| |
| |||||||
Log-Analyse und Auswertung: TR/Crypt.ZPACK.Gen und ADWARE/NaviPromo.2.93 entfernenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
06.08.2011, 21:39
| #16 |
 |  TR/Crypt.ZPACK.Gen und ADWARE/NaviPromo.2.93 entfernen Hallo Arne, hier mal der Log von Gmer: GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-08-06 22:33:54
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD2500BEVS-22UST0 rev.01.01A01
Running: 7zv4zip8.exe; Driver: C:\Users\***\AppData\Local\Temp\pgtdypoc.sys
---- System - GMER 1.0.15 ----
SSDT 8C6F775E ZwCreateSection
SSDT 8C6F7763 ZwSetContextThread
SSDT 8C6F76FF ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 215 820B4998 4 Bytes [5E, 77, 6F, 8C]
.text ntkrnlpa.exe!KeSetEvent + 56D 820B4CF0 4 Bytes [63, 77, 6F, 8C]
.text ntkrnlpa.exe!KeSetEvent + 621 820B4DA4 4 Bytes [FF, 76, 6F, 8C]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [10002300] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001B30] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10002690] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10001290] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Skype\Phone\Skype.exe[3216] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [10002300] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Skype\Phone\Skype.exe[3216] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001B30] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Skype\Phone\Skype.exe[3216] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!GetProcAddress] [10002690] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Skype\Phone\Skype.exe[3216] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!LoadLibraryA] [10001290] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\program files\avira\antivir desktop\avcenter.exe[4144] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [053E2300] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\program files\avira\antivir desktop\avcenter.exe[4144] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [053E1B30] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\program files\avira\antivir desktop\avcenter.exe[4144] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [053E2690] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\program files\avira\antivir desktop\avcenter.exe[4144] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [053E1290] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
_____________________________ der Rest folgt.... |
| Themen zu TR/Crypt.ZPACK.Gen und ADWARE/NaviPromo.2.93 entfernen |
| adware/navipromo.2.93, antivir, avg, avira, cambofix, canon, defender, desktop, entfernen, firefox, format, helper, home, internet, internet explorer, launch, malware, mozilla, popup, preferences, problem, scan, server, software, start menu, svchost, system, tr/crypt.zpack.gen, trojanisches pferd, updates, windows |
Baum-Darstellung