![]() |
|
Log-Analyse und Auswertung: tr crypt.xpack.gen Bitte um Hilfe.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #7 |
| ![]() tr crypt.xpack.gen Bitte um Hilfe. Ich bin keine Frau, es lohnt sich nicht um mich zu streiten ![]() So hier nochmal zu Punkt 4: Für DAPBHO.dll: Code:
ATTFilter Datei DAPBHO.dll empfangen 2009.09.19 09:39:27 (UTC) Ergebnis: 0/41 (0%) Antivirus Version letzte aktualisierung Ergebnis a-squared 4.5.0.24 2009.09.19 - AhnLab-V3 5.0.0.2 2009.09.19 - AntiVir 7.9.1.19 2009.09.18 - Antiy-AVL 2.0.3.7 2009.09.18 - Authentium 5.1.2.4 2009.09.19 - Avast 4.8.1351.0 2009.09.18 - AVG 8.5.0.412 2009.09.19 - BitDefender 7.2 2009.09.19 - CAT-QuickHeal 10.00 2009.09.19 - ClamAV 0.94.1 2009.09.19 - Comodo 2366 2009.09.19 - DrWeb 5.0.0.12182 2009.09.19 - eSafe 7.0.17.0 2009.09.17 - eTrust-Vet 31.6.6746 2009.09.18 - F-Prot 4.5.1.85 2009.09.18 - F-Secure 8.0.14470.0 2009.09.18 - Fortinet 3.120.0.0 2009.09.19 - GData 19 2009.09.19 - Ikarus T3.1.1.72.0 2009.09.19 - Jiangmin 11.0.800 2009.09.19 - K7AntiVirus 7.10.848 2009.09.18 - Kaspersky 7.0.0.125 2009.09.19 - McAfee 5745 2009.09.18 - McAfee+Artemis 5745 2009.09.18 - McAfee-GW-Edition 6.8.5 2009.09.18 - Microsoft 1.5005 2009.09.19 - NOD32 4439 2009.09.19 - Norman 6.01.09 2009.09.18 - nProtect 2009.1.8.0 2009.09.19 - Panda 10.0.2.2 2009.09.18 - PCTools 4.4.2.0 2009.09.18 - Prevx 3.0 2009.09.19 - Rising 21.47.52.00 2009.09.19 - Sophos 4.45.0 2009.09.19 - Sunbelt 3.2.1858.2 2009.09.19 - Symantec 1.4.4.12 2009.09.19 - TheHacker 6.5.0.2.012 2009.09.18 - TrendMicro 8.950.0.1094 2009.09.18 - VBA32 3.12.10.10 2009.09.18 - ViRobot 2009.9.18.1943 2009.09.18 - VirusBuster 4.6.5.0 2009.09.18 - weitere Informationen File size: 98304 bytes MD5...: 8fb460381cfa2bafcc976973b3e0264a SHA1..: d0c191923420945bf265e67083c7af0b677375ab SHA256: e800bdd8e230ba53110ad8b1bb0b509b91b288679be6c4455ddd2ce5a611a867 ssdeep: 1536:kiArk3z4TBRkT3H6HvJJWcYlHyzmBJgC:kiArTFRkcYlHyzm PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x87cd timedatestamp.....: 0x3f97fb7e (Thu Oct 23 16:02:06 2003) machinetype.......: 0x14c (I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xc575 0xd000 6.24 ad1da692725562c85280b0c822ffdd51 .rdata 0xe000 0x1de3 0x2000 5.11 2e17ad533414ad987bb9f3999a505db4 .data 0x10000 0x6f08 0x4000 1.92 e41d06a9991205ab29b88d931a0a129e .rsrc 0x17000 0x1708 0x2000 3.63 a7ed5f3991f91ce9e4be02cfc9a3c845 .reloc 0x19000 0x1570 0x2000 3.40 b33a69249cb86aee4c406bd6742ec560 ( 8 imports ) > KERNEL32.dll: CreateFileA, lstrlenA, GetFileSize, SetFilePointer, GetLastError, CloseHandle, FlushFileBuffers, GetSystemTime, MultiByteToWideChar, CreateProcessA, Sleep, WriteFile, InterlockedIncrement, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, WideCharToMultiByte, DisableThreadLibraryCalls, lstrcatA, lstrlenW, lstrcmpiA, LocalFree, TlsGetValue, SetLastError, HeapReAlloc, HeapAlloc, HeapSize, GetCPInfo, IsBadReadPtr, IsBadWritePtr, IsBadCodePtr, SetUnhandledExceptionFilter, VirtualFree, VirtualAlloc, HeapDestroy, GetVersionExA, HeapCreate, GetStringTypeW, GetStringTypeA, lstrcpyA, LoadLibraryA, GetProcAddress, GetOEMCP, GetACP, InterlockedDecrement, RtlUnwind, GetCommandLineA, GetVersion, RaiseException, ExitProcess, TerminateProcess, GetCurrentProcess, LCMapStringW, GetCurrentThreadId, TlsSetValue, TlsAlloc, TlsFree, HeapFree, LCMapStringA, GetModuleHandleA, GetEnvironmentVariableA, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, GetModuleFileNameA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW > USER32.dll: SendMessageA, wsprintfA, FindWindowA, MessageBoxA, LoadStringA, GetClassNameA, PostMessageA > ADVAPI32.dll: RegEnumKeyA, RegEnumValueA, RegDeleteKeyA, RegOpenKeyExA, RegCloseKey, RegCreateKeyExA, RegSetValueExA, RegQueryValueExA, RegOpenKeyA > ole32.dll: CoCreateInstance, CoTaskMemAlloc, CoTaskMemFree, StringFromCLSID, CoDisconnectObject > OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, - > urlmon.dll: CoInternetGetSession > WININET.dll: InternetGetCookieA > ATL.DLL: -, -, -, -, -, -, -, -, - ( 4 exports ) DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer RDS...: NSRL Reference Data Set - trid..: DirectShow filter (52.6%) Windows OCX File (32.2%) Win32 Executable MS Visual C++ (generic) (9.8%) Win32 Executable Generic (2.2%) Win32 Dynamic Link Library (generic) (1.9%) pdfid.: - sigcheck: publisher....: Speedbit Ltd. copyright....: Copyright 2001-2002 product......: DAPBHO Module description..: DAP IE Browser Helper Module original name: DAPBHO.DLL internal name: DAPBHO file version.: 5, 3, 9, 5 comments.....: signers......: - signing date.: - verified.....: Unsigned Für cy37722.dll: Code:
ATTFilter Datei cy37722.dll empfangen 2009.09.19 09:42:26 (UTC) Ergebnis: 0/40 (0%) Antivirus Version letzte aktualisierung Ergebnis a-squared 4.5.0.24 2009.09.19 - AhnLab-V3 5.0.0.2 2009.09.19 - AntiVir 7.9.1.19 2009.09.18 - Antiy-AVL 2.0.3.7 2009.09.18 - Authentium 5.1.2.4 2009.09.19 - Avast 4.8.1351.0 2009.09.18 - AVG 8.5.0.412 2009.09.19 - BitDefender 7.2 2009.09.19 - CAT-QuickHeal 10.00 2009.09.19 - ClamAV 0.94.1 2009.09.19 - Comodo 2366 2009.09.19 - DrWeb 5.0.0.12182 2009.09.19 - eTrust-Vet 31.6.6746 2009.09.18 - F-Prot 4.5.1.85 2009.09.18 - F-Secure 8.0.14470.0 2009.09.18 - Fortinet 3.120.0.0 2009.09.19 - GData 19 2009.09.19 - Ikarus T3.1.1.72.0 2009.09.19 - Jiangmin 11.0.800 2009.09.19 - K7AntiVirus 7.10.848 2009.09.18 - Kaspersky 7.0.0.125 2009.09.19 - McAfee 5745 2009.09.18 - McAfee+Artemis 5745 2009.09.18 - McAfee-GW-Edition 6.8.5 2009.09.18 - Microsoft 1.5005 2009.09.19 - NOD32 4439 2009.09.19 - Norman 6.01.09 2009.09.18 - nProtect 2009.1.8.0 2009.09.19 - Panda 10.0.2.2 2009.09.18 - PCTools 4.4.2.0 2009.09.18 - Prevx 3.0 2009.09.19 - Rising 21.47.52.00 2009.09.19 - Sophos 4.45.0 2009.09.19 - Sunbelt 3.2.1858.2 2009.09.19 - Symantec 1.4.4.12 2009.09.19 - TheHacker 6.5.0.2.012 2009.09.18 - TrendMicro 8.950.0.1094 2009.09.18 - VBA32 3.12.10.10 2009.09.18 - ViRobot 2009.9.18.1943 2009.09.18 - VirusBuster 4.6.5.0 2009.09.18 - weitere Informationen File size: 225280 bytes MD5...: bc9046b00b7aa0e2d21e7ca96f4e635d SHA1..: 1b5e7455289177e515b5aa6324a8de754a7629e1 SHA256: 79eac809839df8c984e9045204bebcc313995dbd062e705d98b465f64658e14d ssdeep: 3072:e53qp6G8lSQ5B3h36PCZqGOlyXqpw8a7Fps1RK65eLoWzt0Gn/q6p6PU32A 5RSvV:j6GMB0uVKTPByiGn/d6P8zRSvD PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1abcb timedatestamp.....: 0x4aa50b9f (Mon Sep 07 13:33:19 2009) machinetype.......: 0x14c (I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x21640 0x22000 6.35 69c074fc999249e254c4d91d467e6021 .rdata 0x23000 0x9f10 0xa000 5.42 f6eb95c1d38a098c6c9edb10c484dcfd .data 0x2d000 0x498e1c 0x3000 3.57 63fac173f0dde23631c6c8394900e434 .rsrc 0x4c6000 0xa60 0x1000 2.50 2fa13863cba46a0a206cb97dc45b8632 .reloc 0x4c7000 0x5450 0x6000 2.75 1f97d50df1ad28c2d2edf32e4673cc70 ( 10 imports ) > WININET.dll: InternetCheckConnectionA > urlmon.dll: CoInternetCompareUrl, UrlMkSetSessionOption > KERNEL32.dll: GetThreadLocale, InitializeCriticalSection, DeleteCriticalSection, LeaveCriticalSection, InterlockedIncrement, EnterCriticalSection, InterlockedDecrement, MultiByteToWideChar, GetModuleFileNameA, GetLastError, WideCharToMultiByte, lstrlenW, SizeofResource, LoadResource, FindResourceA, LoadLibraryExA, lstrcmpiA, lstrcpynA, IsDBCSLeadByte, GetModuleHandleA, lstrcatA, lstrcmpiW, ExitProcess, lstrcatW, lstrcpyW, GetVolumeInformationA, CreateProcessA, CloseHandle, TerminateThread, WaitForSingleObject, CreateThread, SetFileTime, WriteFile, GetFileTime, CreateFileA, Process32Next, Module32First, FlushFileBuffers, SetStdHandle, VirtualQuery, GetLocaleInfoA, VirtualProtect, LCMapStringW, LCMapStringA, SetFilePointer, GetStringTypeW, GetStringTypeA, IsBadCodePtr, IsBadReadPtr, GetCPInfo, GetOEMCP, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, GetStartupInfoA, GetFileType, GetStdHandle, SetHandleCount, IsBadWritePtr, VirtualAlloc, VirtualFree, HeapCreate, HeapDestroy, SetUnhandledExceptionFilter, TlsAlloc, GetACP, GetVersionExA, InterlockedExchange, RaiseException, Sleep, LoadLibraryA, GetProcAddress, FreeLibrary, lstrlenA, lstrcpyA, DisableThreadLibraryCalls, HeapFree, TlsGetValue, SetLastError, TlsFree, HeapSize, GetCurrentProcess, TerminateProcess, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetCommandLineA, RtlUnwind, LocalFree, HeapReAlloc, HeapAlloc, GetSystemInfo, GetCurrentThreadId, TlsSetValue, GetSystemTimeAsFileTime > USER32.dll: GetActiveWindow, OpenIcon, CloseWindow, GetKBCodePage, LoadStringA, GetMenuItemCount, EndDialog, CreateMenu, DestroyMenu, GetFocus, GetDoubleClickTime, FindWindowA, CreateDialogParamA, wsprintfA, UpdateWindow, IsDlgButtonChecked, GetParent, EnableWindow, GetMenu, GetInputState, IsWindowEnabled, KillTimer, GetCapture, GetKeyboardLayout, GetScrollPos, wsprintfW, GetKeyboardType, GetSubMenu, CallMsgFilterA, GetMenuCheckMarkDimensions, IsWindowVisible, CharNextA, SetCaretBlinkTime, FlashWindow, EnumWindows, SetTimer > ADVAPI32.dll: RegCloseKey, RegSetValueExA, RegDeleteKeyA, RegOpenKeyA, RegQueryInfoKeyA, RegEnumKeyExA, RegCreateKeyExA, RegDeleteValueA, RegCreateKeyA, RegEnumKeyA, RegOpenKeyExA, RegQueryValueExA > SHELL32.dll: SHGetSpecialFolderPathA, ShellExecuteA > ole32.dll: CoTaskMemRealloc, StringFromCLSID, StringFromGUID2, CoTaskMemAlloc, CoTaskMemFree, CoCreateInstance > OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, - > SHLWAPI.dll: PathFindExtensionA > COMCTL32.dll: GetMUILanguage, InitCommonControlsEx ( 4 exports ) DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer RDS...: NSRL Reference Data Set - pdfid.: - trid..: DirectShow filter (52.6%) Windows OCX File (32.2%) Win32 Executable MS Visual C++ (generic) (9.8%) Win32 Executable Generic (2.2%) Win32 Dynamic Link Library (generic) (1.9%) sigcheck: publisher....: Microsoft Corporation copyright....: Copyright 2008 product......: XML parser library description..: XML parser library original name: xml2w32.dll internal name: libxml2 file version.: 1.0.352.7 comments.....: n/a signers......: - signing date.: - verified.....: Unsigned PS: Was sagst du dazu, dass Internet Explorer seine exes mehrmals nach dem Hochfahren startet? |
Themen zu tr crypt.xpack.gen Bitte um Hilfe. |
adobe, antivir, avira, bho, bitte um hilfe, crypt.xpack.gen, desktop, excel, explorer, google, hijack, hijackthis, home, internet, internet explorer, mozilla, object, plug-in, programm, rundll, schnelle hilfe, software, system, temp, trojaner, windows, windows xp |