Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
TR/Crypt.XPACK.Gen3 von Avira Antivir Personal gemeldet in C:\Windows\Temp\tmp...

TR/Crypt.XPACK.Gen3 von Avira Antivir Personal gemeldet in C:\Windows\Temp\tmp...


Log-Analyse und Auswertung: TR/Crypt.XPACK.Gen3 von Avira Antivir Personal gemeldet in C:\Windows\Temp\tmp...

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 20.12.2011, 00:13   #1
jkf
 
TR/Crypt.XPACK.Gen3 von Avira Antivir Personal gemeldet in C:\Windows\Temp\tmp... - Standard

TR/Crypt.XPACK.Gen3 von Avira Antivir Personal gemeldet in C:\Windows\Temp\tmp...


Guten Abend,

ich bin in diesem Forum gelandet, weil der Rechner meines Nachbarn bei mir gelandet ist (XP, SP3). Bei diesem Rechner wird durch Avira Antivir Personal der Trojaner TR/Crypt.XPACK.Gen3 2 Mal bei einem Systemscan gemeldet. Das Verschieben in die Quarantäne nutzt nichts, denn nach einem Neustart des Rechners und erneutem Systemscan wird wieder der Trojaner gemeldet.

Nachdem ich mich im Internet umgesehen habe und viele verschiedene Tips gelesen habe, hat mich die Vorgehensweise in diesem Forum sehr überzeugt, weshalb ich bis jetzt die Trojaner nur in die Quarantäne verschickt habe und dann die erforderlichen Logdateien erzeugt habe.

Vielen Dank für Ihre Hilfe.

Die Dateien gmer.txt und Extras.txt, sowie 2 Avira Reports finden sich in der gezippten Datei im Anhang,

Hier folgt nun die OTL.txt:

OTL logfile created on: 18.12.2011 23:12:52 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\****\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1022,48 Mb Total Physical Memory | 522,82 Mb Available Physical Memory | 51,13% Memory free
2,40 Gb Paging File | 1,95 Gb Available in Paging File | 81,18% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 201,95 Gb Free Space | 86,72% Space Free | Partition Type: NTFS

Computer Name: SN116528580310 | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.12.18 23:07:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\****\Desktop\OTL.exe
PRC - [2011.06.28 19:28:50 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.05.04 18:54:49 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.13 08:39:19 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.05.20 15:27:26 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX3000.exe
PRC - [2010.05.20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.03.22 19:08:32 | 000,090,112 | ---- | M] (SOFTWIN S.R.L.) -- C:\Programme\Softwin\BitDefender8\vsserv.exe
PRC - [2006.02.23 12:09:06 | 000,114,784 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe
PRC - [2006.02.23 12:09:04 | 000,266,338 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
PRC - [2006.02.23 12:08:36 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\APPS\Powercinema\PCMService.exe
PRC - [2006.02.23 12:08:28 | 001,073,152 | ---- | M] (Cyberlink) -- c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
PRC - [2006.01.30 09:56:38 | 001,978,368 | ---- | M] () -- C:\APPS\Softex\OmniPass\scureapp.exe
PRC - [2006.01.30 08:47:50 | 000,014,848 | ---- | M] () -- C:\APPS\Softex\OmniPass\OPXPApp.exe
PRC - [2006.01.30 08:47:48 | 000,032,768 | ---- | M] (Softex Inc.) -- C:\APPS\Softex\OmniPass\OmniServ.exe
PRC - [2006.01.13 18:14:46 | 000,086,016 | ---- | M] (Softwin) -- C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe
PRC - [2005.12.23 07:44:42 | 000,864,256 | ---- | M] (Sonic Solutions) -- C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxMediaDB.exe
PRC - [2005.12.23 07:42:02 | 000,155,648 | ---- | M] (Sonic Solutions) -- C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxWatch.exe
PRC - [2005.11.17 09:51:08 | 000,975,360 | ---- | M] (Packard Bell BV) -- C:\APPS\SMP\SMPSYS.EXE
PRC - [2005.06.03 03:52:54 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
PRC - [2005.04.06 14:09:42 | 000,033,280 | ---- | M] () -- C:\Programme\Softwin\BitDefender8\bdswitch.exe
PRC - [2005.01.24 15:25:38 | 000,069,632 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
PRC - [2005.01.07 11:01:52 | 000,049,152 | ---- | M] () -- c:\APPS\HIDSERVICE\HidService.exe
PRC - [2004.11.26 11:43:34 | 000,090,112 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\Monitor.exe
PRC - [2004.11.09 21:36:01 | 001,140,312 | ---- | M] (America Online, Inc.) -- C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe
PRC - [2004.02.26 09:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2003.05.02 10:31:50 | 000,024,576 | ---- | M] (NEC Computers International) -- C:\APPS\ABOARD\ABOARD.EXE
PRC - [2003.05.02 10:31:38 | 000,069,632 | ---- | M] (NEC Computers International) -- C:\APPS\ABOARD\AOSD.EXE


========== Modules (No Company Name) ==========

MOD - [2010.06.17 14:27:02 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008.04.14 03:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.02.23 12:09:06 | 000,114,784 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe
MOD - [2006.02.23 12:09:04 | 000,266,338 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
MOD - [2006.02.23 12:08:54 | 000,065,634 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSchMgr.dll
MOD - [2006.02.23 12:08:54 | 000,024,576 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSchedps.dll
MOD - [2006.02.23 12:08:52 | 000,225,384 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapEngine.dll
MOD - [2006.02.23 12:08:52 | 000,032,768 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvcps.dll
MOD - [2006.01.30 09:56:38 | 001,978,368 | ---- | M] () -- C:\APPS\Softex\OmniPass\scureapp.exe
MOD - [2006.01.30 09:03:18 | 000,025,024 | ---- | M] () -- C:\APPS\Softex\OmniPass\hdddrv.dll
MOD - [2006.01.30 08:53:44 | 000,049,152 | ---- | M] () -- C:\APPS\Softex\OmniPass\OPXPGina.dll
MOD - [2006.01.30 08:47:50 | 000,014,848 | ---- | M] () -- C:\APPS\Softex\OmniPass\OPXPApp.exe
MOD - [2006.01.30 08:45:26 | 000,053,248 | ---- | M] () -- C:\APPS\Softex\OmniPass\scuredll.dll
MOD - [2006.01.30 08:45:24 | 000,110,592 | ---- | M] () -- C:\APPS\Softex\OmniPass\ginastub.dll
MOD - [2006.01.30 08:45:04 | 000,307,200 | ---- | M] () -- C:\APPS\Softex\OmniPass\userdata.dll
MOD - [2006.01.30 08:44:50 | 000,901,120 | ---- | M] () -- C:\APPS\Softex\OmniPass\autheng.dll
MOD - [2006.01.30 08:44:36 | 000,012,288 | ---- | M] () -- C:\APPS\Softex\OmniPass\cryptodll.dll
MOD - [2006.01.30 08:44:34 | 000,364,544 | ---- | M] () -- C:\APPS\Softex\OmniPass\storeng.dll
MOD - [2006.01.30 08:44:16 | 000,010,752 | ---- | M] () -- C:\APPS\Softex\OmniPass\SSPLogon.dll
MOD - [2006.01.30 08:33:28 | 002,179,504 | ---- | M] () -- C:\APPS\Softex\OmniPass\sftxtgp.dll
MOD - [2005.12.23 07:26:00 | 004,448,256 | R--- | M] () -- C:\Programme\Gemeinsame Dateien\Roxio Shared\DLLShared\ROXIPP4.dll
MOD - [2005.11.04 16:56:34 | 000,073,728 | ---- | M] () -- C:\Programme\Softwin\BitDefender8\bdpop3p.dll
MOD - [2005.10.10 17:12:04 | 000,061,440 | ---- | M] () -- C:\WINDOWS\system32\sockspy.dll
MOD - [2005.09.19 17:37:08 | 000,132,608 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\libfn.dll
MOD - [2005.06.21 18:35:54 | 000,200,704 | ---- | M] () -- C:\Programme\Softwin\BitDefender8\bdas.dll
MOD - [2005.04.06 14:09:42 | 000,033,280 | ---- | M] () -- C:\Programme\Softwin\BitDefender8\bdswitch.exe
MOD - [2005.01.24 15:25:38 | 000,069,632 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
MOD - [2005.01.07 11:01:52 | 000,049,152 | ---- | M] () -- c:\APPS\HIDSERVICE\HidService.exe
MOD - [2004.07.26 17:11:50 | 000,028,672 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\DetMethod.dll
MOD - [2004.06.09 18:29:48 | 000,043,008 | ---- | M] () -- C:\Programme\Softwin\BitDefender8\mimepack.dll
MOD - [2003.12.10 16:08:08 | 000,049,152 | ---- | M] () -- C:\Programme\Softwin\BitDefender8\mimeinf.dll
MOD - [2003.12.10 16:07:30 | 000,045,056 | ---- | M] () -- C:\Programme\Softwin\BitDefender8\procinf.dll
MOD - [2002.12.06 17:37:06 | 000,503,808 | ---- | M] () -- C:\WINDOWS\system32\xreglib.dll
MOD - [2002.01.14 14:49:00 | 000,045,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\avxdisk.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.06.28 19:28:50 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.04 18:54:49 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.05.20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2006.03.22 19:08:32 | 000,090,112 | ---- | M] (SOFTWIN S.R.L.) [Auto | Running] -- C:\Programme\Softwin\BitDefender8\vsserv.exe -- (VSSERV)
SRV - [2006.02.23 12:09:06 | 000,114,784 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2006.02.23 12:09:04 | 000,266,338 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2006.02.23 12:08:28 | 001,073,152 | ---- | M] (Cyberlink) [Auto | Running] -- c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2006.01.30 08:47:48 | 000,032,768 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\APPS\Softex\OmniPass\OmniServ.exe -- (omniserv)
SRV - [2006.01.13 18:14:46 | 000,086,016 | ---- | M] (Softwin) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe -- (XCOMM)
SRV - [2005.12.27 09:23:16 | 000,045,056 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCom\RoxUpnpRenderer.exe -- (RoxUPnPRenderer)
SRV - [2005.12.27 09:21:22 | 000,409,600 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Programme\Roxio\WinOnCD 8\Digital Home\RoxUpnpServer.exe -- (RoxUpnpServer)
SRV - [2005.12.23 07:46:02 | 000,233,472 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxLiveShare.exe -- (RoxLiveShare)
SRV - [2005.12.23 07:44:42 | 000,864,256 | ---- | M] (Sonic Solutions) [On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxMediaDB.exe -- (RoxMediaDB)
SRV - [2005.12.23 07:42:02 | 000,155,648 | ---- | M] (Sonic Solutions) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxWatch.exe -- (RoxWatch)
SRV - [2005.01.24 15:25:38 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe -- (bdss)
SRV - [2005.01.07 11:01:52 | 000,049,152 | ---- | M] () [Auto | Running] -- c:\APPS\HIDSERVICE\HidService.exe -- (GenericHidService)
SRV - [2004.11.09 21:36:01 | 001,140,312 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2004.10.22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.02.26 09:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2011.06.28 19:28:52 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 19:28:52 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.01.05 04:34:28 | 005,656,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.06.17 14:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 14:26:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010.05.20 15:27:26 | 001,961,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX3000.sys -- (VX3000)
DRV - [2006.01.09 18:51:38 | 000,010,800 | ---- | M] () [Kernel | Auto | Running] -- C:\Programme\Softwin\BitDefender8\bdrsdrv.sys -- (BDRSDRV)
DRV - [2006.01.09 18:50:34 | 000,014,145 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Programme\Softwin\BitDefender8\bdfsdrv.sys -- (BDFSDRV)
DRV - [2005.12.27 06:37:08 | 000,050,176 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter)
DRV - [2005.12.09 16:48:40 | 004,123,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005.10.22 06:05:00 | 000,311,680 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2005.10.22 06:05:00 | 000,119,168 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Pwd_2k.sys -- (pwd_2k)
DRV - [2005.10.22 06:05:00 | 000,027,264 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2005.10.22 06:05:00 | 000,027,136 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2005.09.30 11:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005.01.07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004.02.23 04:07:34 | 000,003,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\AIDA32 - Enterprise System Information\aida32.sys -- (AIDA32Driver)
DRV - [2003.01.10 22:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001.08.18 04:19:50 | 000,281,728 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atimtai.sys -- (atimtai)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://format.packardbell.com/cgi-bin/redirect/?country=GE&range=AD&phase=6&key=SEARCH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file:///C:/APPS/IE/offline/ger.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.12.03 23:54:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.05.06 22:31:50 | 000,000,000 | ---D | M]

[2011.02.07 21:02:18 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Mozilla\Extensions
[2011.05.06 22:17:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Mozilla\Firefox\Profiles\w6ghrm33.default\extensions
[2011.02.08 09:56:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Mozilla\Firefox\Profiles\w6ghrm33.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.05.19 10:50:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.06.20 09:20:00 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.12.03 23:54:02 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.10.16 07:16:38 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.16 07:16:38 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.10.16 07:16:38 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.16 07:16:38 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.16 07:16:38 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.16 07:16:38 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ACTIVBOARD] c:\APPS\ABOARD\ABOARD.EXE (NEC Computers International)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BDSwitchAgent] C:\Programme\Softwin\BitDefender8\bdswitch.exe ()
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Programme\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OmniPass] C:\APPS\Softex\OmniPass\scureapp.exe ()
O4 - HKLM..\Run: [PCMService] c:\APPS\Powercinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [VX3000] C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core] C:\Programme\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [SmpcSys] C:\APPS\SMP\SMPSYS.EXE (Packard Bell BV)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WiFi Station.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B778C99E-8791-46D4-AE36-E168495B90C3}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (sockspy.dll) -C:\WINDOWS\System32\sockspy.dll ()
O20 - AppInit_DLLs: (sockspy.dll) -C:\WINDOWS\System32\sockspy.dll ()
O20 - AppInit_DLLs: (sockspy.dll) -C:\WINDOWS\System32\sockspy.dll ()
O20 - AppInit_DLLs: (sockspy.dll) -C:\WINDOWS\System32\sockspy.dll ()
O20 - AppInit_DLLs: (sockspy.dll) -C:\WINDOWS\System32\sockspy.dll ()
O20 - AppInit_DLLs: (sockspy.dll) -C:\WINDOWS\System32\sockspy.dll ()
O20 - AppInit_DLLs: (sockspy.dll) -C:\WINDOWS\System32\sockspy.dll ()
O20 - AppInit_DLLs: (sockspy.dll) -C:\WINDOWS\System32\sockspy.dll ()
O20 - AppInit_DLLs: (sockspy.dll) -C:\WINDOWS\System32\sockspy.dll ()
O20 - AppInit_DLLs: (sockspy.dll) -C:\WINDOWS\System32\sockspy.dll ()
O20 - AppInit_DLLs: (sockspy.dll) -C:\WINDOWS\System32\sockspy.dll ()
O20 - AppInit_DLLs: (sockspy.dll) -C:\WINDOWS\System32\sockspy.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\OPXPGina: DllName - (C:\Apps\Softex\OmniPass\opxpgina.dll) - C:\APPS\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\APPS\DESKTOP\BG800DL.bmp
O24 - Desktop BackupWallPaper: C:\APPS\DESKTOP\BG800DL.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EFCE7BE0-510E-4932-9475-F44CD90DE16A} - Microsoft .NET Framework 1.1 Security Update (KB2572067)
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.12.18 23:07:46 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\****\Desktop\OTL.exe
[2011.12.18 20:00:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.12.04 09:06:36 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\****\IETldCache
[2011.12.04 00:08:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011.12.04 00:07:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011.12.04 00:06:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.12.03 23:45:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011.12.03 23:26:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011.12.03 23:26:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2011.12.03 23:26:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011.12.03 23:14:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011.12.03 20:40:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\InstallShield
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.12.18 23:12:48 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011.12.18 23:07:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\****\Desktop\OTL.exe
[2011.12.18 23:03:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.18 23:03:43 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.18 22:59:56 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\****\defogger_reenable
[2011.12.18 22:58:04 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\****\Desktop\Defogger.exe
[2011.12.18 20:12:54 | 000,297,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.18 20:08:38 | 000,495,078 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.12.18 20:08:38 | 000,471,622 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.12.18 20:08:38 | 000,100,120 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.12.18 20:08:38 | 000,083,686 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.12.18 20:03:27 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.12.18 19:31:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.04 10:30:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Erweiterte Garantie.job
[2011.12.03 23:18:11 | 000,251,712 | ---- | M] () -- C:\ntldr
[2011.12.03 20:42:06 | 000,001,527 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WiFi Station.lnk
[2011.11.27 21:18:30 | 000,002,726 | ---- | M] () -- C:\Dokumente und Einstellungen\****\Eigene Dateien\parcour.rtf
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.12.18 22:59:56 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\****\defogger_reenable
[2011.12.18 22:58:04 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\****\Desktop\Defogger.exe
[2011.12.03 20:42:06 | 000,001,527 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WiFi Station.lnk
[2011.11.27 21:10:31 | 000,002,726 | ---- | C] () -- C:\Dokumente und Einstellungen\****\Eigene Dateien\parcour.rtf
[2011.06.26 15:19:11 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit.INI
[2011.06.12 11:24:40 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\****\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.14 16:59:03 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2011.02.20 19:46:52 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7L.DLL
[2011.02.09 21:54:55 | 000,002,592 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.02.07 22:24:14 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.02.07 22:12:12 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.02.07 22:05:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.02.07 22:05:03 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011.02.07 22:05:00 | 000,226,857 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011.02.07 22:05:00 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011.02.07 18:36:24 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\****\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2011.02.07 18:29:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2011.02.07 18:23:46 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2011.02.07 18:22:20 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011.02.07 18:21:39 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.02.07 18:12:45 | 000,000,626 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2011.02.07 18:10:36 | 000,006,929 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2011.02.07 18:09:13 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.02.07 18:01:43 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009.06.26 17:21:02 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX3000.ini
[2006.04.10 14:18:00 | 000,006,741 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005.11.22 13:11:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005.11.14 14:40:28 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2005.11.10 11:30:04 | 003,596,288 | R--- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.11.10 11:30:04 | 000,831,488 | R--- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.11.10 11:30:04 | 000,159,744 | R--- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005.11.10 11:30:02 | 000,524,288 | R--- | C] () -- C:\WINDOWS\System32\divxsm.exe
[2005.11.10 11:30:02 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\dtu100.dll
[2005.10.10 17:12:04 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\sockspy.dll
[2004.11.30 04:10:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\besch.exe
[2004.11.30 04:10:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004.08.11 19:13:19 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004.08.11 19:10:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004.08.11 19:03:37 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.08.11 18:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.08.11 18:56:16 | 000,297,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004.08.11 18:48:09 | 000,495,078 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004.08.11 18:48:09 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004.08.11 18:48:09 | 000,100,120 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004.08.11 18:48:09 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004.08.11 18:47:49 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.11 18:47:46 | 000,471,622 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.11 18:47:46 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.11 18:47:46 | 000,083,686 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.11 18:47:46 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.11 18:47:45 | 000,004,613 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.11 18:47:43 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.11 18:47:41 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.08.11 18:47:34 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.11 18:47:34 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.11 18:47:25 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003.10.02 01:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003.10.02 01:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2002.12.06 17:37:06 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll

========== LOP Check ==========

[2011.02.20 19:46:58 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2011.02.07 21:14:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Driver Whiz
[2011.06.20 09:18:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Easybits GO
[2011.07.02 21:01:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2011.02.07 18:12:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OD2
[2011.02.07 21:55:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2011.02.07 18:15:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2011.02.07 18:10:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2011.02.23 21:15:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Canon
[2011.11.18 21:35:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\go
[2011.07.02 20:45:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Leadertech
[2011.02.23 21:14:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Ulead Systems
[2011.12.04 10:30:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\Tasks\Erweiterte Garantie.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*. >
[2011.02.08 08:30:54 | 000,000,000 | ---D | M] -- C:\003914cbf4e6f12bc5
[2011.02.08 08:26:09 | 000,000,000 | ---D | M] -- C:\259eb95eb31c64f26756e4ba3bc4
[2011.05.13 11:34:15 | 000,000,000 | ---D | M] -- C:\960a64370aa33ab31255b86f2ea30d
[2011.02.07 18:22:43 | 000,000,000 | ---D | M] -- C:\APPS
[2011.02.07 22:04:00 | 000,000,000 | ---D | M] -- C:\ATI
[2011.05.08 19:47:52 | 000,000,000 | ---D | M] -- C:\bc1cbe7a8e3e1eaf14557fd08a
[2011.05.08 19:45:39 | 000,000,000 | ---D | M] -- C:\bc68f6a1d2941146903ec77c91
[2011.02.07 22:39:48 | 000,000,000 | ---D | M] -- C:\c0a9f8b1cf03d418b4
[2011.02.20 19:46:55 | 000,000,000 | ---D | M] -- C:\CanonMP
[2011.02.07 18:07:08 | 000,000,000 | RHSD | M] -- C:\cmdcons
[2011.12.18 20:12:52 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2011.02.07 18:10:07 | 000,000,000 | -H-D | M] -- C:\DIVTOOLS
[2011.02.07 18:36:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2011.02.07 18:36:31 | 000,000,000 | -HSD | M] -- C:\DRIVERS
[2011.09.05 19:03:28 | 000,000,000 | -HSD | M] -- C:\found.000
[2011.02.07 22:08:48 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.02.07 18:09:52 | 000,000,000 | ---D | M] -- C:\My Music
[2011.02.07 19:43:08 | 000,000,000 | -H-D | M] -- C:\PNP
[2011.07.02 21:01:54 | 000,000,000 | ---D | M] -- C:\ProgramData
[2011.07.02 20:45:17 | 000,000,000 | R--D | M] -- C:\Programme
[2011.02.07 21:09:42 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011.12.18 21:16:39 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.12.18 20:13:21 | 000,000,000 | ---D | M] -- C:\WINDOWS

< %PROGRAMFILES%\*.exe >

Invalid Environment Variable: LOCALAPPDATA

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.manifest /3 >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]


< MD5 for: AFD.SYS >
[2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\SoftwareDistribution\Download\43f8920a763d09a9c6404053368aa5ee\SP3GDR\afd.sys
[2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\dllcache\afd.sys
[2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\drivers\afd.sys
[2008.04.13 20:19:23 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[2008.04.13 20:19:23 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\ServicePackFiles\i386\afd.sys
[2008.10.16 16:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=38D7B715504DA4741DF35E3594FE2099 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys
[2008.10.16 16:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=38D7B715504DA4741DF35E3594FE2099 -- C:\WINDOWS\SoftwareDistribution\Download\e424457fa03b62ac525a28d5c035253c\sp3qfe\afd.sys
[2008.08.14 11:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
[2008.08.14 10:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\WINDOWS\$NtServicePackUninstall$\afd.sys
[2004.08.04 14:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\$NtUninstallKB951748_0$\afd.sys
[2008.08.14 10:48:52 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=6A0397376853E604DE8E1E7A87FC08AC -- C:\WINDOWS\$hf_mig$\KB956803\SP2QFE\afd.sys
[2008.10.16 15:43:01 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7618D5218F2A614672EC61A80D854A37 -- C:\WINDOWS\$NtUninstallKB2592799$\afd.sys
[2008.10.16 15:43:01 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7618D5218F2A614672EC61A80D854A37 -- C:\WINDOWS\SoftwareDistribution\Download\e424457fa03b62ac525a28d5c035253c\sp3gdr\afd.sys
[2008.08.14 11:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\$hf_mig$\KB956803\SP3GDR\afd.sys
[2008.08.14 11:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\$NtUninstallKB2509553$\afd.sys
[2008.06.20 11:44:38 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=944CA435BFCFC82CC1ED9E3A7D731AA9 -- C:\WINDOWS\$NtUninstallKB956803_0$\afd.sys
[2008.06.20 12:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
[2008.06.20 11:44:08 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=D99DDFFB33DEACDCF20717CB520379F6 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
[2008.06.20 12:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
[2008.06.20 12:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[2011.08.17 14:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys
[2011.08.17 14:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\SoftwareDistribution\Download\43f8920a763d09a9c6404053368aa5ee\SP3QFE\afd.sys

< MD5 for: EXPLORER.EXE >
[2004.08.04 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: IPSEC.SYS >
[2008.04.13 20:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\ServicePackFiles\i386\ipsec.sys
[2008.04.13 20:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys
[2004.08.04 14:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=64537AA5C003A6AFEEE1DF819062D0D1 -- C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys

< MD5 for: REGEDIT.EXE >
[2004.08.04 14:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2004.08.04 14:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\I386\REGEDIT.EXE
[2008.04.14 03:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\regedit.exe
[2008.04.14 03:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe

< MD5 for: USERINIT.EXE >
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2011.11.23 15:40:13 | 001,859,712 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-12-18 19:08:54

< >

< End of report >

 

Themen zu TR/Crypt.XPACK.Gen3 von Avira Antivir Personal gemeldet in C:\Windows\Temp\tmp...
0x00000001, antivir, avira, bho, c:\windows\system32\rundll32.exe, defender, download, einstellungen, explorer, firefox, fontcache, format, hdaudio.sys, home, internet, logfile, microsoft, neustart, packard bell, plug-in, realtek, registry, required, rundll, security, security update, software, temp, tr/crypt.xpack.ge, tr/crypt.xpack.gen, trojaner, win32k.sys, windows, winlogon, winlogon.exe


« Ihr Windowssystem wurde aus sicherheitsgründen Blockiert! | Firefox öffnet immer ein tab mit einerleeren seite (mit inhalt google) »


Ähnliche Themen: TR/Crypt.XPACK.Gen3 von Avira Antivir Personal gemeldet in C:\Windows\Temp\tmp...


  1. tr/crypt.xpack.gen3 und AVIRA
    Plagegeister aller Art und deren Bekämpfung - 25.12.2014 (3)
  2. Avira Guard meldet TR/Crypt.XPACK.Gen3 - Trojaner
    Log-Analyse und Auswertung - 26.05.2013 (25)
  3. Avira schlägt bei Spielinstallation an: TR/Crypt.XPACK.Gen3
    Log-Analyse und Auswertung - 22.01.2012 (2)
  4. tr/crypt.xpack.gen3 in c:\windows\temp
    Log-Analyse und Auswertung - 02.06.2011 (11)
  5. AVIRA AntiVir findet TR/Crypt.XPACK.Gen3 und TR/Spy.399872.36
    Plagegeister aller Art und deren Bekämpfung - 31.03.2011 (26)
  6. tr crypt.xpack.gen3 und Absturz AntiVir
    Plagegeister aller Art und deren Bekämpfung - 20.03.2011 (19)
  7. AntiVir: TR/Crypt.XPACK.Gen3 in Firefox-Cache
    Plagegeister aller Art und deren Bekämpfung - 11.03.2011 (42)
  8. crypt.xpack.gen3 Fund durch AntiVir
    Plagegeister aller Art und deren Bekämpfung - 24.02.2011 (9)
  9. AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll
    Plagegeister aller Art und deren Bekämpfung - 04.01.2011 (2)
  10. Avira fand TR/Crypt.XPACK.Gen3. bin ich sicher?
    Plagegeister aller Art und deren Bekämpfung - 09.12.2010 (4)
  11. TR/Crypt.XPACK.Gen3 von Avira Guard gefunden
    Plagegeister aller Art und deren Bekämpfung - 19.11.2010 (9)
  12. Infizierung mit "TR/Crypt.XPACK.Gen3" in C:/Windows/Temp/...
    Plagegeister aller Art und deren Bekämpfung - 23.10.2010 (4)
  13. infizierung: TR/Crypt.XPACK.Gen3" in C:/Windows/Temp/...
    Mülltonne - 18.10.2010 (1)
  14. TR/Crypt.XPACK.Gen3 und TR/Dropper.Gen in C:\Windows\Temp\
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (4)
  15. TR/crypt.xpack.gen3 in Vista im Ordner c:\windows\temp\TMP....
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (8)
  16. 'TR/Crypt.XPACK.Gen3' in C:\WINDOWS\Temp\TMP24.tmp
    Plagegeister aller Art und deren Bekämpfung - 09.10.2010 (1)
  17. Massenweise Viren werden in Windows/Temp erstellt (Tr/Crypt.xpack.Gen3+TR/Crypt.Pepn.Gen und andere)
    Plagegeister aller Art und deren Bekämpfung - 08.10.2010 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR/Crypt.XPACK.Gen3 von Avira Antivir Personal gemeldet in C:\Windows\Temp\tmp... - Guten Abend, ich bin in diesem Forum gelandet, weil der Rechner meines Nachbarn bei mir gelandet ist (XP, SP3). Bei diesem Rechner wird durch Avira Antivir Personal der Trojaner TR/Crypt.XPACK.Gen3 - TR/Crypt.XPACK.Gen3 von Avira Antivir Personal gemeldet in C:\Windows\Temp\tmp......
Archiv
Du betrachtest: TR/Crypt.XPACK.Gen3 von Avira Antivir Personal gemeldet in C:\Windows\Temp\tmp... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131