|
Log-Analyse und Auswertung: wie werde ich TR/Crypt.XPACK.Gen wieder los?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
26.10.2011, 09:29 | #1 |
| wie werde ich TR/Crypt.XPACK.Gen wieder los? Hallo, ich bin neu hier und mein Avira sagt beim Suchlauf, dass er oben genannten Trojaner gefunden hat! meine Frage ist jetzt: Wie werde ich diesen wieder los? Danke schonmal! Isbjörn |
26.10.2011, 13:15 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | wie werde ich TR/Crypt.XPACK.Gen wieder los? Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner.
__________________
__________________ |
26.10.2011, 17:19 | #3 |
| wie werde ich TR/Crypt.XPACK.Gen wieder los? Also das hier hat mir Avira gesagt!
__________________[IMG]C:\Users\Isabel Peters\Documents\Desktop\unbenannt.jpg[/IMG] |
26.10.2011, 17:20 | #4 |
| wie werde ich TR/Crypt.XPACK.Gen wieder los? sorry, das war falsch! |
26.10.2011, 17:21 | #5 |
| wie werde ich TR/Crypt.XPACK.Gen wieder los? Also hier nochmal! Avira AntiVir Personal Report file date: Mittwoch, 26. Oktober 2011 15:28 Scanning for 3436397 virus strains and unwanted programs. The program is running as an unrestricted full version. Online services are available: Licensee : Avira AntiVir Personal - Free Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows Vista Windows version : (Service Pack 2) [6.0.6002] Boot mode : Normally booted Username : SYSTEM Computer name : ISABELPETERS-PC Version information: BUILD.DAT : 10.2.0.704 35934 Bytes 28.09.2011 13:34:00 AVSCAN.EXE : 10.3.0.7 484008 Bytes 12.08.2011 06:53:46 AVSCAN.DLL : 10.0.5.0 47464 Bytes 12.08.2011 06:53:46 LUKE.DLL : 10.3.0.5 45416 Bytes 12.08.2011 06:53:48 LUKERES.DLL : 10.0.0.1 12648 Bytes 10.02.2010 22:40:49 AVSCPLR.DLL : 10.3.0.7 119656 Bytes 12.08.2011 06:53:49 AVREG.DLL : 10.3.0.9 88833 Bytes 12.08.2011 06:53:49 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 08:05:36 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 05:53:55 VBASE002.VDF : 7.11.3.0 1950720 Bytes 09.02.2011 05:53:56 VBASE003.VDF : 7.11.5.225 1980416 Bytes 07.04.2011 09:30:38 VBASE004.VDF : 7.11.8.178 2354176 Bytes 31.05.2011 09:30:40 VBASE005.VDF : 7.11.10.251 1788416 Bytes 07.07.2011 09:30:41 VBASE006.VDF : 7.11.13.60 6411776 Bytes 16.08.2011 16:51:56 VBASE007.VDF : 7.11.15.106 2389504 Bytes 05.10.2011 06:35:48 VBASE008.VDF : 7.11.15.107 2048 Bytes 05.10.2011 06:35:58 VBASE009.VDF : 7.11.15.108 2048 Bytes 05.10.2011 06:35:58 VBASE010.VDF : 7.11.15.109 2048 Bytes 05.10.2011 06:35:58 VBASE011.VDF : 7.11.15.110 2048 Bytes 05.10.2011 06:35:59 VBASE012.VDF : 7.11.15.111 2048 Bytes 05.10.2011 06:35:59 VBASE013.VDF : 7.11.15.144 161792 Bytes 07.10.2011 12:19:10 VBASE014.VDF : 7.11.15.177 130048 Bytes 10.10.2011 10:19:45 VBASE015.VDF : 7.11.15.213 113664 Bytes 11.10.2011 10:19:45 VBASE016.VDF : 7.11.16.1 163328 Bytes 14.10.2011 10:19:46 VBASE017.VDF : 7.11.16.34 187904 Bytes 18.10.2011 07:43:17 VBASE018.VDF : 7.11.16.77 139264 Bytes 20.10.2011 21:27:09 VBASE019.VDF : 7.11.16.112 162816 Bytes 24.10.2011 21:27:10 VBASE020.VDF : 7.11.16.113 2048 Bytes 24.10.2011 21:27:10 VBASE021.VDF : 7.11.16.114 2048 Bytes 24.10.2011 21:27:10 VBASE022.VDF : 7.11.16.115 2048 Bytes 24.10.2011 21:27:10 VBASE023.VDF : 7.11.16.116 2048 Bytes 24.10.2011 21:27:10 VBASE024.VDF : 7.11.16.117 2048 Bytes 24.10.2011 21:27:10 VBASE025.VDF : 7.11.16.118 2048 Bytes 24.10.2011 21:27:10 VBASE026.VDF : 7.11.16.119 2048 Bytes 24.10.2011 21:27:10 VBASE027.VDF : 7.11.16.120 2048 Bytes 24.10.2011 21:27:10 VBASE028.VDF : 7.11.16.121 2048 Bytes 24.10.2011 21:27:10 VBASE029.VDF : 7.11.16.122 2048 Bytes 24.10.2011 21:27:10 VBASE030.VDF : 7.11.16.123 2048 Bytes 24.10.2011 21:27:10 VBASE031.VDF : 7.11.16.143 134144 Bytes 25.10.2011 21:27:10 Engineversion : 8.2.6.96 AEVDF.DLL : 8.1.2.2 106868 Bytes 25.10.2011 21:27:15 AESCRIPT.DLL : 8.1.3.82 463227 Bytes 25.10.2011 21:27:15 AESCN.DLL : 8.1.7.2 127349 Bytes 21.04.2011 05:53:27 AESBX.DLL : 8.2.1.34 323957 Bytes 20.07.2011 09:29:54 AERDL.DLL : 8.1.9.15 639348 Bytes 11.09.2011 10:31:56 AEPACK.DLL : 8.2.13.3 684407 Bytes 25.10.2011 21:27:15 AEOFFICE.DLL : 8.1.2.18 201084 Bytes 25.10.2011 21:27:14 AEHEUR.DLL : 8.1.2.184 3780984 Bytes 25.10.2011 21:27:14 AEHELP.DLL : 8.1.18.0 254327 Bytes 25.10.2011 21:27:11 AEGEN.DLL : 8.1.5.11 401781 Bytes 25.10.2011 21:27:11 AEEMU.DLL : 8.1.3.0 393589 Bytes 21.04.2011 05:53:14 AECORE.DLL : 8.1.24.0 196983 Bytes 25.10.2011 21:27:11 AEBB.DLL : 8.1.1.0 53618 Bytes 21.04.2011 05:53:14 AVWINLL.DLL : 10.0.0.0 19304 Bytes 21.04.2011 05:53:36 AVPREF.DLL : 10.0.3.2 44904 Bytes 12.08.2011 06:53:46 AVREP.DLL : 10.0.0.10 174120 Bytes 12.08.2011 06:53:49 AVARKT.DLL : 10.0.26.1 255336 Bytes 12.08.2011 06:53:46 AVEVTLOG.DLL : 10.0.0.9 203112 Bytes 12.08.2011 06:53:46 SQLITE3.DLL : 3.6.19.0 355688 Bytes 20.07.2011 14:40:24 AVSMTP.DLL : 10.0.0.17 63848 Bytes 21.04.2011 05:53:36 NETNT.DLL : 10.0.0.0 11624 Bytes 21.04.2011 05:53:46 RCIMAGE.DLL : 10.0.0.35 2589544 Bytes 12.08.2011 06:53:45 RCTEXT.DLL : 10.0.64.0 97640 Bytes 12.08.2011 06:53:45 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp Logging.............................: Default Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, D:, J:, Process scan........................: on Extended process scan...............: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: Advanced Start of the scan: Mittwoch, 26. Oktober 2011 15:28 Starting search for hidden objects. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\cd042efbbd7f7af1647644e76e06692b [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32\bca643cdc5c2726b20d2ecedcc62c59b [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32\2c81e34222e8052573023a60d06dd016 [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32\2582ae41fb52324423be06337561aa48 [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32\caaeda5fd7a9ed7697d9686d4b818472 [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32\a4a1bcf2cc2b8bc3716b74b2b4522f5d [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32\4d370831d2c43cd13623e232fed27b7b [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32\1d68fe701cdea33e477eb204b76f993d [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32\1fac81b91d8e3c5aa4b0a51804d844a3 [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32\f5f62a6129303efb32fbe080bb27835b [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32\fd4e2e1a3940b94dceb5a6a021f2e3c6 [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32\8a8aec57dd6508a385616fbc86791ec2 [NOTE] The registry entry is invisible. The scan of running processes will be started Scan process 'svchost.exe' - '30' Module(s) have been scanned Scan process 'vssvc.exe' - '49' Module(s) have been scanned Scan process 'avscan.exe' - '80' Module(s) have been scanned Scan process 'avscan.exe' - '28' Module(s) have been scanned Scan process 'avcenter.exe' - '92' Module(s) have been scanned Scan process 'brpjp04a.exe' - '40' Module(s) have been scanned Scan process 'brstswnd.exe' - '42' Module(s) have been scanned Scan process 'plugin-container.exe' - '121' Module(s) have been scanned Scan process 'plugin-container.exe' - '83' Module(s) have been scanned Scan process 'firefox.exe' - '145' Module(s) have been scanned Scan process 'wmpnetwk.exe' - '87' Module(s) have been scanned Scan process 'svchost.exe' - '21' Module(s) have been scanned Scan process 'wmiprvse.exe' - '34' Module(s) have been scanned Scan process 'taskeng.exe' - '49' Module(s) have been scanned Scan process 'WLIDSvcM.exe' - '16' Module(s) have been scanned Scan process 'xaudio.exe' - '14' Module(s) have been scanned Scan process 'SearchIndexer.exe' - '61' Module(s) have been scanned Scan process 'WLIDSVC.EXE' - '56' Module(s) have been scanned Scan process 'svchost.exe' - '7' Module(s) have been scanned Scan process 'svchost.exe' - '45' Module(s) have been scanned Scan process 'RichVideo.exe' - '22' Module(s) have been scanned Scan process 'RegSrvc.exe' - '23' Module(s) have been scanned Scan process 'svchost.exe' - '42' Module(s) have been scanned Scan process 'svchost.exe' - '22' Module(s) have been scanned Scan process 'svchost.exe' - '22' Module(s) have been scanned Scan process 'PIFSvc.exe' - '42' Module(s) have been scanned Scan process 'LSSrvc.exe' - '20' Module(s) have been scanned Scan process 'svchost.exe' - '35' Module(s) have been scanned Scan process 'EvtEng.exe' - '84' Module(s) have been scanned Scan process 'ehmsas.exe' - '42' Module(s) have been scanned Scan process 'igfxsrvc.exe' - '48' Module(s) have been scanned Scan process 'igfxext.exe' - '42' Module(s) have been scanned Scan process 'RtkBtMnt.exe' - '29' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '81' Module(s) have been scanned Scan process 'ehtray.exe' - '45' Module(s) have been scanned Scan process 'avgnt.exe' - '68' Module(s) have been scanned Scan process 'jusched.exe' - '22' Module(s) have been scanned Scan process 'LxUpdateManager.exe' - '64' Module(s) have been scanned Scan process 'Monitor.exe' - '39' Module(s) have been scanned Scan process 'LManager.exe' - '70' Module(s) have been scanned Scan process 'eDSMSNfix.exe' - '18' Module(s) have been scanned Scan process 'eDSloader.exe' - '49' Module(s) have been scanned Scan process 'SynTPEnh.exe' - '43' Module(s) have been scanned Scan process 'RtHDVCpl.exe' - '63' Module(s) have been scanned Scan process 'MSASCui.exe' - '54' Module(s) have been scanned Scan process 'Explorer.EXE' - '180' Module(s) have been scanned Scan process 'taskeng.exe' - '96' Module(s) have been scanned Scan process 'Dwm.exe' - '53' Module(s) have been scanned Scan process 'avshadow.exe' - '36' Module(s) have been scanned Scan process 'eDSService.exe' - '31' Module(s) have been scanned Scan process 'ALUSchedulerSvc.exe' - '33' Module(s) have been scanned Scan process 'avguard.exe' - '64' Module(s) have been scanned Scan process 'WLANExt.exe' - '87' Module(s) have been scanned Scan process 'svchost.exe' - '59' Module(s) have been scanned Scan process 'sched.exe' - '56' Module(s) have been scanned Scan process 'spoolsv.exe' - '101' Module(s) have been scanned Scan process 'vpnagent.exe' - '60' Module(s) have been scanned Scan process 'svchost.exe' - '96' Module(s) have been scanned Scan process 'svchost.exe' - '86' Module(s) have been scanned Scan process 'SLsvc.exe' - '23' Module(s) have been scanned Scan process 'svchost.exe' - '37' Module(s) have been scanned Scan process 'svchost.exe' - '153' Module(s) have been scanned Scan process 'svchost.exe' - '115' Module(s) have been scanned Scan process 'svchost.exe' - '67' Module(s) have been scanned Scan process 'svchost.exe' - '50' Module(s) have been scanned Scan process 'svchost.exe' - '39' Module(s) have been scanned Scan process 'svchost.exe' - '43' Module(s) have been scanned Scan process 'winlogon.exe' - '30' Module(s) have been scanned Scan process 'lsm.exe' - '22' Module(s) have been scanned Scan process 'lsass.exe' - '60' Module(s) have been scanned Scan process 'services.exe' - '35' Module(s) have been scanned Scan process 'csrss.exe' - '14' Module(s) have been scanned Scan process 'wininit.exe' - '26' Module(s) have been scanned Scan process 'csrss.exe' - '14' Module(s) have been scanned Scan process 'smss.exe' - '2' Module(s) have been scanned Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Master boot sector HD1 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Boot sector 'D:\' [INFO] No virus was found! Boot sector 'J:\' [INFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '1477' files ). Starting the file scan: Begin scan in 'C:\' <ACER> C:\Windows\Temp\_avast_\unp258666037.tmp [DETECTION] Is the TR/Unpacked.Gen Trojan C:\Windows\Temp\_avast_\unp78781972.tmp [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan Begin scan in 'D:\' <DATA> Begin scan in 'J:\' <ISA'S> Beginning disinfection: C:\Windows\Temp\_avast_\unp78781972.tmp [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [WARNING] The file was ignored! C:\Windows\Temp\_avast_\unp258666037.tmp [DETECTION] Is the TR/Unpacked.Gen Trojan [WARNING] The file was ignored! End of the scan: Mittwoch, 26. Oktober 2011 18:20 Used time: 2:18:06 Hour(s) The scan has been done completely. 34366 Scanned directories 738772 Files were scanned 2 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 0 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 738770 Files not concerned 7637 Archives were scanned 2 Warnings 13 Notes 933588 Objects were scanned with rootkit scan 24 Hidden objects were found |
26.10.2011, 19:41 | #6 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | wie werde ich TR/Crypt.XPACK.Gen wieder los?Zitat:
Wenn man zwei Virenscanner oder das Spezialtool von Avast verwendet ist das doch kein Wunder dass der eine Virenscanner angebliche Schädlinge in Bestandteilen des anderen sieht!
__________________ --> wie werde ich TR/Crypt.XPACK.Gen wieder los? |
27.10.2011, 09:35 | #7 |
| wie werde ich TR/Crypt.XPACK.Gen wieder los? Ich habe versucht avast zu deinstallieren! Aber bekomme das nicht hin! Wie werde ich das wieder los? |
27.10.2011, 09:37 | #8 |
| wie werde ich TR/Crypt.XPACK.Gen wieder los? Habe versucht es zu deinstallieren, bekomme das aber nicht hin! kann mir jemand sagen, wie ich das wieder los werde? |
27.10.2011, 11:34 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | wie werde ich TR/Crypt.XPACK.Gen wieder los? Eine Google-Suche nach "avast deinstallieren" ist zuviel verlangt? avast! Uninstall Utility-aswClear-avast Antivirus Software
__________________ Logfiles bitte immer in CODE-Tags posten |
27.10.2011, 15:41 | #10 |
| wie werde ich TR/Crypt.XPACK.Gen wieder los? Ich habe versucht es damit zu deinstallieren, aber es funktioniert nicht! Er sagt mir immer, dass es nicht entfernt werden konnte! |
27.10.2011, 18:41 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | wie werde ich TR/Crypt.XPACK.Gen wieder los? Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu wie werde ich TR/Crypt.XPACK.Gen wieder los? |
avira, frage, gefunde, neu, rojaner gefunden, schonmal, tr/crypt.xpack.ge, tr/crypt.xpack.gen, troja, trojaner, trojaner gefunden |