:26 - 2013-07-26 04:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-14 12:53 - 2013-08-14 12:53 - 00001761 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-14 12:51 - 2013-08-14 12:52 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-08-14 12:51 - 2013-08-14 12:52 - 00000000 ____D C:\Program Files\iTunes
2013-08-14 12:51 - 2013-08-14 12:51 - 00000000 ____D C:\Program Files\iPod
2013-08-14 12:43 - 2013-08-14 12:43 - 00001823 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-08-14 12:43 - 2013-08-14 12:43 - 00000000 ____D C:\Program Files\QuickTime
2013-08-14 06:20 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-14 06:20 - 2013-07-09 06:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-08-14 06:20 - 2013-07-09 06:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-14 06:20 - 2013-07-09 05:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-08-14 06:20 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-14 06:20 - 2013-07-09 05:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-14 06:20 - 2013-07-09 05:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-14 06:20 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-14 06:20 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-08-14 06:20 - 2013-07-06 06:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-14 06:19 - 2013-07-19 02:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-08-14 06:19 - 2013-06-15 04:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-08-13 09:59 - 2013-04-17 08:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-08-13 06:08 - 2013-04-10 00:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-08-13 02:49 - 2013-08-13 02:49 - 00000000 __SHD C:\found.000
2013-08-13 02:04 - 2013-08-13 02:04 - 01441280 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-08-13 02:04 - 2013-08-13 02:04 - 01400416 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-08-13 02:04 - 2013-08-13 02:04 - 00745472 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-08-13 02:04 - 2013-08-13 02:04 - 00719360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00629248 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00523264 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00361984 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-08-13 02:04 - 2013-08-13 02:04 - 00357888 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00242200 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00232960 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00226816 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00204800 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00185344 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00158720 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00150528 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-08-13 02:04 - 2013-08-13 02:04 - 00138752 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-08-13 02:04 - 2013-08-13 02:04 - 00137216 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-08-13 02:04 - 2013-08-13 02:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00117248 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00110592 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00082432 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00079872 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00073728 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-08-13 02:04 - 2013-08-13 02:04 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-08-13 02:04 - 2013-08-13 02:04 - 00057344 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00023040 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-08-13 02:04 - 2013-08-13 02:04 - 00011776 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-08-13 02:03 - 2013-08-13 02:03 - 03419136 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 02284544 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 01158144 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 01080832 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00906240 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00604160 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00364544 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00293376 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00249856 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00220160 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00207872 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00187392 _____ (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00161792 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00010752 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00009728 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00002560 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-08-12 14:25 - 2013-08-12 14:25 - 04429440 _____ (Piriform Ltd) C:\Users\Pippo\Downloads\ccsetup404.exe
2013-08-12 13:54 - 2013-03-04 19:14 - 00036512 ____R (Symantec Corporation) C:\Windows\System32\Drivers\SymIMV.sys
2013-08-12 12:56 - 2013-06-05 04:05 - 02347520 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-08-12 12:56 - 2013-06-04 05:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-08-12 12:56 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-08-12 12:56 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-08-12 12:56 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-08-12 12:56 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-08-12 12:56 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-08-12 12:56 - 2013-04-12 14:45 - 01211752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-08-12 12:56 - 2013-04-10 06:18 - 00728424 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-08-12 12:56 - 2013-04-10 06:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-08-12 12:56 - 2013-03-19 05:53 - 00186368 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-08-12 12:56 - 2013-03-19 05:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-08-12 12:56 - 2013-03-19 04:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-08-12 12:56 - 2013-03-19 03:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-08-12 12:56 - 2013-01-24 05:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-08-12 12:48 - 2013-02-27 06:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-08-12 12:48 - 2013-02-27 05:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-08-12 12:48 - 2013-02-27 05:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-08-12 12:48 - 2013-02-27 05:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-08-12 12:48 - 2013-02-27 05:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-08-12 12:44 - 2013-02-12 04:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys
2013-08-12 12:44 - 2013-02-12 04:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys

==================== One Month Modified Files and Folders =======

2013-08-20 07:35 - 2009-07-14 05:34 - 00015344 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-20 07:35 - 2009-07-14 05:34 - 00015344 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-20 07:32 - 2009-10-15 11:20 - 01507106 _____ C:\Windows\System32\PerfStringBackup.INI
2013-08-20 07:31 - 2013-02-23 11:00 - 01093981 _____ C:\Windows\WindowsUpdate.log
2013-08-20 07:27 - 2013-08-17 11:28 - 00001232 _____ C:\Windows\setupact.log
2013-08-18 12:34 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\LogFiles
2013-08-17 11:29 - 2013-08-17 10:29 - 01084835 _____ C:\ProgramData\2433f433
2013-08-17 11:29 - 2013-08-17 10:29 - 01084811 _____ C:\Users\Pippo\AppData\Roaming\2433f433
2013-08-17 11:29 - 2013-08-17 10:29 - 01084807 _____ C:\Users\Pippo\AppData\Local\2433f433
2013-08-17 11:28 - 2013-08-17 11:28 - 00408960 _____ C:\Windows\System32\FNTCACHE.DAT
2013-08-17 11:28 - 2013-08-17 11:28 - 00000000 _____ C:\Windows\setuperr.log
2013-08-17 08:14 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-17 08:01 - 2010-07-01 07:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-17 08:00 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2013-08-15 12:34 - 2009-10-15 10:06 - 00000000 ____D C:\Windows\Panther
2013-08-15 07:25 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-08-15 06:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-08-14 15:32 - 2013-08-14 15:31 - 00000000 ____D C:\Windows\System32\MRT
2013-08-14 15:31 - 2009-10-15 11:37 - 75778376 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-08-14 12:53 - 2013-08-14 12:53 - 00001761 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-14 12:52 - 2013-08-14 12:51 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-08-14 12:52 - 2013-08-14 12:51 - 00000000 ____D C:\Program Files\iTunes
2013-08-14 12:51 - 2013-08-14 12:51 - 00000000 ____D C:\Program Files\iPod
2013-08-14 12:51 - 2009-10-30 07:50 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-08-14 12:43 - 2013-08-14 12:43 - 00001823 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-08-14 12:43 - 2013-08-14 12:43 - 00000000 ____D C:\Program Files\QuickTime
2013-08-13 02:51 - 2011-02-28 10:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-13 02:49 - 2013-08-13 02:49 - 00000000 __SHD C:\found.000
2013-08-13 02:45 - 2009-07-14 09:56 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-13 02:45 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\zh-TW
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\zh-HK
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\zh-CN
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\tr-TR
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\sv-SE
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\ru-RU
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\pt-PT
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\pt-BR
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\pl-PL
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\nl-NL
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\nb-NO
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\ko-KR
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\ja-JP
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\it-IT
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\hu-HU
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\fr-FR
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\fi-FI
2013-08-13 02:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\el-GR
2013-08-13 02:04 - 2013-08-13 02:04 - 01441280 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-08-13 02:04 - 2013-08-13 02:04 - 01400416 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-08-13 02:04 - 2013-08-13 02:04 - 00745472 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-08-13 02:04 - 2013-08-13 02:04 - 00719360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00629248 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00523264 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00361984 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-08-13 02:04 - 2013-08-13 02:04 - 00357888 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00242200 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00232960 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00226816 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00204800 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00185344 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00158720 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00150528 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-08-13 02:04 - 2013-08-13 02:04 - 00138752 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-08-13 02:04 - 2013-08-13 02:04 - 00137216 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-08-13 02:04 - 2013-08-13 02:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00117248 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00110592 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00082432 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00079872 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00073728 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-08-13 02:04 - 2013-08-13 02:04 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-08-13 02:04 - 2013-08-13 02:04 - 00057344 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00023040 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-08-13 02:04 - 2013-08-13 02:04 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-08-13 02:04 - 2013-08-13 02:04 - 00011776 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-08-13 02:03 - 2013-08-13 02:03 - 03419136 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 02284544 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 01158144 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 01080832 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00906240 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00604160 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00364544 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00293376 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00249856 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00220160 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00207872 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00187392 _____ (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00161792 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00010752 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00009728 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-08-13 02:03 - 2013-08-13 02:03 - 00002560 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-08-12 14:25 - 2013-08-12 14:25 - 04429440 _____ (Piriform Ltd) C:\Users\Pippo\Downloads\ccsetup404.exe
2013-08-12 13:56 - 2009-10-15 12:14 - 00000000 ____D C:\ProgramData\Norton
2013-08-12 13:55 - 2011-01-13 16:45 - 00000000 ____D C:\Windows\System32\Drivers\NIS
2013-08-12 13:53 - 2011-01-13 16:45 - 00002431 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-08-12 13:32 - 2011-01-13 16:45 - 00142496 _____ (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT.SYS
2013-08-12 13:32 - 2011-01-13 16:45 - 00007611 _____ C:\Windows\System32\Drivers\SYMEVENT.CAT
2013-08-12 13:28 - 2012-05-22 15:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-08-12 13:28 - 2012-05-22 15:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-08-12 13:13 - 2012-09-05 15:49 - 00000000 ____D C:\ProgramData\Browser Manager
2013-08-12 12:57 - 2010-10-19 13:03 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-07-26 04:13 - 2013-08-14 15:27 - 01767936 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-26 04:13 - 2013-08-14 15:27 - 01141248 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-26 04:13 - 2013-08-14 15:27 - 00042496 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-26 04:12 - 2013-08-14 15:27 - 02877440 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-26 04:12 - 2013-08-14 15:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-26 04:12 - 2013-08-14 15:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-26 04:12 - 2013-08-14 15:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-26 04:12 - 2013-08-14 15:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-26 04:12 - 2013-08-14 15:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-26 04:12 - 2013-08-14 15:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-26 04:12 - 2013-08-14 15:27 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-26 04:12 - 2013-08-14 15:26 - 14329344 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-26 04:11 - 2013-08-14 15:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-26 04:11 - 2013-08-14 15:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-26 03:49 - 2013-08-14 15:27 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-26 02:59 - 2013-08-14 15:27 - 00071680 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-25 09:57 - 2013-08-14 06:20 - 01620992 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL

Files to move or delete:
====================
C:\Users\Pippo\AppData\Local\Temp\hujodpntdskxyscvc.exe
C:\ProgramData\2665813.pad
C:\ProgramData\nvModes.dat

==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-08-17 12:01:51

==================== Memory info =========================== 

Percentage of memory in use: 12%
Total physical RAM: 4076.36 MB
Available physical RAM: 3586.43 MB
Total Pagefile: 4074.64 MB
Available Pagefile: 3586.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1930.94 MB

==================== Drives ================================

Drive c: (BOOTCAMP) (Fixed) (Total:101.11 GB) (Free:65.75 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (USB DISK) (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: 4523A045)

Partition: GPT Partition TypePartition 2: (Not Active) - (Size=85 GB) - (Type=AF)
Partition 3: (Active) - (Size=101 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 2 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=2 GB) - (Type=0B)


LastRegBack: 2013-08-12 16:52

==================== End Of Log ============================

 

Themen zu GVÜ- Trojaner Windows 7 32 bit
32 bit, adobe, association, browser, ccsetup, crypt, desktop, explorer, explorer.exe, farbar, farbar recovery scan tool, logfiles, microsoft, norton internet security, nvidia, realtek, registry, scan, security, services.exe, svchost.exe, symantec, system, system32, temp, trojaner, windows, windows 7 32 bit, windows xp, winlogon, winlogon.exe


« "Ihavenet"-Virenbefall bei Windows XP | avast beim aufstarten infiziert von win32:malware-gen »


Ähnliche Themen: GVÜ- Trojaner Windows 7 32 bit


  1. Windows 7 SP 1 mit Trojaner infiziert - Windows Update Fehlercode 8007002
    Log-Analyse und Auswertung - 11.09.2015 (60)
  2. Windows 7: Trojaner - Windows Updates, Firewall defekt
    Log-Analyse und Auswertung - 20.03.2015 (24)
  3. Windows 7: Nach BKA Trojaner Fehlermeldung beim Starten, Windows Sicherheitscenter kann nicht gestartet werden
    Log-Analyse und Auswertung - 18.11.2014 (9)
  4. Windows-Verschlüsselungs-Trojaner unter Windows 7 auf einem MAC
    Log-Analyse und Auswertung - 14.06.2012 (3)
  5. windows verschlüsselungs Flirtfever-Trojaner, Windows XP
    Log-Analyse und Auswertung - 13.06.2012 (1)
  6. Nach BKA Trojaner, Windows Firewall deaktiviert sich (Windows XP)
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  7. Willkomen bei Windows Update, Sie haben sich mit einen Windows-Verschlüsselungs Trojaner infiziert.
    Log-Analyse und Auswertung - 06.06.2012 (1)
  8. UKash Windows Secure Trojaner mit Windows XP eingefangen
    Plagegeister aller Art und deren Bekämpfung - 05.06.2012 (1)
  9. Windows Notfall Sicherheits Update Center - Windows XP Trojaner
    Log-Analyse und Auswertung - 21.05.2012 (2)
  10. Windows-Verschlüsselungs-Trojaner unter Windows XP
    Log-Analyse und Auswertung - 16.05.2012 (9)
  11. Windows 7 (64bit) Virus/Trojaner (evtl. Windows Verschlüsselungs Trojaner)
    Plagegeister aller Art und deren Bekämpfung - 07.05.2012 (19)
  12. Windows-Verschlüsselungs Trojaner Windows 7 Starter
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (10)
  13. Infiziert mit Windows-Verschlüsselungs Trojaner -Mail mit Telefonrechnung - windows vista
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (12)
  14. "Willkommen bei Windows Update Sie haben sich mit einen Windows-Verschlüsselungs Trojaner infiziert.
    Log-Analyse und Auswertung - 27.04.2012 (3)
  15. 'Windows Security Center' Trojaner - Windows-Benutzer gesperrt !
    Log-Analyse und Auswertung - 16.03.2012 (5)
  16. Windows Vista Home Premium 32-Bit Trojaner Windows gesperrt 50€ zahlen.
    Log-Analyse und Auswertung - 23.01.2012 (1)
  17. Trojaner Fake.AV c:\Users\Sexgott\AppData\Roaming\microsoft\Windows\start menu\Programs\windows reco
    Mülltonne - 28.04.2011 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema GVÜ- Trojaner Windows 7 32 bit - Hallo allerseits, ich brauche bitte mal Eure Hilfe; Mein Vater hat sich gestern diese "Seuche" auf seinem Laptop eingefangen und es erscheint die bekannte Seite. Ich habe die Anleitungen schon - GVÜ- Trojaner Windows 7 32 bit...
Archiv
Du betrachtest: GVÜ- Trojaner Windows 7 32 bit auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131