Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
GVU Trojaner - FRST.txt

GVU Trojaner - FRST.txt


Plagegeister aller Art und deren Bekämpfung: GVU Trojaner - FRST.txt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 23.08.2013, 09:32   #1
sunnyb76
 
GVU Trojaner - FRST.txt - Standard

GVU Trojaner - FRST.txt


Hallo!

Ich habe mich durch Internet gehangelt und habe FRST.exe bei Windows 7 durchgeführt und folgende Datei bekommen - kann mir jemand helfen???
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-06-2013 (ATTENTION: FRST version is 80 days old)
Ran by SYSTEM on 23-08-2013 10:11:24
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [171520 2009-08-25] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [320056 2009-06-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [581480 2009-05-12] (Symantec Corporation)
HKLM-x32\...\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [NPSStartup] [x]
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [x]
HKLM-x32\...\Run: [BrowserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe [x]
HKLM-x32\...\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [x]
HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1668664 2009-07-15] (Hewlett-Packard)
HKU\Default\...\Policies\system: [WallpaperStyle] 2
HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1668664 2009-07-15] (Hewlett-Packard)
HKU\Default User\...\Policies\system: [WallpaperStyle] 2
HKU\Sunny\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1668664 2009-07-15] (Hewlett-Packard)
HKU\Sunny\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\Sunny\...\Run: [AccelerometerSysTrayApplet] "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe" [75576 2009-07-13] (Hewlett-Packard)
HKU\Sunny\...\Run: [] [x]
HKU\Sunny\...\Run: [Torntv Downloader] C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe /c=startup [x]
HKU\Sunny\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] C:\Users\Sunny\AppData\Local\Temp\wlqqhxwywtjapwctp.exe [50688 2013-08-22] (Valve Corporation)
HKU\Sunny\...\Policies\system: [WallpaperStyle] 2
HKU\Sunny\...\Policies\system: [DisableLockWorkstation] 0
HKU\Sunny\...\Policies\system: [DisableChangePassword] 0
HKU\Sunny\...\Winlogon: [Shell] cmd.exe [345088 2010-11-20] (Microsoft Corporation) <==== ATTENTION 
AppInit_DLLs: [0 ] ()
 
==================== Services (Whitelisted) =================
 
S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\diMaster.dll [556336 2013-05-29] (Symantec Corporation)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]
 
==================== Drivers (Whitelisted) ====================
 
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [39208 2006-08-25] (B.H.A Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-08-20] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-08-20] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130821.003\IDSvia64.sys [520280 2013-08-20] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130822.002\ENG64.SYS [126040 2013-08-15] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130822.002\EX64.SYS [2098776 2013-08-15] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
S1 ccSet_NIS; \SystemRoot\system32\drivers\NISx64\1404000.028\ccSetx64.sys [x]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [x]
S1 SRTSP; \SystemRoot\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [x]
S1 SRTSPX; \SystemRoot\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [x]
S0 SymDS; system32\drivers\NISx64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA; system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [x]
S3 SYMFW; \SystemRoot\System32\Drivers\NISx64\1007020.00B\SYMFW.SYS [x]
S1 SymIRON; \SystemRoot\system32\drivers\NISx64\1404000.028\Ironx64.SYS [x]
S3 SYMNDISV; \SystemRoot\System32\Drivers\NISx64\1007020.00B\SYMNDISV.SYS [x]
S1 SymNetS; \SystemRoot\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [x]
 
========================== Drivers MD5 =======================
 
C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\yk62x64.sys B3EEACF62445E24FBB2CD4B0FB4DB026
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-08-23 10:11 - 2013-08-23 10:11 - 00000000 ____D C:\FRST
2013-08-22 13:54 - 2013-08-22 13:54 - 00000000 __SHD C:\found.000
2013-08-22 12:40 - 2013-08-22 12:40 - 01084804 ____A C:\Users\Sunny\AppData\Roaming\2433f433
2013-08-22 12:40 - 2013-08-22 12:40 - 01084797 ____A C:\ProgramData\2433f433
2013-08-22 12:40 - 2013-08-22 12:40 - 01084755 ____A C:\Users\Sunny\AppData\Local\2433f433
2013-08-22 12:39 - 2013-08-22 12:39 - 04099857 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part19.rar.part
2013-08-22 11:57 - 2013-08-22 12:33 - 108003328 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part18.rar
2013-08-22 10:44 - 2013-08-22 11:20 - 108003328 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part17.rar
2013-08-22 10:44 - 2013-08-22 11:04 - 63275662 ____A C:\Users\Sunny\Downloads\Stsch20.rar
2013-08-22 09:56 - 2013-08-22 10:33 - 108003328 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part16.rar
2013-08-22 09:04 - 2013-08-22 09:40 - 108003328 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part15.rar
2013-08-22 07:18 - 2013-08-22 07:49 - 108003328 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part14.rar
2013-08-22 07:17 - 2013-08-22 07:40 - 68680690 ____A C:\Users\Sunny\Downloads\Stsch19.rar
2013-08-21 21:53 - 2013-08-21 22:31 - 118422686 ____A C:\Users\Sunny\Downloads\Stsch16.rar
2013-08-21 21:53 - 2013-08-21 22:11 - 108003328 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part13.rar
2013-08-21 10:26 - 2013-08-21 10:26 - 00007984 ____A C:\Users\Sunny\Downloads\conni-h8wvsdm3w0gu.dlc
2013-08-20 09:03 - 2013-08-20 09:03 - 00017048 ____A C:\Users\Sunny\Downloads\Game_of_Thrones_S03_XviD-227a2nmeetlqq.dlc
2013-08-20 09:00 - 2013-08-20 09:00 - 00021720 ____A C:\Users\Sunny\Downloads\31c942ad308113177e42e9d3c41b423b.dlc
2013-08-17 05:20 - 2013-08-22 23:50 - 00001176 ____A C:\Windows\setupact.log
2013-08-17 05:20 - 2013-08-17 05:20 - 00000000 ____A C:\Windows\setuperr.log
2013-08-14 12:43 - 2013-07-25 21:13 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-14 12:43 - 2013-07-25 21:13 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-14 12:43 - 2013-07-25 21:13 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-08-14 12:43 - 2013-07-25 21:12 - 19239424 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-14 12:43 - 2013-07-25 21:12 - 15405056 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-14 12:43 - 2013-07-25 21:12 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-14 12:43 - 2013-07-25 21:12 - 02647040 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-14 12:43 - 2013-07-25 21:12 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-14 12:43 - 2013-07-25 21:12 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-14 12:43 - 2013-07-25 21:12 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-08-14 12:43 - 2013-07-25 21:12 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-08-14 12:43 - 2013-07-25 21:12 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-08-14 12:43 - 2013-07-25 21:12 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-14 12:43 - 2013-07-25 21:12 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-08-14 12:43 - 2013-07-25 19:35 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-14 12:43 - 2013-07-25 19:13 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 12:43 - 2013-07-25 19:13 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 12:43 - 2013-07-25 19:12 - 14329344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 12:43 - 2013-07-25 19:12 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 12:43 - 2013-07-25 19:12 - 02048512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 12:43 - 2013-07-25 19:12 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 12:43 - 2013-07-25 19:12 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 12:43 - 2013-07-25 19:12 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 12:43 - 2013-07-25 19:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 12:43 - 2013-07-25 19:12 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 12:43 - 2013-07-25 19:12 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 12:43 - 2013-07-25 19:11 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 12:43 - 2013-07-25 19:11 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 12:43 - 2013-07-25 18:49 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 12:43 - 2013-07-25 18:39 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-14 12:43 - 2013-07-25 17:59 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 12:31 - 2013-08-14 12:36 - 00000000 ____D C:\Windows\System32\MRT
2013-08-14 10:24 - 2013-08-14 10:24 - 00013912 ____A C:\Users\Sunny\Downloads\bz-hberg-iijiodmm1o9a.dlc
2013-08-14 05:34 - 2013-07-25 01:25 - 01888768 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-14 05:34 - 2013-07-25 00:57 - 01620992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 05:34 - 2013-07-18 17:58 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-08-14 05:34 - 2013-07-18 17:41 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 05:34 - 2013-07-08 22:03 - 05550528 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-14 05:34 - 2013-07-08 21:54 - 01732032 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-08-14 05:34 - 2013-07-08 21:53 - 00243712 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-08-14 05:34 - 2013-07-08 21:52 - 00224256 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-14 05:34 - 2013-07-08 21:51 - 01217024 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-14 05:34 - 2013-07-08 21:46 - 01472512 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-14 05:34 - 2013-07-08 21:46 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-14 05:34 - 2013-07-08 21:46 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-08-14 05:34 - 2013-07-08 21:03 - 03968960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 05:34 - 2013-07-08 21:03 - 03913664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 05:34 - 2013-07-08 20:53 - 01292192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 05:34 - 2013-07-08 20:52 - 00663552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 05:34 - 2013-07-08 20:52 - 00175104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 05:34 - 2013-07-08 20:52 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 05:34 - 2013-07-08 20:46 - 01166848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 05:34 - 2013-07-08 20:46 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 05:34 - 2013-07-08 20:46 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 05:34 - 2013-07-08 18:49 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 05:34 - 2013-07-08 18:49 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 05:34 - 2013-07-08 18:49 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 05:34 - 2013-07-08 18:49 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 05:33 - 2013-07-05 22:03 - 01910208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-14 05:33 - 2013-06-14 20:32 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-08-09 02:55 - 2013-08-09 03:01 - 115929465 ____A C:\Users\Sunny\Downloads\05Ponyfee-Tiere.7z
2013-08-09 01:55 - 2013-08-09 02:01 - 116519273 ____A C:\Users\Sunny\Downloads\04Ponyfee-Feenstab.7z
2013-08-09 00:55 - 2013-08-09 01:00 - 104951625 ____A C:\Users\Sunny\Downloads\03Ponyfee-Perlensee.7z
2013-08-09 00:48 - 2013-08-09 00:54 - 104440265 ____A C:\Users\Sunny\Downloads\02Ponyfee-Prinz-Roseninsel.7z
2013-08-08 13:39 - 2013-08-08 13:45 - 108230409 ____A C:\Users\Sunny\Downloads\01Ponyfee-Geheimnis.7z
2013-08-07 10:30 - 2013-08-07 10:30 - 00007640 ____A C:\Users\Sunny\Downloads\ba092e43d14578e3571c44236c1c9c91.dlc
2013-08-06 23:07 - 2013-08-11 11:17 - 00005956 ____A C:\Users\Sunny\Downloads\k8325362cv6kmrl.dlc
2013-08-06 23:06 - 2013-08-06 23:06 - 00003908 ____A C:\Users\Sunny\Downloads\k8325362cv6kmrl-uploaded.net.dlc
2013-08-06 10:01 - 2013-08-06 10:01 - 00024664 ____A C:\Users\Sunny\Downloads\BIBI_Einzeln-d2znaelxiaof.dlc
2013-07-26 12:08 - 2013-07-26 12:08 - 00006488 ____A C:\Users\Sunny\Downloads\Stschw-h3u0ajmtszj.dlc
2013-07-26 12:03 - 2013-07-26 12:03 - 00000136 ____A C:\Users\Sunny\Downloads\uqh3jhlna7175a46.js
 
==================== One Month Modified Files and Folders =======
 
2013-08-23 10:11 - 2013-08-23 10:11 - 00000000 ____D C:\FRST
2013-08-22 23:51 - 2011-12-26 10:51 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-22 23:50 - 2013-08-17 05:20 - 00001176 ____A C:\Windows\setupact.log
2013-08-22 23:50 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-08-22 19:40 - 2012-12-18 12:29 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-22 19:38 - 2011-12-26 10:51 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-22 14:07 - 2009-07-13 20:45 - 00023024 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-22 14:07 - 2009-07-13 20:45 - 00023024 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-22 14:03 - 2009-10-02 15:25 - 01402435 ____A C:\Windows\WindowsUpdate.log
2013-08-22 13:54 - 2013-08-22 13:54 - 00000000 __SHD C:\found.000
2013-08-22 12:40 - 2013-08-22 12:40 - 01084804 ____A C:\Users\Sunny\AppData\Roaming\2433f433
2013-08-22 12:40 - 2013-08-22 12:40 - 01084797 ____A C:\ProgramData\2433f433
2013-08-22 12:40 - 2013-08-22 12:40 - 01084755 ____A C:\Users\Sunny\AppData\Local\2433f433
2013-08-22 12:39 - 2013-08-22 12:39 - 04099857 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part19.rar.part
2013-08-22 12:33 - 2013-08-22 11:57 - 108003328 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part18.rar
2013-08-22 11:20 - 2013-08-22 10:44 - 108003328 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part17.rar
2013-08-22 11:04 - 2013-08-22 10:44 - 63275662 ____A C:\Users\Sunny\Downloads\Stsch20.rar
2013-08-22 10:33 - 2013-08-22 09:56 - 108003328 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part16.rar
2013-08-22 09:40 - 2013-08-22 09:04 - 108003328 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part15.rar
2013-08-22 07:49 - 2013-08-22 07:18 - 108003328 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part14.rar
2013-08-22 07:40 - 2013-08-22 07:17 - 68680690 ____A C:\Users\Sunny\Downloads\Stsch19.rar
2013-08-21 22:31 - 2013-08-21 21:53 - 118422686 ____A C:\Users\Sunny\Downloads\Stsch16.rar
2013-08-21 22:11 - 2013-08-21 21:53 - 108003328 ____A C:\Users\Sunny\Downloads\G.o.T-S02-E01-E10.part13.rar
2013-08-21 10:26 - 2013-08-21 10:26 - 00007984 ____A C:\Users\Sunny\Downloads\conni-h8wvsdm3w0gu.dlc
2013-08-20 10:40 - 2012-12-18 12:29 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-20 10:40 - 2012-12-18 12:29 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-20 09:03 - 2013-08-20 09:03 - 00017048 ____A C:\Users\Sunny\Downloads\Game_of_Thrones_S03_XviD-227a2nmeetlqq.dlc
2013-08-20 09:00 - 2013-08-20 09:00 - 00021720 ____A C:\Users\Sunny\Downloads\31c942ad308113177e42e9d3c41b423b.dlc
2013-08-17 05:20 - 2013-08-17 05:20 - 00000000 ____A C:\Windows\setuperr.log
2013-08-16 13:37 - 2009-07-24 22:11 - 00000000 ____D C:\Windows\Panther
2013-08-16 05:57 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-08-15 23:30 - 2009-08-25 18:42 - 00657948 ____A C:\Windows\System32\perfh007.dat
2013-08-15 23:30 - 2009-08-25 18:42 - 00131288 ____A C:\Windows\System32\perfc007.dat
2013-08-15 23:30 - 2009-07-13 21:13 - 01507502 ____A C:\Windows\System32\PerfStringBackup.INI
2013-08-14 12:43 - 2009-08-25 10:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-14 12:36 - 2013-08-14 12:31 - 00000000 ____D C:\Windows\System32\MRT
2013-08-14 12:31 - 2010-01-03 04:45 - 78161360 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-08-14 10:24 - 2013-08-14 10:24 - 00013912 ____A C:\Users\Sunny\Downloads\bz-hberg-iijiodmm1o9a.dlc
2013-08-14 05:35 - 2010-03-04 10:57 - 00000000 ____D C:\Users\Sunny\AppData\Local\CrashDumps
2013-08-11 11:17 - 2013-08-06 23:07 - 00005956 ____A C:\Users\Sunny\Downloads\k8325362cv6kmrl.dlc
2013-08-09 03:01 - 2013-08-09 02:55 - 115929465 ____A C:\Users\Sunny\Downloads\05Ponyfee-Tiere.7z
2013-08-09 02:01 - 2013-08-09 01:55 - 116519273 ____A C:\Users\Sunny\Downloads\04Ponyfee-Feenstab.7z
2013-08-09 01:00 - 2013-08-09 00:55 - 104951625 ____A C:\Users\Sunny\Downloads\03Ponyfee-Perlensee.7z
2013-08-09 00:54 - 2013-08-09 00:48 - 104440265 ____A C:\Users\Sunny\Downloads\02Ponyfee-Prinz-Roseninsel.7z
2013-08-08 13:45 - 2013-08-08 13:39 - 108230409 ____A C:\Users\Sunny\Downloads\01Ponyfee-Geheimnis.7z
2013-08-07 10:30 - 2013-08-07 10:30 - 00007640 ____A C:\Users\Sunny\Downloads\ba092e43d14578e3571c44236c1c9c91.dlc
2013-08-06 23:06 - 2013-08-06 23:06 - 00003908 ____A C:\Users\Sunny\Downloads\k8325362cv6kmrl-uploaded.net.dlc
2013-08-06 11:17 - 2012-02-19 12:16 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-08-06 10:01 - 2013-08-06 10:01 - 00024664 ____A C:\Users\Sunny\Downloads\BIBI_Einzeln-d2znaelxiaof.dlc
2013-08-04 10:36 - 2013-07-10 10:17 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-08-02 22:41 - 2009-12-17 11:41 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-02 06:50 - 2009-07-13 21:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-26 12:08 - 2013-07-26 12:08 - 00006488 ____A C:\Users\Sunny\Downloads\Stschw-h3u0ajmtszj.dlc
2013-07-26 12:03 - 2013-07-26 12:03 - 00000136 ____A C:\Users\Sunny\Downloads\uqh3jhlna7175a46.js
2013-07-25 21:13 - 2013-08-14 12:43 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-25 21:13 - 2013-08-14 12:43 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-25 21:13 - 2013-08-14 12:43 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-25 21:12 - 2013-08-14 12:43 - 19239424 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-25 21:12 - 2013-08-14 12:43 - 15405056 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-25 21:12 - 2013-08-14 12:43 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-25 21:12 - 2013-08-14 12:43 - 02647040 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-25 21:12 - 2013-08-14 12:43 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-25 21:12 - 2013-08-14 12:43 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-25 21:12 - 2013-08-14 12:43 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-25 21:12 - 2013-08-14 12:43 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-25 21:12 - 2013-08-14 12:43 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-25 21:12 - 2013-08-14 12:43 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-25 21:12 - 2013-08-14 12:43 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-25 19:35 - 2013-08-14 12:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-25 19:13 - 2013-08-14 12:43 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-25 19:13 - 2013-08-14 12:43 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-25 19:12 - 2013-08-14 12:43 - 14329344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-25 19:12 - 2013-08-14 12:43 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-25 19:12 - 2013-08-14 12:43 - 02048512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-25 19:12 - 2013-08-14 12:43 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-25 19:12 - 2013-08-14 12:43 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-25 19:12 - 2013-08-14 12:43 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-25 19:12 - 2013-08-14 12:43 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-25 19:12 - 2013-08-14 12:43 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-25 19:12 - 2013-08-14 12:43 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-25 19:11 - 2013-08-14 12:43 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-25 19:11 - 2013-08-14 12:43 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-25 18:49 - 2013-08-14 12:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-25 18:39 - 2013-08-14 12:43 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-25 17:59 - 2013-08-14 12:43 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 01:25 - 2013-08-14 05:34 - 01888768 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-07-25 00:57 - 2013-08-14 05:34 - 01620992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
 
Files to move or delete:
====================
C:\Users\Sunny\wrar410d.exe
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points =========================
 
Restore point made on: 2013-08-14 12:29:52
Restore point made on: 2013-08-21 14:00:21
 
==================== BCD ================================
 
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=Y:
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
extendedinput Yes
default {default}
resumeobject {f04f848d-78e1-11de-b692-abbf25df600e}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30
customactions 0x1000085000001
0x5400000f
custom:5400000f {current}
 
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device ramdisk=[E:]\Recovery\WindowsRE\Winre.wim,{075b10b4-affd-11de-898c-814322c93442}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[E:]\Recovery\WindowsRE\Winre.wim,{075b10b4-affd-11de-898c-814322c93442}
systemroot \windows
nx OptIn
winpe Yes
 
Windows-Startladeprogramm
-------------------------
Bezeichner {572bcd60-ffa7-11d9-aae0-0007e994107d}
device ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.exe
description Microsoft Windows PE 2.0 
osdevice ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
detecthal Yes
winpe Yes
ems Yes
 
Windows-Startladeprogramm
-------------------------
Bezeichner {default}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale de-DE
inherit {bootloadersettings}
recoverysequence {current}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {f04f848d-78e1-11de-b692-abbf25df600e}
nx OptIn
 
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {f04f848d-78e1-11de-b692-abbf25df600e}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
 
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=Y:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
 
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems Yes
 
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
 
RAM-Defekte
-----------
Bezeichner {badmemory}
 
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
 
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
 
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
 
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
 
Ger„teoptionen
--------------
Bezeichner {075b10b4-affd-11de-898c-814322c93442}
description Ramdisk Options
ramdisksdidevice partition=E:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
 
Optionen zum RAM-Datentr„gersetup
---------------------------------
Bezeichner {ramdiskoptions}
description Ramdisk Options
ramdisksdidevice boot
ramdisksdipath \boot\boot.sdi
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 18%
Total physical RAM: 4092.2 MB
Available physical RAM: 3352.11 MB
Total Pagefile: 4090.35 MB
Available Pagefile: 3341.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:452.23 GB) (Free:286.61 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive e: (RECOVERY) (Fixed) (Total:13.24 GB) (Free:2.21 GB) NTFS (Disk=0 Partition=3) ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32 (Disk=0 Partition=4)
Drive h: () (Removable) (Total:0.47 GB) (Free:0.47 GB) FAT (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 2BCBFB6B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
========================================================
Disk: 1 (Size: 481 MB) (Disk ID: 00625660)
Partition 1: (Active) - (Size=481 MB) - (Type=06)
 
 
Last Boot: 2013-08-21 14:35
 
==================== End Of Log ============================
--- --- ---
 

Themen zu GVU Trojaner - FRST.txt
adobe, adobe flash player, association, autorun, bootmgr, converter, downloader, explorer, farbar, farbar recovery scan tool, flash player, helper, home, internet, launch, log, microsoft, neu, registry, security, services.exe, software, svchost.exe, symantec, system, temp, trojaner, windows, winlogon, winlogon.exe


« Virus nach installation von "hdplugin_firefox.exe" - Office und andere Programme gelöscht? | Mahnung Zip Datei heruntergeladen und geöffnet - möglicher Befall »


Ähnliche Themen: GVU Trojaner - FRST.txt


  1. ich habe einen Virus eingefangen der aus FRST.txt ein FRST.txt!___prosschiff@gmail.com_ macht
    Log-Analyse und Auswertung - 27.09.2015 (3)
  2. GVU Trojaner auf Windows 7 - FRST.TXT enthalten
    Log-Analyse und Auswertung - 04.01.2014 (5)
  3. BKA Trojaner: FRST, was nun?
    Log-Analyse und Auswertung - 27.11.2013 (8)
  4. BKA Trojaner: was nun nach FRST?
    Plagegeister aller Art und deren Bekämpfung - 25.11.2013 (12)
  5. GVU-Trojaner Windows 8 / FRST 64bit
    Log-Analyse und Auswertung - 31.10.2013 (11)
  6. Trojaner verdacht?, FRST.txt ansehen...
    Plagegeister aller Art und deren Bekämpfung - 22.08.2013 (11)
  7. Interpol Trojaner - FRST Logfile includiert
    Plagegeister aller Art und deren Bekämpfung - 13.08.2013 (13)
  8. Weißer Bildschirm nach Neustart, scan via FRST.exe --> FRST.txt
    Log-Analyse und Auswertung - 06.08.2013 (5)
  9. GVU Trojaner Logfile bereits mit frst erstellt
    Log-Analyse und Auswertung - 30.07.2013 (1)
  10. GVU TROJANER- WINDOWS 8- frst.text anbei
    Plagegeister aller Art und deren Bekämpfung - 19.07.2013 (3)
  11. GVU-Trojaner Windows 7 / FRST.exe
    Log-Analyse und Auswertung - 19.07.2013 (19)
  12. GVU-Trojaner auf Win7 - frst.txt erstellt
    Log-Analyse und Auswertung - 17.07.2013 (9)
  13. GVU Trojaner, frst durchgeführt, txt datei
    Log-Analyse und Auswertung - 17.07.2013 (9)
  14. GVU-Trojaner Logfiles von FRST
    Log-Analyse und Auswertung - 04.07.2013 (6)
  15. GUV Trojaner -- LOG FRST
    Log-Analyse und Auswertung - 24.06.2013 (1)
  16. Bundespolizei Trojaner WIN7 64bit mit FRST Log
    Plagegeister aller Art und deren Bekämpfung - 11.06.2013 (21)
  17. GVU-Trojaner Scan-Ergebnis mit Frst.exe
    Log-Analyse und Auswertung - 18.05.2013 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema GVU Trojaner - FRST.txt - Hallo! Ich habe mich durch Internet gehangelt und habe FRST.exe bei Windows 7 durchgeführt und folgende Datei bekommen - kann mir jemand helfen??? FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter - GVU Trojaner - FRST.txt...
Archiv
Du betrachtest: GVU Trojaner - FRST.txt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131