Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: antivir meldet TR/Crypt.XPACK.Gen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 09.03.2011, 12:07   #1
jpr84
 
antivir meldet TR/Crypt.XPACK.Gen - Standard

antivir meldet TR/Crypt.XPACK.Gen



hallo, bei mir wird von avira antivir die malware TR/Crypt.XPACK.Gen gefunden. kann jemand mir vielleicht sagen, wo das problem liegt? vielen dank, wenn jemand die antwort postet!

mein hijackthis-logfile lautet:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:01:21, on 09.03.2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files (x86)\3CX Assistant\tcx.assistant.client.exe
E:\Program Files (x86)\3CX Assistant\3CXPhone.exe
E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
E:\Program Files (x86)\Priacta\Trog Bar\Trog Bar.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
E:\Program Files (x86)\3CX Assistant\CRM\3CX Assistant CRM.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
E:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://d8n4mx4j/argoweb/aaf001web/argomain.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Sopcast Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [3CXAssistant] ""e:\Program Files (x86)\3CX Assistant\\tcx.assistant.client.exe""
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Trog Bar] E:\Program Files (x86)\Priacta\Trog Bar\Trog Bar.exe /Startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] e:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
O4 - Startup: 3CXPhone.lnk = E:\Program Files (x86)\3CX Assistant\3CXPhone.exe
O4 - Global Startup: 3CX Assistant.lnk = E:\Program Files (x86)\3CX Assistant\tcx.assistant.client.exe
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: hxxp://*.d8n4mx4j
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = z-management.ch
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = z-management.ch
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = z-management.ch
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 3CX PhoneSystem Database Server - PostgreSQL Global Development Group - E:/Program Files (x86)/3CX PhoneSystem/Bin/pgsql/bin/pg_ctl.exe
O23 - Service: 3CX PhoneSystem Assistant Server (3CXAssistantServer) - 3CX Ltd - E:\Program Files (x86)\3CX PhoneSystem\Bin\Assistant\3CXAssistantServer.exe
O23 - Service: 3CX PhoneSystem Call History (3CXCallHistoryService) - 3CX - E:\Program Files (x86)\3CX PhoneSystem\Bin\3CXCallHistoryService.exe
O23 - Service: 3CX PhoneSystem Configuration Service (3CXCfgServ) - 3CX Ltd - E:\Program Files (x86)\3CX PhoneSystem\Bin\3CXSLDBServ.exe
O23 - Service: 3CX PhoneSystem Conference Room (3CXConferenceRoom) - 3CX Software Ltd. - E:\Program Files (x86)\3CX PhoneSystem\Bin\3CXCP.exe
O23 - Service: 3CX PhoneSystem FAX Server (3CXFAXSrv) - 3CX Software Ltd. - E:\Program Files (x86)\3CX PhoneSystem\Bin\3CXFaxServer.exe
O23 - Service: 3CX PhoneSystem Digital Receptionist (3CXIvr) - 3CX Software Ltd. - E:\Program Files (x86)\3CX PhoneSystem\Bin\3CXIvrServer.exe
O23 - Service: 3CX PhoneSystem Media Server (3CXMediaServer) - 3CX Software Ltd. - E:\Program Files (x86)\3CX PhoneSystem\Bin\3CXMediaServer.exe
O23 - Service: 3CX PhoneSystem Parking Orbit (3CXParkOrbit) - 3CX Software Ltd. - E:\Program Files (x86)\3CX PhoneSystem\Bin\3CXPO.exe
O23 - Service: 3CX PhoneSystem (3CXPhoneSystem) - 3CX Software Ltd. - E:\Program Files (x86)\3CX PhoneSystem\Bin\3CXPhoneSystem.exe
O23 - Service: 3CX PhoneSystem Queue Manager (3CXQueueManager) - Unknown owner - E:\Program Files (x86)\3CX PhoneSystem\Bin\VCEHost.exe
O23 - Service: 3CX PhoneSystem SIP/RTP Tunneling Proxy (3CXTunnel) - 3CX Software Ltd. - E:\Program Files (x86)\3CX PhoneSystem\Bin\3CXTunnel.exe
O23 - Service: 3CX PhoneSystem Voicemail Manager (3CXVBoxMgr) - 3CX - E:\Program Files (x86)\3CX PhoneSystem\Bin\3CXVoiceMailScanner.exe
O23 - Service: Abyss Web Server (AbyssWebServer) - Aprelium - E:\Program Files (x86)\3CX PhoneSystem\Bin\Webserver\abyssws.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11566 bytes

Alt 09.03.2011, 14:31   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
antivir meldet TR/Crypt.XPACK.Gen - Standard

antivir meldet TR/Crypt.XPACK.Gen



Bitte beachten => http://www.trojaner-board.de/95173-b...es-posten.html und http://www.trojaner-board.de/69886-a...-beachten.html
__________________

__________________

Antwort

Themen zu antivir meldet TR/Crypt.XPACK.Gen
adobe, antivir, antivir guard, antivir meldet, avg, avira, bho, desktop, explorer, firefox, hijack, hängen, internet, internet explorer, malware, mozilla, object, pdf, problem, proxy, safer networking, security, server, software, syswow64, tr/crypt.xpack.ge, tr/crypt.xpack.gen, windows, wmp



Ähnliche Themen: antivir meldet TR/Crypt.XPACK.Gen


  1. Antivir meldet TR/Crypt.XPACK.Gen2 in C:\WINDOWS\system32\dwwin.exe
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (8)
  2. AntiVir meldet Crypt.XPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 18.01.2011 (18)
  3. Avira AntiVir meldet Trojaner TR/Crypt.XPACK.Gen - was tun?
    Plagegeister aller Art und deren Bekämpfung - 20.12.2010 (9)
  4. Antivir meldet: Trojanische Pferd TR/Crypt.XPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 07.12.2010 (10)
  5. Antivir meldet Fund: Trojanische Pferd TR/Crypt.XPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 04.12.2010 (8)
  6. Hilfe! ANTIVIR meldet TR/Crypt.XPACK.Gen
    Log-Analyse und Auswertung - 20.11.2009 (6)
  7. AV-Antivir meldet TR/Crypt.XPACK.Gen
    Log-Analyse und Auswertung - 02.06.2009 (5)
  8. Antivir meldet TR/crypt.xpack.gen auf einem DVD-File!!!
    Plagegeister aller Art und deren Bekämpfung - 25.05.2009 (35)
  9. Antivir meldet TR/crypt.xpack.gen auf einem DVD-File!!!
    Log-Analyse und Auswertung - 12.05.2009 (0)
  10. Antivir meldet Trojaner TR/Crypt.XPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 08.05.2009 (4)
  11. Antivir meldet TR/Crypt.XPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 25.02.2009 (8)
  12. Antivir meldet TR/Crypt.XPACK.Gen und oder Virtumonde
    Log-Analyse und Auswertung - 02.01.2009 (0)
  13. Antivir meldet Crypt.XPACK.Gen
    Mülltonne - 29.12.2008 (1)
  14. AntiVir meldet: TR/Crypt.XPACK.Gen
    Log-Analyse und Auswertung - 01.11.2008 (0)
  15. AntiVir meldet: TR/Crypt.XPACK.Gen
    Mülltonne - 29.10.2008 (0)
  16. Antivir meldet Trojaner TR/Crypt.XPACK.Gen
    Log-Analyse und Auswertung - 25.08.2008 (10)
  17. Antivir meldet DR/WinAD.BQ.7, TR/Crypt.XPACK.Gen und DR/Zlob.Gen
    Log-Analyse und Auswertung - 11.06.2008 (7)

Zum Thema antivir meldet TR/Crypt.XPACK.Gen - hallo, bei mir wird von avira antivir die malware TR/Crypt.XPACK.Gen gefunden. kann jemand mir vielleicht sagen, wo das problem liegt? vielen dank, wenn jemand die antwort postet! mein hijackthis-logfile lautet: - antivir meldet TR/Crypt.XPACK.Gen...
Archiv
Du betrachtest: antivir meldet TR/Crypt.XPACK.Gen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.