Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
TR/Crypt.XPACK.Gen3

TR/Crypt.XPACK.Gen3


Plagegeister aller Art und deren Bekämpfung: TR/Crypt.XPACK.Gen3

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 3 1 2 3
Alt 18.03.2011, 15:32   #16
Kay K.
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


hmm keine datei bekommen... habe ich was falsch gemacht? habe den scan ausgeführt (not found)

Alt 18.03.2011, 15:41   #17
Kay K.
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


Normen TDSS Cleaner sagt auch nichts... ich meiner Scan areas steht nichts...

gruß kay
__________________
Alt 18.03.2011, 19:28   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


Wenn nichts gefunden wurde ist das ok.

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur einige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________
__________________
Alt 18.03.2011, 22:48   #19
Kay K.
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


hey...
hier der Bericht von GMER:
GMER Logfile:
Code:
ATTFilter
GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-03-18 22:49:58
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.BBFO
Running: bfmdswwk.exe; Driver: C:\Users\Kay\AppData\Local\Temp\kxrdqpow.sys


---- Kernel code sections - GMER 1.0.15 ----

.text           C:\Windows\system32\DRIVERS\nvlddmkm.sys                                                                                                                                                                                                                                     section is writeable [0x8C807340, 0x3A08F7, 0xE8000020]
                C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl                                                                                                                                                                                                                       entry point in "" section [0xA6825000]
.clc            C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl                                                                                                                                                                                                                       unknown last section [0xA6826000, 0x1000, 0x00000000]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             \SystemRoot\system32\DRIVERS\tdx.sys[TDI.SYS!TdiRegisterDeviceObject]                                                                                                                                                                                                        [88DD0FE6] \SystemRoot\system32\drivers\BMLoad.sys (Bytemobile Kernel Driver Loader/Bytemobile, Inc.)
IAT             \SystemRoot\system32\DRIVERS\smb.sys[TDI.SYS!TdiRegisterDeviceObject]                                                                                                                                                                                                        [88DD0FE6] \SystemRoot\system32\drivers\BMLoad.sys (Bytemobile Kernel Driver Loader/Bytemobile, Inc.)
IAT             \SystemRoot\System32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject]                                                                                                                                                                                                      [88DD0FE6] \SystemRoot\system32\drivers\BMLoad.sys (Bytemobile Kernel Driver Loader/Bytemobile, Inc.)

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                                                                                                                                                                                        [735E7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                                                                                                                                                                                         [7363A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                                                                                                                                                                                     [735EBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                                                                                                                                                                               [735DF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                                                                                                                                                                                         [735E75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                                                                                                                                                                                      [735DE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM]                                                                                                                                                                          [73618395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream]                                                                                                                                                                             [735EDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                                                                                                                                                                                     [735DFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                                                                                                                                                                                      [735DFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                                                                                                                                                                                       [735D71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM]                                                                                                                                                                               [7366CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile]                                                                                                                                                                                  [7360C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                                                                                                                                                                                     [735DD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                                                                                                                                                                                               [735D6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                                                                                                                                                                              [735D687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                                                                                                                                                                                 [735E2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread]                                                                                                                                                                                  [10002300] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread]                                                                                                                                                                      [10001B30] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                                                                                                                                                                                [10002690] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT             C:\Windows\Explorer.EXE[2904] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                                                                                                                                                                                  [10001290] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                                                                                                                                                                                      Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                                                                                                                                                                                      Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\tdx \Device\Tcp                                                                                                                                                                                                                                                      tcpipBM.SYS (Bytemobile Kernel Network Provider/Bytemobile, Inc.)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\001dd9f17e5a                                                                                                                                                                                                  
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\001dd9f17e5a@0012ee8a2620                                                                                                                                                                                     0xF1 0xF0 0x3C 0xC8 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\001dd9f17e5a@001e458daed0                                                                                                                                                                                     0x4B 0x48 0x8A 0xA1 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\001dd9f17e5a@0024919c07c4                                                                                                                                                                                     0xAE 0xA5 0x7C 0x24 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BthPort\Parameters\Keys\001dd9f17e5a (not active ControlSet)                                                                                                                                                                              
Reg             HKLM\SYSTEM\ControlSet003\Services\BthPort\Parameters\Keys\001dd9f17e5a@0012ee8a2620                                                                                                                                                                                         0xF1 0xF0 0x3C 0xC8 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BthPort\Parameters\Keys\001dd9f17e5a@001e458daed0                                                                                                                                                                                         0x4B 0x48 0x8A 0xA1 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BthPort\Parameters\Keys\001dd9f17e5a@0024919c07c4                                                                                                                                                                                         0xAE 0xA5 0x7C 0x24 ...
Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Service\Scheduler@Heartbeat                                                                                                                                                                                      0xEC 0x1E 0x5A 0x90 ...
Reg             HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@E:\Privat\Download\xb4s\Cyberlink.PowerDVD.v6.0.1102.Multilanguage.by.GEAR.for.www.g\Cyberlink.PowerDVD.v6.0.1102.Multilanguage.by.GEAR.for.www.goldesel.6x.to\Setup.exe  1

---- EOF - GMER 1.0.15 ----
--- --- ---
Alt 18.03.2011, 22:59   #20
Kay K.
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


hier OSAM log file:
OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 23:02:17 on 18.03.2011

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 3.6.15

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskUserS-1-5-21-1283713252-3167488077-3547314567-1000Core.job" - "Google Inc." - C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-1283713252-3167488077-3547314567-1000UA.job" - "Google Inc." - C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"Bytemobile Boot Time Load Driver" (BMLoad) - "Bytemobile, Inc." - C:\Windows\System32\drivers\BMLoad.sys
"Bytemobile Kernel Network Provider" (tcpipBM) - "Bytemobile, Inc." - C:\Windows\system32\drivers\tcpipBM.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys
"int15" (int15) - "Acer, Inc." - C:\Acer\Empowering Technology\eRecovery\int15.sys
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"kxrdqpow" (kxrdqpow) - ? - C:\Users\Kay\AppData\Local\Temp\kxrdqpow.sys  (Hidden registry entry, rootkit activity | File not found)
"PSDFilter" (PSDFilter) - "Egis Incorporated" - C:\Windows\System32\DRIVERS\psdfilter.sys
"PSDNServ" (PSDNServ) - "Egis Incorporated" - C:\Windows\System32\DRIVERS\PSDNServ.sys
"PSDVdisk" (psdvdisk) - "Egis Incorporated" - C:\Windows\System32\DRIVERS\PSDVdisk.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"UIM Drive Backup Image Plugin" (Uim_IM) - ? - C:\Windows\System32\Drivers\Uim_IM.sys  (File not found)
"Universal Image Mounter Controller" (UimBus) - ? - C:\Windows\System32\DRIVERS\UimBus.sys  (File not found)
"Upper Class Filter Driver" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\Windows\System32\DRIVERS\NTIDrvr.sys
"{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}" ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) - "Cyberlink Corp." - C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl

[Explorer]
-----( HKCU\Software\Classes\Folder\shellex\ColumnHandlers )-----
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} "DragDropProtect Class" - "Egis Incorporated" - C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
{2b45bd21-71f8-4c8c-a87a-7eeb25a1a3e0} "EPM-PO Shell Extensions" - ? - epm-po.dll  (File not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? -   (File not found | COM-object registry key not found)
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? -   (File not found | COM-object registry key not found)
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? -   (File not found | COM-object registry key not found)
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? -   (File not found | COM-object registry key not found)
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)
<binary data> "{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@btrez.dll,-4015" - ? - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
{B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} "@C:\Program Files\Windows Live\Companion\companionlang.dll,-600" - "Microsoft Corporation" - C:\Program Files\Windows Live\Companion\companioncore.dll
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
"ICQ7" - "ICQ, LLC." - C:\Program Files\ICQ7.0\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Acer eDataSecurity Management" - "Egis Incorporated." - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
<binary data> "Yahoo! Toolbar" - "Yahoo! Inc." - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} "{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{02478D38-C3F9-4efb-9B51-7695ECA05670} "&Yahoo! Toolbar Helper" - "Yahoo! Inc." - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{593DDEC6-7468-4cdd-90E1-42DADAA222E9} "DivX HiQ" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
{326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{9FDDE16B-836F-4806-AB1F-1455CBEFF289} "Windows Live Messenger Companion Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Companion\companioncore.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Kay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Empowering Technology Launcher.lnk" - "Acer Inc." - C:\Acer\Empowering Technology\eAPLauncher.exe  (Shortcut exists | File exists)
"SETAUDIO.EXE" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SETAUDIO.EXE
"SETRES.EXE" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SETRES.EXE
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"Google Update" - "Google Inc." - "C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe" /c
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"AppleSyncNotifier" - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"DivX Download Manager" - "DivX, LLC" - "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
"DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"eAudio" - "CyberLink" - "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
"eDataSecurity Loader" - "Egis Incorporated" - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
"IAAnotif" - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"
"Malwarebytes' Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"NeroFilterCheck" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"PlayMovie" - "CyberLink Corp." - "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"WarReg_PopUp" - "Acer Incorporated" - C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PCL hpz3l5mu" - "Hewlett-Packard Company" - C:\Windows\system32\hpz3l5mu.dll
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"eDataSecurity Service" (eDataSecurity Service) - "Egis Incorporated" - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
"eLock Service" (eLockService) - "Acer Inc." - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
"eNet Service" (eNet Service) - "Acer Inc." - C:\Acer\Empowering Technology\eNet\eNet Service.exe
"ePower Service" (WMIService) - "acer" - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
"eRecovery Service" (eRecoveryService) - "Acer Inc." - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
"eSettings Service" (eSettingsService) - ? - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"MobilityService" (MobilityService) - ? - C:\Acer\Mobility Center\MobilityService.exe
"MSCSPTISRV" (MSCSPTISRV) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
"NBService" (NBService) - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll
"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"PACSPTISVR" (PACSPTISVR) - ? - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll
"PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe  (File found, but it contains no detailed information)
"Raw Socket Service" (RS_Service) - "Acer Inc." - C:\Program Files\Acer\Acer VCM\RS_Service.exe
"Sony SPTI Service" (SPTISRV) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
"Vodafone Mobile Connect Service" (VMCService) - "Vodafone" - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
"Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----
"BMI over [MSAFD-Tcpip [RAW/IP]]" - "Bytemobile, Inc." - C:\Windows\system32\bmnet.dll
"BMI over [MSAFD-Tcpip [TCP/IP]]" - "Bytemobile, Inc." - C:\Windows\system32\bmnet.dll
"BMI over [MSAFD-Tcpip [UDP/IP]]" - "Bytemobile, Inc." - C:\Windows\system32\bmnet.dll

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru


Alt 18.03.2011, 23:02   #21
Kay K.
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


omg mir raucht der Kopf...

ich hoffe ich mach alles richtig....

Gruß kay

Alt 18.03.2011, 23:09   #22
Kay K.
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Acer, Inc.
BIOS Manufacturer: Acer
System Manufacturer: Acer, inc.
System Product Name: Aspire 5920G
Logical Drives Mask: 0x0000002c

Kernel Drivers (total 170):
0x82650000 \SystemRoot\system32\ntkrnlpa.exe
0x8261D000 \SystemRoot\system32\hal.dll
0x80607000 \SystemRoot\system32\kdcom.dll
0x8060E000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8067E000 \SystemRoot\system32\PSHED.dll
0x8068F000 \SystemRoot\system32\BOOTVID.dll
0x80697000 \SystemRoot\system32\CLFS.SYS
0x806D8000 \SystemRoot\system32\CI.dll
0x8840A000 \SystemRoot\system32\drivers\Wdf01000.sys
0x88486000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x88493000 \SystemRoot\system32\drivers\acpi.sys
0x884D9000 \SystemRoot\system32\drivers\WMILIB.SYS
0x884E2000 \SystemRoot\system32\drivers\msisadrv.sys
0x884EA000 \SystemRoot\system32\drivers\pci.sys
0x88511000 \SystemRoot\System32\drivers\partmgr.sys
0x88520000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x88523000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8852D000 \SystemRoot\system32\drivers\volmgr.sys
0x8853C000 \SystemRoot\System32\drivers\volmgrx.sys
0x88586000 \SystemRoot\system32\drivers\intelide.sys
0x8858D000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x8859B000 \SystemRoot\System32\drivers\mountmgr.sys
0x8860D000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x886D5000 \SystemRoot\system32\drivers\atapi.sys
0x886DD000 \SystemRoot\system32\drivers\ataport.SYS
0x886FB000 \SystemRoot\system32\drivers\fltmgr.sys
0x8872D000 \SystemRoot\system32\drivers\fileinfo.sys
0x8873D000 \SystemRoot\system32\DRIVERS\psdfilter.sys
0x88746000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8880F000 \SystemRoot\system32\drivers\ndis.sys
0x8891A000 \SystemRoot\system32\drivers\msrpc.sys
0x88945000 \SystemRoot\system32\drivers\NETIO.SYS
0x88A02000 \SystemRoot\System32\drivers\tcpip.sys
0x88AEC000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x88C0E000 \SystemRoot\System32\Drivers\Ntfs.sys
0x88D1E000 \SystemRoot\system32\drivers\volsnap.sys
0x88D57000 \SystemRoot\System32\Drivers\spldr.sys
0x88D5F000 \SystemRoot\System32\Drivers\mup.sys
0x88D6E000 \SystemRoot\System32\drivers\ecache.sys
0x88D95000 \SystemRoot\system32\drivers\disk.sys
0x88DA6000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x88DC7000 \SystemRoot\system32\drivers\crcdisk.sys
0x88DD0000 \SystemRoot\system32\drivers\BMLoad.sys
0x88DE3000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x88DEE000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x88BCF000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8C807000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8D000000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8D0A0000 \SystemRoot\System32\drivers\watchdog.sys
0x8D0AC000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8D0B7000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8D0F5000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8D104000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8D207000 \SystemRoot\system32\DRIVERS\NETw4v32.sys
0x8D465000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x8D475000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x8D483000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x8D49D000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x8D4AE000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x8D4C2000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x8D514000 \SystemRoot\system32\DRIVERS\winbondcir.sys
0x8D529000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8D53C000 \SystemRoot\system32\DRIVERS\DKbFltr.sys
0x8D546000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8D551000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8D57F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8D581000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8D58C000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8D5A4000 \SystemRoot\system32\DRIVERS\NTIDrvr.sys
0x8D5A6000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8D5AC000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8D5B0000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8D5B9000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8D191000 \SystemRoot\system32\DRIVERS\storport.sys
0x8D5E8000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8D1D2000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8D5F3000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x88980000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8D1E9000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8CFE3000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x88BDE000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x889A3000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8D5FE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x889B3000 \SystemRoot\system32\DRIVERS\ks.sys
0x88C00000 \SystemRoot\system32\DRIVERS\circlass.sys
0x88BF3000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x889DD000 \SystemRoot\system32\DRIVERS\umbus.sys
0x887B7000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x889EA000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8D803000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x885AB000 \SystemRoot\system32\drivers\portcls.sys
0x885D8000 \SystemRoot\system32\drivers\drmk.sys
0x807B8000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
0x8DA01000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
0x8DB04000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
0x8DBB9000 \SystemRoot\system32\drivers\modem.sys
0x8DBC6000 \SystemRoot\system32\DRIVERS\hidir.sys
0x8DBD1000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8DBE1000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8DBE8000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x8DBF1000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8F40C000 \SystemRoot\system32\DRIVERS\snp2uvc.sys
0x8F5B3000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x8F5C0000 \SystemRoot\system32\DRIVERS\sncduvc.SYS
0x8F5C7000 \SystemRoot\system32\DRIVERS\AVerA310USB.sys
0x8F5CE000 \SystemRoot\system32\drivers\AVerA310Cap.sys
0x8F5D9000 \SystemRoot\system32\drivers\BdaSup.SYS
0x8F5DC000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8F5E5000 \SystemRoot\System32\Drivers\Null.SYS
0x8F5EC000 \SystemRoot\System32\Drivers\Beep.SYS
0x8F5F3000 \SystemRoot\System32\drivers\vga.sys
0x8D9DE000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8F400000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8D1F8000 \SystemRoot\system32\drivers\rdpencdd.sys
0x88800000 \SystemRoot\System32\Drivers\Msfs.SYS
0x887EC000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8CFF7000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8F60E000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8F624000 \SystemRoot\System32\Drivers\tcpipBM.SYS
0x8F629000 \SystemRoot\system32\DRIVERS\smb.sys
0x8F63D000 \SystemRoot\system32\drivers\afd.sys
0x8F685000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8F6B7000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x8F6C0000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8F6D6000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8F6E4000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8F6F7000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x8F6FD000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8F739000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8F743000 \SystemRoot\System32\Drivers\dfsc.sys
0x8F75A000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x8F780000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0x8F782000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8F78B000 \SystemRoot\System32\Drivers\crashdmp.sys
0x88B07000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x9B690000 \SystemRoot\System32\win32k.sys
0x8F798000 \SystemRoot\System32\drivers\Dxapi.sys
0x8F7A2000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9B8B0000 \SystemRoot\System32\TSDDD.dll
0x9B8D0000 \SystemRoot\System32\cdd.dll
0x8F7B1000 \SystemRoot\system32\drivers\luafv.sys
0x8F7CC000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x9F609000 \SystemRoot\system32\drivers\spsys.sys
0x9F6B9000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9F6C9000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9F6F3000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9F6FD000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9F710000 \SystemRoot\system32\drivers\HTTP.sys
0x9F77D000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9F79A000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9F7B3000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9F7C8000 \SystemRoot\system32\drivers\mrxdav.sys
0x8F7E1000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA0C07000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA0C40000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA0C58000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA0C80000 \SystemRoot\System32\DRIVERS\srv.sys
0xA0CE6000 \SystemRoot\system32\DRIVERS\cdfs.sys
0xA0CFC000 \??\C:\Acer\Empowering Technology\eRecovery\int15.sys
0xA0D03000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xA0D07000 \SystemRoot\system32\drivers\peauth.sys
0xA0DE5000 \SystemRoot\system32\DRIVERS\PSDNServ.sys
0xA0DEE000 \SystemRoot\system32\DRIVERS\PSDVdisk.sys
0xA0CCE000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA0CD8000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9F7E9000 \SystemRoot\system32\DRIVERS\xaudio.sys
0xA680A000 \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
0xA6827000 \SystemRoot\system32\drivers\MSPQM.sys
0xA6829000 \??\C:\Users\Kay\AppData\Local\Temp\kxrdqpow.sys
0x76FD0000 \Windows\System32\ntdll.dll

Processes (total 94):
0 System Idle Process
4 System
548 C:\Windows\System32\smss.exe
616 csrss.exe
668 C:\Windows\System32\wininit.exe
676 csrss.exe
712 C:\Windows\System32\services.exe
724 C:\Windows\System32\lsass.exe
732 C:\Windows\System32\lsm.exe
872 C:\Windows\System32\svchost.exe
956 C:\Windows\System32\svchost.exe
1004 C:\Windows\System32\svchost.exe
1076 C:\Windows\System32\svchost.exe
1104 C:\Windows\System32\svchost.exe
1124 C:\Windows\System32\svchost.exe
1196 C:\Windows\System32\audiodg.exe
1228 C:\Windows\System32\SLsvc.exe
1252 C:\Windows\System32\svchost.exe
1352 C:\Windows\System32\winlogon.exe
1416 C:\Windows\System32\svchost.exe
1636 C:\Windows\System32\spoolsv.exe
1660 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1672 C:\Windows\System32\svchost.exe
1872 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
1892 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1912 C:\Program Files\Bonjour\mDNSResponder.exe
1932 C:\Windows\System32\svchost.exe
1956 C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
1964 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
2040 C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
2148 C:\Windows\System32\taskeng.exe
2184 C:\Acer\Empowering Technology\eNet\eNet Service.exe
2236 C:\Windows\System32\dwm.exe
2368 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2412 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
2456 C:\Acer\Mobility Center\MobilityService.exe
2508 C:\Windows\System32\svchost.exe
2648 C:\Windows\System32\svchost.exe
2668 C:\Windows\System32\PnkBstrA.exe
2684 C:\Windows\System32\svchost.exe
2716 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2744 C:\Program Files\Acer\Acer VCM\RS_Service.exe
2764 C:\Windows\System32\svchost.exe
2816 C:\Windows\System32\svchost.exe
2904 C:\Windows\explorer.exe
2948 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
2976 C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
3032 C:\Windows\System32\SearchIndexer.exe
3048 C:\Windows\System32\drivers\XAudio.exe
3056 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
3096 C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
3148 C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
3304 C:\Program Files\Synaptics\SynTP\SynTPStart.exe
3328 C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
3400 C:\Windows\System32\taskeng.exe
3524 WmiPrvSE.exe
3564 unsecapp.exe
3744 C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
3932 C:\Acer\Empowering Technology\eAudio\eAudio.exe
4008 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
4036 C:\Windows\RtHDVCpl.exe
2284 WmiPrvSE.exe
3320 C:\Windows\System32\rundll32.exe
588 C:\Users\Kay\AppData\Local\temp\RtkBtMnt.exe
492 C:\Windows\System32\rundll32.exe
432 C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
2520 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
592 C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
2288 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
4064 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2800 C:\Program Files\iTunes\iTunesHelper.exe
556 C:\Windows\ehome\ehtray.exe
3632 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
4048 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
4156 C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
4172 C:\Windows\ehome\ehmsas.exe
4184 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
4268 C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
4328 C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
4348 C:\Windows\ehome\ehsched.exe
4496 C:\Windows\System32\wbem\unsecapp.exe
4764 C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
5180 C:\Program Files\iPod\bin\iPodService.exe
5412 C:\Windows\ehome\ehrecvr.exe
4548 C:\Windows\System32\svchost.exe
4560 C:\Program Files\Windows Media Player\wmpnetwk.exe
5252 C:\Program Files\Mozilla Firefox\firefox.exe
3656 C:\Users\Kay\Desktop\osam.exe
5668 C:\Windows\System32\SearchProtocolHost.exe
2640 C:\Windows\System32\SearchFilterHost.exe
428 dllhost.exe
308 dllhost.exe
4980 C:\Users\Kay\Videos\MBRCheck.exe
4340 C:\Windows\System32\conime.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`a9700000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000001e`f5b00000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS542525K9SA00, Rev: BBFOC31P

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 31171527C24A94682C92F34EB1E387CDC8AD21FC


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Alt 19.03.2011, 13:24   #23
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 20.03.2011, 12:50   #24
Kay K.
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


hey...
hier der Vollscanbericht von Malewarebytes:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6110

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

20.03.2011 12:38:44
mbam-log-2011-03-20 (12-38-44).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 333357
Laufzeit: 59 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Gruß Kay

Alt 20.03.2011, 21:13   #25
Kay K.
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


Hey Cosinus
Und hier das Logfile von SuperAntiSpyware:

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 03/20/2011 at 05:39 PM

Application Version : 4.50.1002

Core Rules Database Version : 6635
Trace Rules Database Version: 4447

Scan type : Complete Scan
Total Scan Time : 04:49:29

Memory items scanned : 823
Memory threats detected : 0
Registry items scanned : 11130
Registry threats detected : 0
File items scanned : 281869
File threats detected : 15

Trojan.Agent/Gen-FakeAV
C:\PROGRAM FILES\WINRAR\DEFAULT.SFX

Adware.Tracking Cookie
s0.2mdn.net [ C:\Users\Kay\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GJB8GV74 ]

Trojan.Agent/Gen-Krpytik
E:\BUNDESWEHR\ARABISCH\ARABICALPHABET\ARALP11.EXE
E:\BUNDESWEHR\BUND 1\ANWENDUNGEN\DRUCKER-PROGRAMME\ETIKETT!.EXE
E:\BUNDESWEHR\BUND 1\ANWENDUNGEN\DRUCKER-PROGRAMME\FDRUCKER!.EXE
E:\BUNDESWEHR\BUND 1\ANWENDUNGEN\DRUCKER-PROGRAMME\FORMULAR!.EXE
E:\BUNDESWEHR\BUND 1\ANWENDUNGEN\DRUCKER-PROGRAMME\KALENDER!.EXE
E:\BUNDESWEHR\BUND 1\ANWENDUNGEN\DRUCKER-PROGRAMME\POSTER!.EXE
E:\BUNDESWEHR\BUND 1\ANWENDUNGEN\DRUCKER-PROGRAMME\VISITEN!.EXE
E:\BUNDESWEHR\BUNDESWEHR\BUND 1\ANWENDUNGEN\DRUCKER-PROGRAMME\ETIKETT!.EXE
E:\BUNDESWEHR\BUNDESWEHR\BUND 1\ANWENDUNGEN\DRUCKER-PROGRAMME\FDRUCKER!.EXE
E:\BUNDESWEHR\BUNDESWEHR\BUND 1\ANWENDUNGEN\DRUCKER-PROGRAMME\FORMULAR!.EXE
E:\BUNDESWEHR\BUNDESWEHR\BUND 1\ANWENDUNGEN\DRUCKER-PROGRAMME\KALENDER!.EXE
E:\BUNDESWEHR\BUNDESWEHR\BUND 1\ANWENDUNGEN\DRUCKER-PROGRAMME\POSTER!.EXE
E:\BUNDESWEHR\BUNDESWEHR\BUND 1\ANWENDUNGEN\DRUCKER-PROGRAMME\VISITEN!.EXE

Gruß Kay

Alt 21.03.2011, 10:14   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


Die Funde in E:\Bundeswehr sehen nach Fehlalarmen aus. Kannst du das bewerten? Ist der Ordner gewollt und/oder wichtig?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.03.2011, 14:26   #27
Kay K.
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


Hey Arne...
E:\ ist meine Externe Festplatte...
die Daten sind nicht wichtig...Frage kann ich den Ordner Löschen?
ob es ein Fehlalarm ist kann ich nicht beurteilen.

PS:
was ist mit SuperAntiSpyware.., kann ich das Prog. wieder Löschen?

Gruß Kay

Alt 21.03.2011, 15:56   #28
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


Du musst doch wissen, was der Ordner Bundeswehr ist...
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.03.2011, 19:15   #29
Kay K.
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


das sind alte Ordner... ich brauche sie nicht mehr....

Gruß Kay

Alt 21.03.2011, 19:19   #30
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPACK.Gen3 - Standard

TR/Crypt.XPACK.Gen3


Dann lösch es...
Rechner jetzt ok oder noch Probleme offen?
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 2 von 3 1 2 3

Themen zu TR/Crypt.XPACK.Gen3
32 bit, alternate, avgntflt.sys, avira, bho, bonjour, c:\windows\system32\rundll32.exe, desktop, diner dash, error, excel, excel.exe, flash player, google, helper, home, install.exe, launch, location, logfile, microsoft office word, mozilla, nvlddmkm.sys, office 2007, oldtimer, otl.exe, popup, problem, programdata, programm, realtek, registry, saver, scan, sched.exe, searchplugins, security, security update, server, shell32.dll, shortcut, software, start menu, super, svchost.exe, tr/crypt.xpack.ge, tr/crypt.xpack.gen, tr/crypt.xpack.gen3, virus, vista, vodafone, {dfefcdee-cf1a-4fc8-88ad-48514e463b27}


« Audio HD Driver und mehrfach Explorer.exe | Möglicher Virus - Systemstart Einträge nicht löschbar »


Ähnliche Themen: TR/Crypt.XPACK.Gen3


  1. TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3
    Log-Analyse und Auswertung - 14.06.2014 (13)
  2. TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 12.04.2012 (24)
  3. TR/CRYPT.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 19.02.2012 (1)
  4. TR/Crypt.XPACK.Gen, TR/Sirefef.BV.2, TR/Crypt.XPACK.Gen3, TR/PSW.Karagany.A.73
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (2)
  5. TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 07.01.2012 (4)
  6. Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 08.10.2011 (1)
  7. TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 17.03.2011 (3)
  8. TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 25.02.2011 (24)
  9. W32/Induc.A, TR/Dropper.Gen, TR/Crypt.ZPACK.Gen, TR/Crypt.XPACK.Gen3 gefunden - wie entfernen
    Plagegeister aller Art und deren Bekämpfung - 01.12.2010 (5)
  10. TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 12.11.2010 (6)
  11. TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 20.10.2010 (14)
  12. TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (3)
  13. TR/Crypt.XPACK.Gen3 - nach formatierung von C: TR/Crypt.XPACK.Gen2 gefunden
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (9)
  14. TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 14.10.2010 (11)
  15. TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 10.10.2010 (4)
  16. Massenweise Viren werden in Windows/Temp erstellt (Tr/Crypt.xpack.Gen3+TR/Crypt.Pepn.Gen und andere)
    Plagegeister aller Art und deren Bekämpfung - 08.10.2010 (6)
  17. Befall mit TR/Crypt.XPACK.Gen und TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 21.09.2010 (23)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR/Crypt.XPACK.Gen3 - hmm keine datei bekommen... habe ich was falsch gemacht? habe den scan ausgeführt (not found) - TR/Crypt.XPACK.Gen3...
Archiv
Du betrachtest: TR/Crypt.XPACK.Gen3 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129