Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: TR/Crypt.EPACK.Gen2' [trojan] OTLlogfile bereits erstellt - Wie geht es weiter?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 06.06.2012, 22:14   #1
Rumsdibums
 
TR/Crypt.EPACK.Gen2' [trojan]  OTLlogfile bereits erstellt - Wie geht es weiter? - Standard

TR/Crypt.EPACK.Gen2' [trojan] OTLlogfile bereits erstellt - Wie geht es weiter?



Liebe Gemeinde.

Avira Antivir hat mir den oben genannten Trojaner gemeldet. Nach der Recherche hier im Forum habe ich einen Scan über OTL durchgeführt. Folgendes Ergebnis/ Logfile wird angezeigt:


OTL logfile created on: 06.06.2012 21:35:12 - Run 1
OTL by OldTimer - Version 3.2.46.1 Folder = C:\Users\P. Peukert\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,75 Gb Total Physical Memory | 0,56 Gb Available Physical Memory | 32,00% Memory free
3,50 Gb Paging File | 1,86 Gb Available in Paging File | 53,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 220,09 Gb Total Space | 178,38 Gb Free Space | 81,05% Space Free | Partition Type: NTFS

Computer Name: PPEUKERT-PC | User Name: P. Peukert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\P. Peukert\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)


========== Modules (No Company Name) ==========

MOD - C:\Users\P. Peukert\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\P. Peukert\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll ()
MOD - C:\Users\P. Peukert\AppData\Local\Google\Chrome\Application\19.0.1084.52\libglesv2.dll ()
MOD - C:\Users\P. Peukert\AppData\Local\Google\Chrome\Application\19.0.1084.52\libegl.dll ()
MOD - C:\Users\P. Peukert\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll ()
MOD - C:\Users\P. Peukert\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll ()
MOD - C:\Users\P. Peukert\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll ()
MOD - C:\Users\P2256~1.PEU\AppData\Local\Google\Chrome\APPLIC~1\190108~1.52\gcswf32.dll ()
MOD - C:\Users\P. Peukert\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll ()
MOD - C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (Mcx2Svc) -- C:\Windows\SysNative\Mcx2Svc.dll (Microsoft Corporation)
SRV:64bit: - (lxee_device) -- C:\Windows\SysNative\lxeecoms.exe ( )
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (RemoteAccess) -- C:\Windows\SysNative\mprdim.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Users\P2256~1.PEU\AppData\Local\Temp\7zS7942\hpslpsvc64.dll (Hewlett-Packard Co.)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (RemoteAccess) -- C:\Windows\SysWOW64\mprdim.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (udfs) -- C:\Windows\SysNative\drivers\udfs.sys (Microsoft Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (crcdisk) -- C:\Windows\SysNative\drivers\crcdisk.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ws2ifsl) -- C:\Windows\SysNative\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV:64bit: - (cdfs) -- C:\Windows\SysNative\drivers\cdfs.sys (Microsoft Corporation)
DRV:64bit: - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{103A756A-C4B4-40A2-B2D1-B353EB2D58C8}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\P. Peukert\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\P. Peukert\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.05 18:16:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.03 14:23:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.08.30 14:03:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.05 18:16:32 | 000,000,000 | ---D | M]

[2011.08.30 14:04:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\P. Peukert\AppData\Roaming\mozilla\Extensions
[2012.05.18 12:14:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\P. Peukert\AppData\Roaming\mozilla\Firefox\Profiles\e8jnnom1.default\extensions
[2012.02.26 18:13:21 | 000,000,000 | ---D | M] () -- C:\Users\P. Peukert\AppData\Roaming\mozilla\Firefox\Profiles\e8jnnom1.default\extensions\ffxtlbra@softonic.com
[2012.05.18 12:14:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\P. Peukert\AppData\Roaming\mozilla\Firefox\Profiles\e8jnnom1.default\extensions\staged
[2012.02.21 13:15:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.11.03 14:23:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.03 14:23:33 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.03 14:23:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.11.03 14:23:33 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.03 14:23:33 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.03 14:23:33 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.03 14:23:33 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\P. Peukert\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\P. Peukert\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\P. Peukert\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\P. Peukert\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\P. Peukert\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\P. Peukert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\P. Peukert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Grass = C:\Users\P. Peukert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla\1.0_0\
CHR - Extension: Google Mail = C:\Users\P. Peukert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB264218-B221-4570-B08A-6CADDF98314B}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1FE6B36-67F4-448D-B2A5-5A9ACED97214}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3913a17f-f8e2-11e0-a9e7-18f46a22bb3c}\Shell - "" = AutoRun
O33 - MountPoints2\{3913a17f-f8e2-11e0-a9e7-18f46a22bb3c}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{3913a18c-f8e2-11e0-a9e7-18f46a22bb3c}\Shell - "" = AutoRun
O33 - MountPoints2\{3913a18c-f8e2-11e0-a9e7-18f46a22bb3c}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.06.06 21:18:06 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.06.06 21:18:06 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.06.06 21:17:57 | 000,035,680 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012.06.06 21:17:57 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2012.06.06 21:15:13 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.06.06 21:14:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012.06.06 21:14:04 | 000,000,000 | ---D | C] -- C:\Users\P. Peukert\AppData\Roaming\TuneUp Software
[2012.06.06 21:13:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2012.06.06 21:12:13 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.06.06 21:11:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.06.06 21:11:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.06.05 23:41:49 | 008,769,696 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.06.05 23:39:15 | 000,000,000 | ---D | C] -- C:\Users\P. Peukert\AppData\Local\Zattoo
[2012.06.05 23:38:43 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.05 23:37:32 | 000,000,000 | ---D | C] -- C:\Users\P. Peukert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zattoo4
[2012.06.05 23:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zattoo4
[2012.06.05 23:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zattoo4
[2012.05.11 14:30:15 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.05.11 14:30:07 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.05.11 14:30:04 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.05.11 14:30:03 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.06.06 21:41:04 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.06 21:14:36 | 000,002,173 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.06.06 21:14:36 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.06.06 20:48:00 | 000,001,140 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-987633782-1655369949-2782736201-1001UA.job
[2012.06.06 20:48:00 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-987633782-1655369949-2782736201-1001Core.job
[2012.06.06 20:37:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.06 19:33:13 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.06 19:33:13 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.06 19:23:54 | 1407,848,448 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.05 23:42:15 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.05 23:42:15 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.05 23:41:49 | 008,769,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.06.05 23:40:52 | 000,017,408 | ---- | M] () -- C:\Users\P. Peukert\AppData\Local\WebpageIcons.db
[2012.06.05 23:37:33 | 000,001,832 | ---- | M] () -- C:\Users\P. Peukert\Desktop\Zattoo.lnk
[2012.06.03 20:39:02 | 001,103,062 | ---- | M] () -- C:\Users\P. Peukert\Desktop\400552810_20120601.pdf
[2012.05.29 15:47:00 | 000,044,946 | ---- | M] () -- C:\Users\P. Peukert\Desktop\20120529154237694843_INFORMATION.pdf
[2012.05.29 15:44:07 | 000,622,706 | ---- | M] () -- C:\Users\P. Peukert\Desktop\20120529154237694843_CONTRACT_POST_IDENT.pdf
[2012.05.29 13:09:54 | 000,034,656 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2012.05.29 13:09:50 | 000,025,952 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.05.29 13:09:50 | 000,021,344 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.05.23 20:45:56 | 000,275,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.05.23 00:38:08 | 001,521,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.05.23 00:38:08 | 000,654,638 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.05.23 00:38:08 | 000,616,480 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.05.23 00:38:08 | 000,130,220 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.05.23 00:38:08 | 000,106,602 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.05.13 20:59:30 | 000,056,606 | ---- | M] () -- C:\Users\P. Peukert\Desktop\image_sb_19.jpg
[2012.05.13 20:47:09 | 008,796,896 | ---- | M] () -- C:\Users\P. Peukert\Desktop\FFM.zip
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.06.06 21:14:36 | 000,002,173 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.06.06 21:14:36 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.06.06 21:14:35 | 000,002,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012.06.05 23:39:15 | 000,017,408 | ---- | C] () -- C:\Users\P. Peukert\AppData\Local\WebpageIcons.db
[2012.06.05 23:38:46 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.05 23:37:33 | 000,001,832 | ---- | C] () -- C:\Users\P. Peukert\Desktop\Zattoo.lnk
[2012.06.03 20:39:00 | 001,103,062 | ---- | C] () -- C:\Users\P. Peukert\Desktop\400552810_20120601.pdf
[2012.05.29 15:47:00 | 000,044,946 | ---- | C] () -- C:\Users\P. Peukert\Desktop\20120529154237694843_INFORMATION.pdf
[2012.05.29 15:43:59 | 000,622,706 | ---- | C] () -- C:\Users\P. Peukert\Desktop\20120529154237694843_CONTRACT_POST_IDENT.pdf
[2012.05.13 20:59:27 | 000,056,606 | ---- | C] () -- C:\Users\P. Peukert\Desktop\image_sb_19.jpg
[2012.05.13 20:44:39 | 008,796,896 | ---- | C] () -- C:\Users\P. Peukert\Desktop\FFM.zip
[2012.01.19 14:59:01 | 000,001,061 | ---- | C] () -- C:\Windows\wininit.ini
[2011.09.05 18:11:04 | 000,186,389 | ---- | C] () -- C:\Windows\hpoins14.dat
[2011.09.05 18:11:04 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2011.08.30 14:51:44 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.26 20:58:14 | 000,000,267 | ---- | C] () -- C:\Windows\LaunApp.ini
[2010.11.26 20:55:28 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.11.26 20:54:34 | 000,001,601 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2010.11.26 12:29:09 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010.11.26 12:29:09 | 000,000,302 | ---- | C] () -- C:\Windows\PidList_C.ini
[2010.11.26 12:29:08 | 000,113,264 | ---- | C] () -- C:\Windows\FixUVC.exe
[2010.11.26 12:20:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.09.21 20:54:08 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.09.21 20:45:20 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010.09.21 20:45:20 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2010.09.21 20:45:20 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini

========== LOP Check ==========

[2012.02.06 23:54:07 | 000,000,000 | ---D | M] -- C:\Users\P. Peukert\AppData\Roaming\gtk-2.0
[2011.08.30 14:30:19 | 000,000,000 | ---D | M] -- C:\Users\P. Peukert\AppData\Roaming\Simfy
[2012.05.31 00:06:43 | 000,000,000 | ---D | M] -- C:\Users\P. Peukert\AppData\Roaming\SoftGrid Client
[2011.08.30 14:04:14 | 000,000,000 | ---D | M] -- C:\Users\P. Peukert\AppData\Roaming\Thunderbird
[2011.08.30 14:53:17 | 000,000,000 | ---D | M] -- C:\Users\P. Peukert\AppData\Roaming\TP
[2012.06.06 21:14:04 | 000,000,000 | ---D | M] -- C:\Users\P. Peukert\AppData\Roaming\TuneUp Software
[2011.10.06 20:44:56 | 000,000,000 | ---D | M] -- C:\Users\P. Peukert\AppData\Roaming\Unity
[2009.07.14 07:08:49 | 000,029,358 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:5D7E5A8F
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:0B9176C0
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:4D066AD2

< End of report >


Ich bin leider totaler Dummy und kann mir nicht weiter helfen.
Über Anweisungen und Hilfe im Allgemeinen freue ich mich.

Guten Abend

Alt 08.06.2012, 14:42   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.EPACK.Gen2' [trojan]  OTLlogfile bereits erstellt - Wie geht es weiter? - Standard

TR/Crypt.EPACK.Gen2' [trojan] OTLlogfile bereits erstellt - Wie geht es weiter?



Zitat:
Avira Antivir hat mir den oben genannten Trojaner gemeldet
Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Antwort

Themen zu TR/Crypt.EPACK.Gen2' [trojan] OTLlogfile bereits erstellt - Wie geht es weiter?
adobe, adobe flash player, alternate, antivir, autorun, desktop, explorer, firefox, flash player, format, google, home, hängen, launch, locker, logfile, microsoft, mywinlocker, plug-in, pmmupdate.exe, programme, realtek, registry, scan, searchscopes, security, security scan, software, temp, tr/crypt.epack.gen2' [trojan], trojan, trojaner, version=1.0, windows




Ähnliche Themen: TR/Crypt.EPACK.Gen2' [trojan] OTLlogfile bereits erstellt - Wie geht es weiter?


  1. TR/Crypt.EPACK.Gen2 und EXP/JAVA.Ternewb.Gen
    Log-Analyse und Auswertung - 18.03.2014 (26)
  2. TR/Crypt.EPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 03.01.2013 (5)
  3. TR/Crypt.EPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 19.12.2012 (9)
  4. TR/Crypt.EPACK.Gen2 auf dem pc
    Plagegeister aller Art und deren Bekämpfung - 19.12.2012 (7)
  5. Virenmeldungen TR/Crypt.Epack.Gen2
    Log-Analyse und Auswertung - 18.12.2012 (2)
  6. TR/Crypt.EPACK.Gen2 - Fehlalarm?
    Plagegeister aller Art und deren Bekämpfung - 13.12.2012 (6)
  7. TR/Crypt.EPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 13.12.2012 (6)
  8. TR/Crypt.EPACK.Gen2
    Log-Analyse und Auswertung - 06.11.2012 (18)
  9. TR/Crypt.EPACK.Gen2 - Trojaner
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (2)
  10. TR/Crypt.EPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 22.09.2012 (5)
  11. TR/Crypt.EPACK.Gen2 Trojaner entfernen
    Plagegeister aller Art und deren Bekämpfung - 11.08.2012 (6)
  12. TR/Crypt.XPACK.Gen8 - TR/Crypt.EPACK.Gen2 - TR/ATRAPS.Gen
    Plagegeister aller Art und deren Bekämpfung - 10.07.2012 (18)
  13. TR/Crypt.EPACK.Gen2 gefunden!
    Plagegeister aller Art und deren Bekämpfung - 17.12.2011 (13)
  14. TR/Crypt.EPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 15.12.2011 (17)
  15. Wie werde ich TR/Crypt.EPACK.Gen2 los?
    Plagegeister aller Art und deren Bekämpfung - 01.09.2011 (1)
  16. Trojaner TR/Crypt.EPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 24.06.2011 (34)
  17. TR/Crypt.EPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 12.01.2011 (10)

Zum Thema TR/Crypt.EPACK.Gen2' [trojan] OTLlogfile bereits erstellt - Wie geht es weiter? - Liebe Gemeinde. Avira Antivir hat mir den oben genannten Trojaner gemeldet. Nach der Recherche hier im Forum habe ich einen Scan über OTL durchgeführt. Folgendes Ergebnis/ Logfile wird angezeigt: OTL - TR/Crypt.EPACK.Gen2' [trojan] OTLlogfile bereits erstellt - Wie geht es weiter?...
Archiv
Du betrachtest: TR/Crypt.EPACK.Gen2' [trojan] OTLlogfile bereits erstellt - Wie geht es weiter? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.