Windows 7: wie entferne ich Profiler.gen.ac und Win32/Matsnu.L?

Riela15 · 14.01.2015, 21:15

Habe drei Scans durchgeführt, nach jedem CleanUp betätigt. Beim Vierten keine Bedrohung mehr gefunden. Hier die Logfiles:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2015.01.14.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17501
***** :: +++++ [administrator]

14.01.2015 17:04:26
mbar-log-2015-01-14 (17-04-26).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 319659
Time elapsed: 23 minute(s), 

Memory Processes Detected: 1
C:\ProgramData\GARMIN\Maps\City Navigator Europe NT 2010.30.gmap\Product1\00330458\antispyware_software\office_web_apps.exe (Trojan.Downloader) -> 5840 -> Delete on reboot. [df70c7309fea92a4a525eb12d62b9769]

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 16
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|kkiiweuu (Trojan.Agent.EAJGen) -> Data: C:\Users\*****\AppData\Local\Lpsgds\kvsewweuu.exe -> Delete on reboot. [dc731fd86e1b5adc2b1e14cb7e830af6]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|sfjeyykp (Trojan.Agent.EAJGen) -> Data: C:\Users\*****\AppData\Local\Temp\Gubfc\ctthhrpyykp.exe -> Delete on reboot. [a5aabd3a6c1d3df991ba7a652ed3f010]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|uvkvdwyw (Trojan.Agent.EAJGen) -> Data: C:\Users\*****\AppData\Local\Gorebxesay\elenidwyw.exe -> Delete on reboot. [8ec104f3f4959c9a53f889569968c13f]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|cmomffmv (Trojan.Agent.EAJGen) -> Data: C:\Users\*****\AppData\Local\Temp\Piaiohqqbm\pgwcyqfffmv.exe -> Delete on reboot. [eb64f403f29766d04a942ab5d9282bd5]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|scriptplugin32 (Trojan.Agent.WSTGen) -> Data: C:\Users\*****\AppData\Roaming\Script\scriptplugin32.exe -> Delete on reboot. [e56a19de5d2cee482dfce702837ee31d]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|script-dll (Trojan.Krypt) -> Data: C:\Users\*****\AppData\Roaming\Script\script-dll.exe -> Delete on reboot. [1e3100f7becbc67022514a9f04fd1de3]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|update (Trojan.Krypt) -> Data: C:\Users\*****\AppData\Roaming\Update\update.exe -> Delete on reboot. [cd82b146553480b6501be507e0210df3]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|updateservice32 (Trojan.Krypt) -> Data: C:\Users\PAULUS~1\AppData\Local\Temp\Update\updateservice32.exe -> Delete on reboot. [88c7ca2d46433105412abc307988cf31]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|updatestage (Trojan.Krypt) -> Data: C:\Users\PAULUS~1\AppData\Local\Temp\Update\updatestage.exe -> Delete on reboot. [b69947b0dbae142297d459936b96e020]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|sim_pin (Trojan.Agent) -> Data: C:\Program Files\Adobe\Reader 11.0\Reader\Browser\question\social_updates.exe -> Delete on reboot. [024d07f0068356e093e220c36f92946c]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|run (Spyware.Citadel) -> Data: C:\Users\*****\AppData\Roaming\Run\run.exe -> Delete on reboot. [46099b5c8504b0866eb7c72c6e931ae6]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|loader-help (Spyware.Citadel) -> Data: C:\Users\*****\AppData\Roaming\Loader\loader-help.exe -> Delete on reboot. [5af5fff8fa8f3df968bdfef5e120a55b]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|firefox64-print64 (Trojan.Inject) -> Data: C:\Users\*****\AppData\Local\Firefox64\firefox64-print64.exe -> Delete on reboot. [fc53797e1178a393cd0267f8c23e8a76]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|avira32frame (Trojan.Inject) -> Data: C:\Users\*****\AppData\Roaming\Avira32\avira32frame.exe -> Delete on reboot. [8ec1797ef79259dd25aa72ed0ef2a759]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|data_sense (Trojan.Tinba) -> Data: C:\ProgramData\Adobe\Setup\{AC76BA86-7AD7-1031-7B44-AB0000000001}\mjgbgq\inventory_order\refresh.exe -> Delete on reboot. [0d42787f1a6fb77fd4cf9a63e02146ba]
HKU\S-1-5-21-2950267747-3488905677-2633809525-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|space (Backdoor.Bot) -> Data: C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\en.lproj\asn_1\authority_key_identifier\search_icon.exe -> Delete on reboot. [c7886b8c2366f640218e54b20cf66e92]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 87
C:\ProgramData\GARMIN\Maps\City Navigator Europe NT 2010.30.gmap\Product1\00330458\antispyware_software\office_web_apps.exe (Trojan.Downloader) -> Delete on reboot. [df70c7309fea92a4a525eb12d62b9769]
C:\Users\*****\AppData\Local\Lpsgds\kvsewweuu.exe (Trojan.Agent.EAJGen) -> Delete on reboot. [dc731fd86e1b5adc2b1e14cb7e830af6]
C:\Users\*****\AppData\Local\Temp\Gubfc\ctthhrpyykp.exe (Trojan.Agent.EAJGen) -> Delete on reboot. [a5aabd3a6c1d3df991ba7a652ed3f010]
C:\Users\*****\AppData\Local\Gorebxesay\elenidwyw.exe (Trojan.Agent.EAJGen) -> Delete on reboot. [8ec104f3f4959c9a53f889569968c13f]
C:\Users\*****\AppData\Local\Temp\Piaiohqqbm\pgwcyqfffmv.exe (Trojan.Agent.EAJGen) -> Delete on reboot. [eb64f403f29766d04a942ab5d9282bd5]
C:\Users\*****\AppData\Roaming\Script\scriptplugin32.exe (Trojan.Agent.WSTGen) -> Delete on reboot. [e56a19de5d2cee482dfce702837ee31d]
C:\Users\*****\AppData\Roaming\Script\script-dll.exe (Trojan.Krypt) -> Delete on reboot. [1e3100f7becbc67022514a9f04fd1de3]
C:\Users\*****\AppData\Roaming\Update\update.exe (Trojan.Krypt) -> Delete on reboot. [cd82b146553480b6501be507e0210df3]
C:\Users\*****\AppData\Local\Temp\Update\updateservice32.exe (Trojan.Krypt) -> Delete on reboot. [88c7ca2d46433105412abc307988cf31]
C:\Users\*****\AppData\Local\Temp\Update\updatestage.exe (Trojan.Krypt) -> Delete on reboot. [b69947b0dbae142297d459936b96e020]
C:\Program Files\Adobe\Reader 11.0\Reader\Browser\question\social_updates.exe (Trojan.Agent) -> Delete on reboot. [024d07f0068356e093e220c36f92946c]
C:\Users\*****\AppData\Roaming\Run\run.exe (Spyware.Citadel) -> Delete on reboot. [46099b5c8504b0866eb7c72c6e931ae6]
C:\Users\*****\AppData\Roaming\Loader\loader-help.exe (Spyware.Citadel) -> Delete on reboot. [5af5fff8fa8f3df968bdfef5e120a55b]
C:\Users\*****\AppData\Local\Firefox64\firefox64-print64.exe (Trojan.Inject) -> Delete on reboot. [fc53797e1178a393cd0267f8c23e8a76]
C:\Users\*****\AppData\Roaming\Avira32\avira32frame.exe (Trojan.Inject) -> Delete on reboot. [8ec1797ef79259dd25aa72ed0ef2a759]
C:\ProgramData\Adobe\Setup\{AC76BA86-7AD7-1031-7B44-AB0000000001}\mjgbgq\inventory_order\refresh.exe (Trojan.Tinba) -> Delete on reboot. [0d42787f1a6fb77fd4cf9a63e02146ba]
C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\en.lproj\asn_1\authority_key_identifier\search_icon.exe (Backdoor.Bot) -> Delete on reboot. [c7886b8c2366f640218e54b20cf66e92]
C:\Users\*****\AppData\Roaming\Farmer_picture\farmer_roof.exe (Backdoor.Agent.STL) -> Delete on reboot. [92bdac4bf396c96d20ee33c9de2326da]
C:\Users\*****\AppData\Roaming\Office7reg\win.exe (Trojan.Inject) -> Delete on reboot. [f25d22d519705adc9e31342b42be2bd5]
C:\Users\*****\AppData\Local\Temp\14B9.tmp (Trojan.Krypt) -> Delete on reboot. [94bb1ed90f7a3303c642558ae71a52ae]
C:\Users\*****\AppData\Local\Temp\1B4E.tmp (Trojan.Krypt) -> Delete on reboot. [242b3bbc08817fb709ff7c630cf5d22e]
C:\Users\*****\AppData\Local\Temp\1B8C.tmp (Trojan.Agent.ED) -> Delete on reboot. [d07f0ee94f3ac76fabaf02fd719018e8]
C:\Users\*****\AppData\Local\Temp\27EA.tmp (Trojan.Agent.ED) -> Delete on reboot. [1d32589f325787af2a304fb0d62bb24e]
C:\Users\*****\AppData\Local\Temp\2A2B.tmp (Trojan.Downloader) -> Delete on reboot. [e46b4ea9acdda0964486a459fc057a86]
C:\Users\*****\AppData\Local\Temp\C11.tmp (Trojan.Agent) -> Delete on reboot. [6ce3a552147524127afbbd2648b91be5]
C:\Users\*****\AppData\Local\Temp\C255.tmp (Trojan.Downloader) -> Delete on reboot. [d17eee094940af87b416b34a4fb247b9]
C:\Users\*****\AppData\Local\Temp\C39D.tmp (Trojan.Agent.ED) -> Delete on reboot. [8bc425d26128e155ce8cf20daf52946c]
C:\Users\*****\AppData\Local\Temp\C7A4.tmp (Trojan.Agent.ED) -> Delete on reboot. [fd52b3446a1faf8732284cb337ca7789]
C:\Users\*****\AppData\Local\Temp\C9D4.tmp (Spyware.Password) -> Delete on reboot. [e16ef9feacdd9e98add856a7a65b32ce]
C:\Users\*****\AppData\Local\Temp\camera.exe (Trojan.Agent.ED) -> Delete on reboot. [ada2f1066029ce68aeace8179869fe02]
C:\Users\*****\AppData\Local\Temp\D972.tmp (Trojan.Agent.ED) -> Delete on reboot. [d37cf8ffb4d57eb87bdf8d7240c1a957]
C:\Users\*****\AppData\Local\Temp\DD92.tmp (Trojan.Downloader) -> Delete on reboot. [eb6419de67224de98149da238180c43c]
C:\Users\*****\AppData\Local\Temp\586B.tmp (Spyware.Password) -> Delete on reboot. [4807f6012663d264de7aca36ba4841bf]
C:\Users\*****\AppData\Local\Temp\5C81.tmp (Trojan.Agent.ED) -> Delete on reboot. [3916bf38583152e4a7b337c820e140c0]
C:\Users\*****\AppData\Local\Temp\5E35.tmp (Trojan.Downloader) -> Delete on reboot. [69e63eb9355477bfac1e9865a859b54b]
C:\Users\*****\AppData\Local\Temp\5EA4.tmp (Trojan.Krypt) -> Delete on reboot. [afa0cc2bc3c654e2ca3e2cb34ab7f907]
C:\Users\*****\AppData\Local\Temp\6962.tmp (Spyware.Password) -> Delete on reboot. [a0af43b42e5b3402df79c93728da1ce4]
C:\Users\*****\AppData\Local\Temp\6BFC.tmp (Trojan.Agent.ED) -> Delete on reboot. [e46b6097f3967fb7ca9058a7b74a58a8]
C:\Users\*****\AppData\Local\Temp\6D52.tmp (Trojan.Agent.ED) -> Delete on reboot. [9db2f9fe622739fd0d4ddf20c23fcd33]
C:\Users\*****\AppData\Local\Temp\B6B2.tmp (Trojan.FakeAdobe.ED) -> Delete on reboot. [0c43f304a1e8b185e88f1de208f9936d]
C:\Users\*****\AppData\Local\Temp\BC1F.tmp (Trojan.Downloader) -> Delete on reboot. [4906ee09e4a551e504c624d9956c817f]
C:\Users\*****\AppData\Local\Temp\{00000083-EBE5-FC76} (Trojan.Agent.WSTGen) -> Delete on reboot. [f45b29ceacddc27427ca9851827fa45c]
c:\Users\*****\AppData\Local\Temp\{000004ef-4bfa-ae2d} (Trojan.Agent.ED) -> Delete on reboot. [85cacc2b36532610fb450fda946d33cd]
C:\Users\*****\AppData\Local\Temp\{000017FC-E9C0-92A9} (Trojan.Downloader) -> Delete on reboot. [1d32a651c2c7f442bf0b40bdf40d16ea]
C:\Users\*****\AppData\Local\Temp\{00001DB9-2C57-79FF} (Trojan.Agent) -> Delete on reboot. [57f8f403b5d4a78f3c398d56a958966a]
C:\Users\*****\AppData\Local\Temp\{00004135-627D-B9A} (Trojan.Agent.ED) -> Delete on reboot. [1738a7500a7fe650c4c549baff03dc24]
C:\Users\*****\AppData\Local\Temp\{00004C57-8CF7-DC6E} (Trojan.Agent.WSTGen) -> Delete on reboot. [74db8275addcbf77c928c42521e040c0]
C:\Users\*****\AppData\Local\Temp\{00006FB3-C6C9-842A} (Trojan.Agent.ED) -> Delete on reboot. [aba436c14049122476c86288e41d40c0]
C:\Users\*****\AppData\Local\Temp\E0EE.tmp (Trojan.Agent.ED) -> Delete on reboot. [27284fa8b6d38fa768b9f3f5e71a1de3]
C:\Users\*****\AppData\Local\Temp\E523.tmp (Trojan.Agent.ED) -> Delete on reboot. [ff509f585732f343fb4504e5ad54a65a]
C:\Users\*****\AppData\Local\Temp\E9C3.tmp (Trojan.Krypt) -> Delete on reboot. [50ff3abdfc8d1d19c93f5887867bbb45]
C:\Users\*****\AppData\Local\Temp\EA19.tmp (Trojan.Downloader) -> Delete on reboot. [64ebe71072178babf3d7ba437d8445bb]
C:\Users\*****\AppData\Local\Temp\ECF.tmp (Trojan.Krypt) -> Delete on reboot. [1b341cdb6a1f9d998187508f4eb35fa1]
C:\Users\*****\AppData\Local\Temp\EDF.tmp (Trojan.Agent.ED) -> Delete on reboot. [6de29265f29776c07b94d8273ec37e82]
C:\Users\*****\AppData\Local\Temp\fqjmyvktlq.pre (Trojan.Agent.WSTGen) -> Delete on reboot. [57f8c433ec9d22149b8e638634cd1ee2]
C:\Users\*****\AppData\Local\Temp\CB69.tmp (Trojan.Agent.ED) -> Delete on reboot. [d976e215d2b7bb7b5a00ef109e63738d]
C:\Users\*****\AppData\Local\Temp\81FC.tmp (Trojan.Agent.ED) -> Delete on reboot. [fc53f8ff58315dd9da808c730cf59c64]
C:\Users\*****\AppData\Local\Temp\8BB0.tmp (Trojan.Agent.ED) -> Delete on reboot. [94bb896e89007cbaec6edf209f62c040]
C:\Users\*****\AppData\Local\Temp\8CE4.tmp (Trojan.Agent.ED) -> Delete on reboot. [dd729e59cebbe452d08a7f80da2737c9]
C:\Users\*****\AppData\Local\Temp\904F.tmp (Trojan.Agent.ED) -> Delete on reboot. [212edd1ae8a11224a23e4fa4b34e7b85]
C:\Users\*****\AppData\Local\Temp\93D6.tmp (Trojan.Downloader) -> Delete on reboot. [db74e80fb2d70f27ca002cd1ac55de22]
C:\Users\*****\AppData\Local\Temp\9434.tmp (Trojan.Krypt) -> Delete on reboot. [d47bc4337c0da393699f4b941ce5d62a]
C:\Users\*****\AppData\Local\Temp\9EDD.tmp (Spyware.Password) -> Delete on reboot. [084702f5226750e6cd8b14eccd3517e9]
C:\Users\*****\AppData\Local\Temp\9EFD.tmp (Trojan.Agent.ED) -> Delete on reboot. [cd82c6318cfdee483921cc337d8421df]
C:\Users\*****\AppData\Local\Temp\A46A.tmp (Trojan.Krypt) -> Delete on reboot. [2a25a15619701323cd3b88574cb5aa56]
C:\Users\*****\AppData\Local\Temp\ABF.tmp (Spyware.Password) -> Delete on reboot. [a2add91e44457eb8bb9dcb35d13106fa]
C:\Users\*****\AppData\Local\Temp\35C1.tmp (Trojan.Agent.ED) -> Delete on reboot. [2827c92ecdbcac8a5ce4b2372dd423dd]
C:\Users\*****\AppData\Local\Temp\36E8.tmp (Trojan.Agent.ED) -> Delete on reboot. [99b6c6318405ff37dd441fc9976a916f]
C:\Users\*****\AppData\Local\Temp\F68F.tmp (Trojan.Agent.ED) -> Delete on reboot. [8ac5d720d1b8979f3d03ae3bd130936d]
C:\Users\*****\AppData\Local\Temp\F824.tmp (Trojan.Agent.ED) -> Delete on reboot. [a9a64baca2e7e155fc5e54abbe435ea2]
C:\Users\*****\AppData\Local\Temp\FAB3.tmp (Spyware.Password) -> Delete on reboot. [9eb1de1985044de94d0bd12f946ea858]
C:\Users\*****\AppData\Local\Temp\FD8.tmp (Trojan.Downloader) -> Delete on reboot. [2926cb2c335664d2c70356a702ff6d93]
C:\Users\*****\AppData\Local\Temp\FDC0.tmp (Trojan.Agent.ED) -> Delete on reboot. [63ecac4bbacfab8b71e9af5018e9ac54]
C:\Users\*****\AppData\Local\Temp\7AE.tmp (Trojan.Agent) -> Delete on reboot. [a3ac7e798efbd95dee8715ce33cea957]
c:\Users\*****\AppData\Local\Temp\{000095d1-cab1-5a2e} (Trojan.Agent.ED) -> Delete on reboot. [08471bdc4643aa8c934d3bb8ad5432ce]
c:\Users\*****\AppData\Local\Temp\{0000aad6-f152-336} (Trojan.Agent.ED) -> Delete on reboot. [ef60cb2cb8d1a19564dc3cadb74a1ce4]
C:\Users\*****\AppData\Local\Temp\{0000D09C-2AFE-5B50} (Trojan.Agent.ED) -> Delete on reboot. [5df2a94e137642f4471017eac0427789]
C:\Users\*****\AppData\Local\Temp\DFA4.tmp (Trojan.Agent.ED) -> Delete on reboot. [d37c8f68048582b481d98976c9388a76]
C:\Users\*****\AppData\Local\Temp\40E6.tmp (Trojan.Agent.ED) -> Delete on reboot. [c9864daa3e4b181e1d3db847a55cbf41]
C:\Users\*****\AppData\Local\Temp\4144.tmp (Trojan.Agent.ED) -> Delete on reboot. [4c03d225fe8b63d39dbde51a51b0768a]
C:\Users\*****\AppData\Local\Temp\47AA.tmp (Spyware.Password) -> Delete on reboot. [fa55ee097d0ce4520e4ad62aa959e917]
C:\Users\*****\AppData\Local\Temp\4CA9.tmp (Trojan.Downloader) -> Delete on reboot. [59f61fd8454489adb812ab52c43d946c]
C:\Users\*****\AppData\Local\Temp\4FF3.tmp (Trojan.Agent.ED) -> Delete on reboot. [d679fef9f59467cff7631ae5b54cb44c]
C:\Users\*****\AppData\Local\Temp\Doctor-thank\doctor-project.exe (Backdoor.Agent.STL) -> Delete on reboot. [b699bb3caddcd95d66815ea0669b06fa]
C:\Users\*****\AppData\Local\Doctor-shoulder\doctor_enjoy.exe (Backdoor.Agent.STL) -> Delete on reboot. [ce812bcc29601c1aac3b7f7fe51c966a]
C:\Users\*****\AppData\Local\Rnepwrqbck\uinnimak.exe (Trojan.Agent.WSTGen) -> Delete on reboot. [004f42b503863df9ae947c799a67639d]
C:\Users\*****\AppData\Local\Farmer-golf\farmer_distance.exe (Backdoor.Agent.STLGen) -> Delete on reboot. [9eb144b38aff82b4fa849c6adc26fb05]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2015.01.14.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17501
***** :: +++++ [administrator]

14.01.2015 17:39:37
mbar-log-2015-01-14 (17-39-37).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 319473
Time elapsed: 17 minute(s), 27 second(s)

Memory Processes Detected: 1
C:\ProgramData\GARMIN\Maps\City Navigator Europe NT 2010.30.gmap\Product1\00330464\connection_manager\navigation_pane.exe (Trojan.Downloader) -> 13048 -> Delete on reboot. [58f7a0576326ed492e9ceb12a9585ba5]

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\ProgramData\GARMIN\Maps\City Navigator Europe NT 2010.30.gmap\Product1\00330464\connection_manager\navigation_pane.exe (Trojan.Downloader) -> Delete on reboot. [58f7a0576326ed492e9ceb12a9585ba5]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2015.01.14.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17501
***** :: +++++ [administrator]

14.01.2015 20:22:00
mbar-log-2015-01-14 (20-22-00).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 319344
Time elapsed: 15 minute(s), 27 second(s)

Memory Processes Detected: 1
C:\ProgramData\GARMIN\Maps\City Navigator Europe NT 2010.30.gmap\Product1\00330458\antispyware_software\people_tags.exe (Trojan.Downloader) -> 4744 -> Delete on reboot. [cc85b83f1b6e48ee70606796d829dc24]

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\ProgramData\GARMIN\Maps\City Navigator Europe NT 2010.30.gmap\Product1\00330458\antispyware_software\people_tags.exe (Trojan.Downloader) -> Delete on reboot. [cc85b83f1b6e48ee70606796d829dc24]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Windows 7: wie entferne ich Profiler.gen.ac und Win32/Matsnu.L?

Plagegeister aller Art und deren Bekämpfung: Windows 7: wie entferne ich Profiler.gen.ac und Win32/Matsnu.L?

Windows 7: wie entferne ich Profiler.gen.ac und Win32/Matsnu.L?

Ähnliche Themen: Windows 7: wie entferne ich Profiler.gen.ac und Win32/Matsnu.L?