Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
GVU Trojaner Windows 7 32bit

GVU Trojaner Windows 7 32bit


Plagegeister aller Art und deren Bekämpfung: GVU Trojaner Windows 7 32bit

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 03.09.2013, 18:10   #3
Optical
 
GVU Trojaner Windows 7 32bit - Standard

GVU Trojaner Windows 7 32bit


Hier bitteschön, hoffe es hilf dir weiter.



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2013
Ran by SYSTEM on MININT-VD57GID on 03-09-2013 17:07:02
Running from H:\
Windows 7 Ultimate (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CHotkey] - C:\Windows\zHotkey.exe [543232 2004-05-17] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-03] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Cmaudio] - RunDll32 cmicnfg.cpl,CMICtrlWnd [x]
HKLM\...\Run: [AVMWlanClient] - C:\Program Files\avmwlanstick\wlangui.exe [2105344 2010-10-21] (AVM Berlin)
HKLM\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-02] (Sun Microsystems, Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2254768 2012-12-10] (LogMeIn Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [aSQw8ccL0] - C:\Users\Hani\AppData\Local\xajhmqxegrrunejqwqm.bfg [144384 2013-07-31] ()
HKU\Hani\...\Run: [Google Update] - C:\Users\Hani\AppData\Local\Google\Update\GoogleUpdate.exe [ 2011-06-28] (Google Inc.)
HKU\Hani\...\Run: [Logitech Vid] - C:\Program Files\Logitech\Logitech Vid\vid.exe [ 2009-07-16] (Logitech Inc.)
HKU\Hani\...\Run: [Facebook Update] - C:\Users\Hani\AppData\Local\Facebook\Update\FacebookUpdate.exe [ 2012-07-11] (Facebook Inc.)
HKU\Hani\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-04-19] (Skype Technologies S.A.)
HKU\Hani\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2013-03-14] (Disc Soft Ltd)
HKU\Hani\...\Run: [Optimizer Pro] - C:\Program Files\Optimizer Pro\OptProLauncher.exe [ 2012-10-30] (PC Utilities Pro)
HKU\Hani\...\Run: [Spotify] - C:\Users\Hani\AppData\Roaming\Spotify\Spotify.exe [ 2013-07-06] (Spotify Ltd)
HKU\Hani\...\Run: [Spotify Web Helper] - C:\Users\Hani\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [ 2013-07-06] (Spotify Ltd)
HKU\Hani\...\Run: [aSQw8ccL0] - C:\Users\Hani\AppData\Local\xajhmqxegrrunejqwqm.bfg [ 2013-07-31] ()
HKU\Hani\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\Hani\AppData\Local\Temp\ndeairvrmjnxfewww.exe [ 2013-09-02] (Valve Corporation) <===== ATTENTION
HKU\Hani\...\Winlogon: [Shell] cmd.exe [ 2010-11-20] (Microsoft Corporation) <==== ATTENTION 
HKU\Hani\...\Command Processor: "C:\Users\Hani\AppData\Local\Temp\ndeairvrmjnxfewww.exe" <===== ATTENTION!
HKU\Mcx1-HANI-PC\...\Run: [Google Update] - C:\Users\Hani\AppData\Local\Google\Update\GoogleUpdate.exe [ 2011-06-28] (Google Inc.)
HKU\Mcx1-HANI-PC\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-04-19] (Skype Technologies S.A.)
HKU\Mcx1-HANI-PC\...\Run: [Exetender] - "C:\Program Files\Free Ride Games\GPlayer.exe" /schedule 300000 [x]
HKU\Mcx1-HANI-PC\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [ 2009-07-13] (Microsoft Corporation) <==== ATTENTION 
IMEO\chrome.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\setup.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Startup: C:\Users\Hani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
ShortcutTarget: tbhcn.lnk ->  (No File)

========================== Services (Whitelisted) =================

S2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-03] (Akamai Technologies, Inc.)
S2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-21] (AVM Berlin)
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1435568 2012-12-10] (LogMeIn Inc.)
S3 npggsvc; C:\Windows\system32\GameMon.des [4122968 2011-06-19] (INCA Internet Co., Ltd.)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-08-02] ()
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1699168 2012-09-19] (TuneUp Software)
S2 Video downloader Updater; C:\Program Files\Video downloader\ExtensionUpdaterService.exe [188760 2013-07-23] ()
S2 Apache2.2; "C:\xampp\apache\bin\httpd.exe" -k runservice [x]
S3 CGVPNCliSrvc; C:\CyberGhost VPN\CGVPNCliService.exe [x]
S2 FileZilla Server; "C:\xampp\filezillaftp\filezillaserver.exe" [x]
S2 mysql; c:\xampp\mysql\bin\mysqld.exe --defaults-file=c:\xampp\mysql\bin\my.ini mysql [x]

==================== Drivers (Whitelisted) ====================

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-09-30] (AVM Berlin)
S0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)
S3 cmudax; C:\Windows\System32\drivers\cmudax.sys [1287296 2005-05-12] (C-Media Inc.)
S3 drhard; C:\Windows\system32\DRIVERS\DRHARD.SYS [23600 2005-12-01] (Licensed for Gebhard Software)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-09-03] (DT Soft Ltd)
S3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [926080 2010-09-30] (AVM GmbH)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-06] ()
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2007-10-11] (Logitech Inc.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
S3 NPPTNT2; C:\Windows\system32\npptNT2.sys [4682 2005-01-03] (INCA Internet Co., Ltd.)
S3 PID_0928; C:\Windows\System32\DRIVERS\LV561AV.SYS [490776 2007-10-11] (Logitech Inc.)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2011-05-24] (AnchorFree Inc)
S1 TsLwWfF; C:\Windows\System32\DRIVERS\TsLwWfF.sys [22632 2011-05-12] (TamoSoft)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-10-31] (OpenLibSys.org)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S2 X6XSEx; \??\C:\Program Files\Free Ride Games\X6XSEx.Sys [x]
S3 XDva385; \??\C:\Windows\system32\XDva385.sys [x]
S3 XDva386; \??\C:\Windows\system32\XDva386.sys [x]
S3 XDva390; \??\C:\Windows\system32\XDva390.sys [x]
S3 XDva391; \??\C:\Windows\system32\XDva391.sys [x]
S3 XDva392; \??\C:\Windows\system32\XDva392.sys [x]
S3 XDva394; \??\C:\Windows\system32\XDva394.sys [x]
S3 XDva399; \??\C:\Windows\system32\XDva399.sys [x]
S3 XDva400; \??\C:\Windows\system32\XDva400.sys [x]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-03 05:46 - 2013-09-03 05:46 - 00001900 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-09-03 05:45 - 2013-09-03 05:45 - 00242240 _____ (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-09-03 05:45 - 2013-09-03 05:45 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-09-02 15:58 - 2013-09-03 05:47 - 00000000 ____D C:\Windows\System32\%LocalAppData%
2013-09-02 15:47 - 2013-09-02 15:47 - 00163071 _____ C:\ProgramData\2433f433
2013-09-02 15:47 - 2013-09-02 15:47 - 00163032 _____ C:\Users\Hani\AppData\Local\2433f433
2013-09-02 15:47 - 2013-09-02 15:47 - 00163011 _____ C:\Users\Hani\AppData\Roaming\2433f433
2013-08-31 01:57 - 2013-09-03 06:57 - 00000952 _____ C:\Windows\setupact.log
2013-08-31 01:57 - 2013-09-03 05:56 - 00001618 _____ C:\Windows\PFRO.log
2013-08-31 01:57 - 2013-08-31 01:57 - 00000000 _____ C:\Windows\setuperr.log
2013-08-30 15:44 - 2013-08-30 16:14 - 00000000 ___RD C:\Users\Hani\Desktop\Backgrounds
2013-08-30 02:05 - 2013-07-25 19:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-30 02:05 - 2013-07-25 19:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-30 02:05 - 2013-07-25 19:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-08-30 02:05 - 2013-07-25 19:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-30 02:05 - 2013-07-25 19:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-30 02:05 - 2013-07-25 19:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-30 02:05 - 2013-07-25 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-30 02:05 - 2013-07-25 19:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-30 02:05 - 2013-07-25 19:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-08-30 02:05 - 2013-07-25 19:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-08-30 02:05 - 2013-07-25 19:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-08-30 02:05 - 2013-07-25 19:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-30 02:05 - 2013-07-25 19:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-30 02:05 - 2013-07-25 19:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-08-30 02:05 - 2013-07-25 18:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-30 02:05 - 2013-07-25 17:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-29 05:13 - 2013-07-08 21:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-08-29 05:13 - 2013-07-08 21:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-29 05:13 - 2013-07-08 20:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-08-29 05:13 - 2013-07-08 20:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-29 05:13 - 2013-07-08 20:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-29 05:13 - 2013-07-08 20:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-29 05:13 - 2013-07-08 20:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-29 05:13 - 2013-07-08 20:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-08-29 05:12 - 2013-07-25 00:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-29 05:12 - 2013-07-05 21:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-29 05:10 - 2013-07-18 17:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-08-29 05:10 - 2013-06-14 19:40 - 00918528 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-08-29 05:10 - 2013-06-14 19:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-08-06 01:56 - 2013-08-06 01:56 - 00001144 _____ C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
2013-08-06 01:56 - 2013-08-06 01:56 - 00001132 _____ C:\Users\Public\Desktop\Game Booster 3.lnk
2013-08-06 01:56 - 2013-08-06 01:56 - 00000000 ____D C:\Program Files\IObit

==================== One Month Modified Files and Folders =======

2013-09-03 17:06 - 2013-09-03 17:06 - 00000000 ____D C:\FRST
2013-09-03 06:57 - 2013-08-31 01:57 - 00000952 _____ C:\Windows\setupact.log
2013-09-03 06:51 - 2013-05-31 01:27 - 01052965 _____ C:\Windows\WindowsUpdate.log
2013-09-03 06:42 - 2011-07-30 05:52 - 00000000 ____D C:\Program Files\Common Files\Akamai
2013-09-03 05:56 - 2013-08-31 01:57 - 00001618 _____ C:\Windows\PFRO.log
2013-09-03 05:47 - 2013-09-02 15:58 - 00000000 ____D C:\Windows\System32\%LocalAppData%
2013-09-03 05:47 - 2011-05-03 02:17 - 01644472 _____ C:\Windows\System32\PerfStringBackup.INI
2013-09-03 05:46 - 2013-09-03 05:46 - 00001900 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-09-03 05:45 - 2013-09-03 05:45 - 00242240 _____ (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-09-03 05:45 - 2013-09-03 05:45 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-09-03 02:56 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\LogFiles
2013-09-02 15:50 - 2011-07-17 07:13 - 00000000 ____D C:\Users\Hani\AppData\Local\PMB Files
2013-09-02 15:47 - 2013-09-02 15:47 - 00163071 _____ C:\ProgramData\2433f433
2013-09-02 15:47 - 2013-09-02 15:47 - 00163032 _____ C:\Users\Hani\AppData\Local\2433f433
2013-09-02 15:47 - 2013-09-02 15:47 - 00163011 _____ C:\Users\Hani\AppData\Roaming\2433f433
2013-09-02 15:39 - 2012-08-12 16:20 - 00000000 ____D C:\Users\Hani\AppData\Roaming\BrowserCompanion
2013-09-02 14:31 - 2011-07-17 07:13 - 00000000 ____D C:\ProgramData\PMB Files
2013-09-02 08:16 - 2011-05-03 03:42 - 00000000 ____D C:\Users\Hani\AppData\Roaming\Skype
2013-09-02 02:19 - 2013-05-24 11:30 - 00000000 ____D C:\Users\Hani\AppData\Roaming\Spotify
2013-09-02 02:13 - 2011-06-19 02:49 - 00000000 ____D C:\Users\Hani\AppData\Local\LogMeIn Hamachi
2013-09-02 01:57 - 2009-07-13 20:34 - 00016624 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-02 01:57 - 2009-07-13 20:34 - 00016624 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-01 16:01 - 2011-05-31 06:00 - 00000000 ____D C:\Users\Hani\AppData\Local\Adobe
2013-09-01 04:24 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-31 01:57 - 2013-08-31 01:57 - 00000000 _____ C:\Windows\setuperr.log
2013-08-30 16:20 - 2013-02-10 13:40 - 00000000 ___RD C:\Users\Hani\Desktop\Games
2013-08-30 16:19 - 2012-10-27 10:43 - 00000000 ___RD C:\Users\Hani\Desktop\Ahmed's Krims Krams
2013-08-30 16:14 - 2013-08-30 15:44 - 00000000 ___RD C:\Users\Hani\Desktop\Backgrounds
2013-08-30 16:13 - 2011-05-03 02:11 - 00000000 ___RD C:\users\Hani
2013-08-30 08:43 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-08-30 02:10 - 2013-07-17 13:38 - 00000000 ____D C:\Windows\System32\MRT
2013-08-30 02:09 - 2011-05-06 05:38 - 75778376 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-08-29 13:10 - 2013-05-24 11:31 - 00000000 ____D C:\Users\Hani\AppData\Local\Spotify
2013-08-29 05:57 - 2012-08-16 04:24 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-08-29 05:57 - 2011-05-17 07:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-08-06 18:22 - 2011-05-03 02:31 - 00238872 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-08-06 11:12 - 2011-06-11 01:10 - 00282296 _____ C:\Windows\System32\PnkBstrB.xtr
2013-08-06 11:12 - 2011-05-07 15:06 - 00282296 _____ C:\Windows\System32\PnkBstrB.ex0
2013-08-06 11:03 - 2011-05-07 15:06 - 00139648 _____ C:\Windows\System32\Drivers\PnkBstrK.sys
2013-08-06 11:01 - 2011-05-07 15:06 - 00282296 _____ C:\Windows\System32\PnkBstrB.exe
2013-08-06 01:56 - 2013-08-06 01:56 - 00001144 _____ C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
2013-08-06 01:56 - 2013-08-06 01:56 - 00001132 _____ C:\Users\Public\Desktop\Game Booster 3.lnk
2013-08-06 01:56 - 2013-08-06 01:56 - 00000000 ____D C:\Program Files\IObit
2013-08-06 01:56 - 2011-05-03 02:45 - 00000000 ____D C:\ProgramData\IObit
2013-08-05 07:44 - 2013-07-21 02:21 - 00000000 ____D C:\Users\Hani\Documents\TmForever

Files to move or delete:
====================
C:\Users\Hani\AppData\Local\Temp\ndeairvrmjnxfewww.exe
C:\Users\Hani\jagex_cl_loginapplet_LIVE.dat
C:\Users\Hani\jagex_cl_runescape_LIVE.dat
C:\Users\Hani\jagex_cl_runescape_LIVE1.dat
C:\Users\Hani\jagex_runescape_preferences.dat
C:\Users\Hani\jagex_runescape_preferences2.dat
C:\Users\Hani\random.dat
C:\Users\Hani\AppData\Local\Temp\ndeairvrmjnxfewww.dll
C:\Users\Hani\AppData\Local\Temp\SkypeSetup.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\Setup.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\VisualCRT\vc2008redist_x86.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\DSETUP.dll
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\dsetup32.dll
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\DXSETUP.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\data\Star Wars - The Old Republic Uninstaller.exe

==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info =========================== 

Percentage of memory in use: 55%
Total physical RAM: 1022.49 MB
Available physical RAM: 456.76 MB
Total Pagefile: 1022.49 MB
Available Pagefile: 459.01 MB
Total Virtual: 2047.88 MB
Available Virtual: 1944.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.03 GB) (Free:2.58 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (BACKUP) (Fixed) (Total:30.15 GB) (Free:6.13 GB) NTFS
Drive e: () (Fixed) (Total:41.93 GB) (Free:41.84 GB) NTFS
Drive f: (RECOVER) (Fixed) (Total:2.93 GB) (Free:0.56 GB) FAT32
Drive g: (Deutsch Hörbuch) (CDROM) (Total:4.38 GB) (Free:4.23 GB) UDF
Drive h: (HBCD 152) (Removable) (Total:14.9 GB) (Free:14.9 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: ACABACAB)
Partition 1: (Active) - (Size=74 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=75 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 008A70BE)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)


LastRegBack: 2013-08-02 15:35

==================== End Of Log ============================
--- --- ---


MfG Optical
__________________
 

Themen zu GVU Trojaner Windows 7 32bit
32bit, abend, anhang, bild, brauche, community, dringendes, geklappt, gestern, komplett, laufwerk, liebe, neu, nicht mehr, probiert, problem, thema, troja, trojaner, usb, versuch, versucht, vieles, windows, windows 7


« GVU Interpol Merkel-Trojaner Windows XP abgesicherter Modus startet nicht | TR/ATRAPS.Gen2 in Windows 7 »


Ähnliche Themen: GVU Trojaner Windows 7 32bit


  1. Alter laptop Windows vista sp2 32bit: (vermutlich)virus blockt Windows services und einige Internet verbindungen
    Log-Analyse und Auswertung - 04.11.2014 (3)
  2. Interpol-Trojaner (ukash) auf Windows XP-Rechner (32Bit)
    Plagegeister aller Art und deren Bekämpfung - 16.07.2014 (28)
  3. Windows 8.1 32bit Email der Anwalt Ebay GmbH Anhang geöffnet -> Trojaner?
    Log-Analyse und Auswertung - 09.07.2014 (13)
  4. Windows Vista 32Bit Interpol-Trojaner, Österr.
    Log-Analyse und Auswertung - 05.03.2014 (21)
  5. Windows 7 (32bit): Virenfund und Windows Firewall kann nicht aktiviert werden
    Log-Analyse und Auswertung - 03.02.2014 (9)
  6. BKA-Trojaner Sperrbildschirm Windows Vista (32bit) kein abgesicherter Modus
    Log-Analyse und Auswertung - 07.01.2014 (14)
  7. Windows 7 - 32bit: Windows Explorer schließt von selbst.
    Plagegeister aller Art und deren Bekämpfung - 20.12.2013 (6)
  8. Windows 8: 32bit. Trojaner/Virenproblem, extrem langsam, Dropbox aktualisiert ständig.
    Plagegeister aller Art und deren Bekämpfung - 24.11.2013 (9)
  9. Windows 7, 32Bit, Trojaner: Notebookbildschirm schwarz
    Log-Analyse und Auswertung - 04.11.2013 (20)
  10. GVU-Trojaner - Windows XP 32Bit
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (39)
  11. Laptop mit Windows Vista (32bit) infiziert mit JS/Agent.480412 (BKA-Trojaner)
    Plagegeister aller Art und deren Bekämpfung - 23.05.2013 (12)
  12. GVU Trojaner Windows XP 32bit
    Plagegeister aller Art und deren Bekämpfung - 08.03.2013 (15)
  13. Windows 7 32bit - GVU Trojaner 11.3 - Trojan.Wheelsof.gen
    Plagegeister aller Art und deren Bekämpfung - 01.12.2012 (2)
  14. GVU Trojaner - Windows 7 - 32bit
    Log-Analyse und Auswertung - 15.11.2012 (17)
  15. GVU Trojaner 2.07 Windows 7 32bit
    Log-Analyse und Auswertung - 26.09.2012 (9)
  16. GVU-Trojaner auf Laptop (Windows Vista / 32bit System)
    Plagegeister aller Art und deren Bekämpfung - 07.09.2012 (7)
  17. GVU Trojaner Windows XP 32bit
    Log-Analyse und Auswertung - 02.04.2012 (16)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema GVU Trojaner Windows 7 32bit - Hier bitteschön, hoffe es hilf dir weiter. FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2013 Ran by SYSTEM on MININT-VD57GID - GVU Trojaner Windows 7 32bit...
Archiv
Du betrachtest: GVU Trojaner Windows 7 32bit auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19