Trojaner TR/Crypt.XPACK.Gen3 auf Laptop, wie entfernen?

schrauber · 08.06.2013, 09:15

Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

E:\1b371942ca3c183f7b0cd2ac
2013-05-31 09:37 - 2013-06-04 21:39 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Delta
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Babylon
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Users\andrea\AppData\Roaming\BabSolution
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\ProgramData\Babylon
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Program Files\Delta
2013-05-30 14:24 - 2013-05-30 14:24 - 00000000 ____D C:\ProgramData\Ask
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Delta
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Babylon
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Users\andrea\AppData\Roaming\BabSolution
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\ProgramData\Babylon
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Program Files\Delta
C:\Users\Public\Firefox Setup 2.0.0.12.exe
C:\Users\Public\IPODACCESS_SETUP.EXE
C:\ProgramData\firstlsp.reg.dat

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Fix Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Ändria · 08.06.2013, 18:26

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-06-2013 02
Ran by andrea (administrator) on 08-06-2013 19:13:13
Running from C:\Users\andrea\Desktop
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
(Agere Systems) C:\Windows\system32\agrsmsvc.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
(Secunia) C:\Program Files\Secunia\PSI\PSIA.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
() C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0\bin\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Somoto) C:\Program Files\FilesFrog Update Checker\update_checker.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Silicon Motion) C:\Program Files\Silicon Motion\USB2.0 UVC WebCam\STIMON.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Dropbox, Inc.) C:\Users\andrea\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [438272 2006-03-22] (TOSHIBA)
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [411192 2007-03-29] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [509496 2007-05-23] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [538744 2007-05-22] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] NDSTray.exe [x]
HKLM\...\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [894512 2007-06-08] (Synaptics, Inc.)
HKLM\...\Run: [Skytel] Skytel.exe [x]
HKLM\...\Run: [UnlockerAssistant] "C:\Users\andrea\Desktop\Unlocker\UnlockerAssistant.exe" [x]
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [77824 2007-04-16] (Sun Microsystems, Inc.)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1233920 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto  [201808 2013-01-31] (Somoto)
HKU\Default\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\Default User\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Start Menu\Programs\Startup\STIMON.lnk
ShortcutTarget: STIMON.lnk -> C:\Program Files\Silicon Motion\USB2.0 UVC WebCam\STIMON.exe (Silicon Motion)
Startup: C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\andrea\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKCU SearchScopes: DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default
FF SearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR Extension: (Iminent) - C:\Users\andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.21.4.1

========================== Services (Whitelisted) =================

R2 AntiVirScheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [68865 2008-10-24] (Avira GmbH)
R2 AntiVirService; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [151297 2008-10-24] (Avira GmbH)
R2 Automatisches LiveUpdate - Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352 2007-09-26] (Symantec Corporation)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 gupdate1c9e6e4bfd02130; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-06-06] (Google Inc.)
S3 LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2999664 2007-09-26] (Symantec Corporation)
R2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll [537992 2008-04-10] (Symantec Corporation)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [306432 2008-01-15] (TuneUp Software GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
S2 AntiVirMailService; C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe [x]
S2 AVEService; C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe [x]
S2 LiveUpdate Notice Ex; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
S2 TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [x]

==================== Drivers (Whitelisted) ====================

R1 avgio; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [11608 2009-05-27] (Avira GmbH)
R3 avgntflt; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [52056 2009-05-27] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [75096 2009-05-27] (Avira GmbH)
R0 CplIR; C:\Windows\System32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
S3 dtscsi; C:\Windows\System32\Drivers\dtscsi.sys [223128 2008-01-15] (DT Soft Ltd.)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-04-18] (Secunia)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2008-01-15] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [21248 2008-04-17] (AVIRA GmbH)
S1 avgntdd; SYSTEM32\DRIVERS\avgntdd.sys [x]
S0 avgntmgr; SYSTEM32\drivers\avgntmgr.sys [x]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\Users\andrea\AppData\Local\Temp\catchme.sys [x]
S3 igfx; system32\DRIVERS\igdkmd32.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Tosrfcom; No ImagePath
S3 TpChoice; system32\DRIVERS\TpChoice.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-08 19:11 - 2013-06-08 19:11 - 00001186 ____A C:\Users\andrea\Desktop\Fixlist.txt
2013-06-08 08:47 - 2013-06-08 08:48 - 00019483 ____A C:\Users\andrea\Desktop\Addition.txt
2013-06-08 08:45 - 2013-06-08 08:45 - 01358671 ____A (Farbar) C:\Users\andrea\Desktop\FRST.exe
2013-06-08 08:45 - 2013-06-08 08:45 - 00000000 ____D C:\FRST
2013-06-07 15:53 - 2013-06-07 15:53 - 00124392 ____A C:\Users\andrea\Desktop\OTL.Txt
2013-06-05 14:19 - 2013-06-05 14:19 - 00000000 ____D C:\_OTL
2013-06-05 11:33 - 2013-06-05 11:33 - 00602112 ____A (OldTimer Tools) C:\Users\andrea\Desktop\OTL.exe
2013-06-03 17:01 - 2013-06-03 17:01 - 03715248 ____A (Speedchecker Limited                                        ) C:\Users\andrea\Documents\PCSUUpdate.exe
2013-06-03 14:07 - 2013-06-03 14:07 - 00055088 ____A C:\Users\andrea\Documents\PCSU_Update.exe
2013-06-03 14:06 - 2013-06-04 21:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-03 14:06 - 2013-06-03 14:06 - 02086240 ____A C:\Users\andrea\Desktop\avira-free-antivirus.exe
2013-06-01 10:04 - 2013-06-01 10:04 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-06-01 10:04 - 2013-06-01 10:04 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-05-31 13:11 - 2013-05-31 13:12 - 00000000 ____D C:\Users\andrea\Documents\Bafög Uni Osnabrück
2013-05-31 13:08 - 2013-05-31 13:09 - 00000000 ____D C:\Users\andrea\Documents\Band
2013-05-31 09:39 - 2013-05-31 10:30 - 00000862 ____A C:\Windows\System32\InstallUtil.InstallLog
2013-05-31 09:37 - 2013-06-04 21:39 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Delta
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Babylon
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Users\andrea\AppData\Roaming\BabSolution
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\ProgramData\Babylon
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Program Files\Delta
2013-05-30 14:24 - 2013-05-30 14:24 - 00000000 ____D C:\Users\andrea\AppData\Local\APN
2013-05-30 14:24 - 2013-05-30 14:24 - 00000000 ____D C:\ProgramData\Ask
2013-05-30 14:19 - 2013-05-30 14:19 - 00000000 ____D C:\Users\andrea\AppData\Roaming\WinPatrol
2013-05-30 14:12 - 2013-05-31 13:17 - 00000000 ____D C:\Users\andrea\Desktop\PC Schutz
2013-05-30 14:09 - 2013-05-30 14:09 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-05-30 14:09 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-30 08:35 - 2013-05-30 08:36 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-05-29 18:38 - 2013-05-29 18:40 - 00000000 ____D C:\Program Files\QuickTime
2013-05-29 18:36 - 2013-05-29 18:36 - 00000000 ____D C:\Program Files\Bonjour
2013-05-29 18:30 - 2013-05-29 18:30 - 00477616 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll
2013-05-29 18:30 - 2013-05-29 18:30 - 00162224 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2013-05-29 18:30 - 2013-05-29 18:30 - 00149936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
2013-05-29 18:30 - 2013-05-29 18:30 - 00149936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
2013-05-29 18:09 - 2013-05-29 18:09 - 00000000 ____D C:\Users\andrea\AppData\Local\WindowsUpdate
2013-05-29 18:07 - 2013-05-29 18:07 - 00000000 ____D C:\Users\andrea\AppData\Local\Secunia PSI
2013-05-29 18:07 - 2013-05-29 18:07 - 00000000 ____D C:\Program Files\Secunia
2013-05-29 17:47 - 2013-05-29 17:48 - 00001789 ____A C:\DelFix.txt
2013-05-29 16:29 - 2013-05-29 16:29 - 00000000 ____D C:\Program Files\FilesFrog Update Checker
2013-05-27 17:50 - 2013-05-29 17:47 - 00000000 ____D C:\Windows\ERUNT
2013-05-27 17:39 - 2013-05-27 17:39 - 00000130 ____A C:\Windows\DeleteOnReboot.bat
2013-05-27 16:44 - 2013-05-27 17:02 - 00000000 ____D C:\Windows\erdnt
2013-05-27 14:50 - 2013-05-27 14:50 - 00138720 ____A C:\Windows\Minidump\Mini052713-01.dmp
2013-05-27 11:47 - 2013-05-31 09:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-27 10:53 - 2013-05-27 10:53 - 00000000 ____D C:\Program Files\7-Zip
2013-05-27 10:51 - 2013-05-27 10:52 - 00000000 ____D C:\Windows\System32\jmdp
2013-05-27 10:51 - 2013-05-27 10:51 - 00000000 ____D C:\Windows\System32\ARFC
2013-05-27 10:51 - 2013-05-16 14:30 - 00028160 ____A C:\Windows\System32\ImHttpComm.dll
2013-05-27 10:51 - 2013-05-16 14:02 - 00632656 ____A (Microsoft Corporation) C:\Windows\System32\msvcr80.dll
2013-05-27 10:51 - 2013-05-16 14:02 - 00554832 ____A (Microsoft Corporation) C:\Windows\System32\msvcp80.dll
2013-05-27 10:51 - 2013-05-16 14:02 - 00479232 ____A (Microsoft Corporation) C:\Windows\System32\msvcm80.dll
2013-05-27 10:51 - 2013-05-16 14:02 - 00001870 ____A C:\Windows\System32\Microsoft.VC80.CRT.manifest
2013-05-18 10:40 - 2013-05-18 10:40 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Malwarebytes
2013-05-18 10:39 - 2013-05-18 10:39 - 00000000 ____D C:\ProgramData\Malwarebytes

==================== One Month Modified Files and Folders ========

2013-06-08 19:11 - 2013-06-08 19:11 - 00001186 ____A C:\Users\andrea\Desktop\Fixlist.txt
2013-06-08 19:09 - 2008-01-04 11:10 - 01448624 ____A C:\Windows\WindowsUpdate.log
2013-06-08 19:08 - 2009-07-02 16:11 - 00001098 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-08 19:01 - 2006-11-02 12:33 - 01445116 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-08 18:58 - 2009-11-04 14:36 - 00000000 ___RD C:\Users\andrea\Documents\My Dropbox
2013-06-08 18:58 - 2009-11-04 14:34 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Dropbox
2013-06-08 18:56 - 2009-07-02 16:11 - 00001094 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-08 18:56 - 2008-04-16 12:59 - 00000436 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-06-08 18:55 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-08 18:55 - 2006-11-02 14:47 - 00003568 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-08 18:55 - 2006-11-02 14:47 - 00003568 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-08 09:59 - 2006-11-02 15:01 - 00032562 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-08 09:40 - 2012-04-24 17:32 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-08 08:48 - 2013-06-08 08:47 - 00019483 ____A C:\Users\andrea\Desktop\Addition.txt
2013-06-08 08:45 - 2013-06-08 08:45 - 01358671 ____A (Farbar) C:\Users\andrea\Desktop\FRST.exe
2013-06-08 08:45 - 2013-06-08 08:45 - 00000000 ____D C:\FRST
2013-06-08 08:30 - 2008-01-04 12:43 - 00000420 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{929C5347-AE8B-4470-A617-D957BEE3A63C}.job
2013-06-07 15:53 - 2013-06-07 15:53 - 00124392 ____A C:\Users\andrea\Desktop\OTL.Txt
2013-06-06 13:32 - 2009-06-06 22:23 - 00001052 ____A C:\Windows\Tasks\Google Software Updater.job
2013-06-05 14:19 - 2013-06-05 14:19 - 00000000 ____D C:\_OTL
2013-06-05 11:33 - 2013-06-05 11:33 - 00602112 ____A (OldTimer Tools) C:\Users\andrea\Desktop\OTL.exe
2013-06-05 11:30 - 2006-11-02 12:24 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-04 21:39 - 2013-06-03 14:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-04 21:39 - 2013-05-31 09:37 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-06-04 21:39 - 2008-04-17 17:57 - 01347526 ____A C:\Windows\PFRO.log
2013-06-03 17:01 - 2013-06-03 17:01 - 03715248 ____A (Speedchecker Limited                                        ) C:\Users\andrea\Documents\PCSUUpdate.exe
2013-06-03 14:07 - 2013-06-03 14:07 - 00055088 ____A C:\Users\andrea\Documents\PCSU_Update.exe
2013-06-03 14:06 - 2013-06-03 14:06 - 02086240 ____A C:\Users\andrea\Desktop\avira-free-antivirus.exe
2013-06-01 16:46 - 2011-07-14 12:23 - 00000000 ____D C:\Users\andrea\AppData\Roaming\vlc
2013-06-01 10:10 - 2008-11-16 16:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-01 10:04 - 2013-06-01 10:04 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-06-01 10:04 - 2013-06-01 10:04 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-05-31 13:52 - 2011-09-19 17:14 - 00000000 ____D C:\Users\andrea\Desktop\Programme
2013-05-31 13:17 - 2013-05-30 14:12 - 00000000 ____D C:\Users\andrea\Desktop\PC Schutz
2013-05-31 13:14 - 2010-11-07 14:02 - 00000000 ____D C:\Users\andrea\Documents\Uni
2013-05-31 13:12 - 2013-05-31 13:11 - 00000000 ____D C:\Users\andrea\Documents\Bafög Uni Osnabrück
2013-05-31 13:09 - 2013-05-31 13:08 - 00000000 ____D C:\Users\andrea\Documents\Band
2013-05-31 13:07 - 2011-09-19 15:55 - 00000000 ____D C:\Users\andrea\Documents\Sportpsychologie
2013-05-31 12:59 - 2009-07-14 21:29 - 00000000 ____D C:\Users\andrea\Documents\Bergsteigen 2009
2013-05-31 12:56 - 2011-01-06 01:53 - 00000000 ____D C:\Users\andrea\Documents\Bücher
2013-05-31 12:55 - 2011-09-19 15:50 - 00000000 ____D C:\Users\andrea\Desktop\Diplomprüfung!
2013-05-31 12:48 - 2011-09-12 19:30 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Skype
2013-05-31 12:48 - 2009-12-19 14:18 - 00000000 ____D C:\ProgramData\Skype
2013-05-31 11:03 - 2010-12-18 16:08 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-05-31 11:03 - 2008-08-31 11:25 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-05-31 10:38 - 2007-04-16 08:23 - 00000000 ____D C:\ProgramData\Symantec
2013-05-31 10:38 - 2007-04-16 08:23 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-05-31 10:36 - 2009-11-04 15:06 - 00008831 ____A C:\ProgramData\LUUnInstall.LiveUpdate
2013-05-31 10:35 - 2007-04-16 08:23 - 00000000 ____D C:\Program Files\Symantec
2013-05-31 10:30 - 2013-05-31 09:39 - 00000862 ____A C:\Windows\System32\InstallUtil.InstallLog
2013-05-31 10:12 - 2008-03-13 10:48 - 00000000 ____D C:\ProgramData\EPSON
2013-05-31 10:11 - 2007-04-16 07:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-05-31 09:49 - 2008-01-17 13:47 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-05-31 09:38 - 2013-05-27 11:47 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Delta
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Babylon
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Users\andrea\AppData\Roaming\BabSolution
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\ProgramData\Babylon
2013-05-31 09:37 - 2013-05-31 09:37 - 00000000 ____D C:\Program Files\Delta
2013-05-30 14:24 - 2013-05-30 14:24 - 00000000 ____D C:\Users\andrea\AppData\Local\APN
2013-05-30 14:24 - 2013-05-30 14:24 - 00000000 ____D C:\ProgramData\Ask
2013-05-30 14:19 - 2013-05-30 14:19 - 00000000 ____D C:\Users\andrea\AppData\Roaming\WinPatrol
2013-05-30 14:09 - 2013-05-30 14:09 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-05-30 10:25 - 2008-01-04 12:24 - 00093464 ____A C:\Users\andrea\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-30 10:22 - 2008-01-17 13:51 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Apple Computer
2013-05-30 10:16 - 2006-11-02 14:47 - 00340040 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-30 09:13 - 2008-11-16 16:34 - 00000000 ____D C:\Program Files\Microsoft Works
2013-05-30 09:13 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-05-30 08:36 - 2013-05-30 08:35 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-05-30 08:36 - 2010-09-25 12:34 - 00000000 ____D C:\ProgramData\Adobe
2013-05-30 08:35 - 2008-01-04 14:40 - 00000000 ____D C:\Users\andrea\AppData\Local\Adobe
2013-05-30 08:35 - 2007-04-16 08:30 - 00000000 ____D C:\Program Files\Adobe
2013-05-29 18:40 - 2013-05-29 18:38 - 00000000 ____D C:\Program Files\QuickTime
2013-05-29 18:36 - 2013-05-29 18:36 - 00000000 ____D C:\Program Files\Bonjour
2013-05-29 18:35 - 2008-01-17 13:47 - 00000000 ____D C:\ProgramData\Apple
2013-05-29 18:34 - 2008-01-04 12:24 - 00000000 ____D C:\users\andrea
2013-05-29 18:30 - 2013-05-29 18:30 - 00477616 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll
2013-05-29 18:30 - 2013-05-29 18:30 - 00162224 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2013-05-29 18:30 - 2013-05-29 18:30 - 00149936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
2013-05-29 18:30 - 2013-05-29 18:30 - 00149936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
2013-05-29 18:30 - 2010-06-26 10:04 - 00473520 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll
2013-05-29 18:30 - 2007-04-16 07:04 - 00000000 ____D C:\Program Files\Java
2013-05-29 18:09 - 2013-05-29 18:09 - 00000000 ____D C:\Users\andrea\AppData\Local\WindowsUpdate
2013-05-29 18:07 - 2013-05-29 18:07 - 00000000 ____D C:\Users\andrea\AppData\Local\Secunia PSI
2013-05-29 18:07 - 2013-05-29 18:07 - 00000000 ____D C:\Program Files\Secunia
2013-05-29 17:48 - 2013-05-29 17:47 - 00001789 ____A C:\DelFix.txt
2013-05-29 17:47 - 2013-05-27 17:50 - 00000000 ____D C:\Windows\ERUNT
2013-05-29 16:52 - 2006-11-02 12:23 - 00000215 ____A C:\Windows\system.ini
2013-05-29 16:29 - 2013-05-29 16:29 - 00000000 ____D C:\Program Files\FilesFrog Update Checker
2013-05-28 21:24 - 2008-04-24 12:18 - 00000074 ____A C:\Users\andrea\AppData\default.pls
2013-05-27 23:47 - 2010-08-07 20:25 - 00000000 ____D C:\Windows\pss
2013-05-27 17:39 - 2013-05-27 17:39 - 00000130 ____A C:\Windows\DeleteOnReboot.bat
2013-05-27 17:05 - 2006-11-02 13:18 - 00000000 __RHD C:\users\Default
2013-05-27 17:05 - 2006-11-02 13:18 - 00000000 ___RD C:\users\Public
2013-05-27 17:02 - 2013-05-27 16:44 - 00000000 ____D C:\Windows\erdnt
2013-05-27 16:07 - 2012-05-07 20:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-05-27 14:50 - 2013-05-27 14:50 - 00138720 ____A C:\Windows\Minidump\Mini052713-01.dmp
2013-05-27 14:50 - 2008-04-18 02:40 - 00000000 ____D C:\Windows\Minidump
2013-05-27 14:49 - 2009-07-14 12:43 - 00000000 ____D C:\Users\Public\Documents\Symantec
2013-05-27 14:49 - 2008-04-18 02:39 - 268499548 ____A C:\Windows\MEMORY.DMP
2013-05-27 10:53 - 2013-05-27 10:53 - 00000000 ____D C:\Program Files\7-Zip
2013-05-27 10:52 - 2013-05-27 10:51 - 00000000 ____D C:\Windows\System32\jmdp
2013-05-27 10:51 - 2013-05-27 10:51 - 00000000 ____D C:\Windows\System32\ARFC
2013-05-18 11:05 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2013-05-18 10:40 - 2013-05-18 10:40 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Malwarebytes
2013-05-18 10:39 - 2013-05-18 10:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-17 19:18 - 2008-01-15 13:33 - 00000392 ____A C:\Windows\Tasks\1-Klick-Wartung.job
2013-05-17 13:40 - 2012-04-24 17:32 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-05-17 13:40 - 2011-10-08 13:51 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-05-16 14:30 - 2013-05-27 10:51 - 00028160 ____A C:\Windows\System32\ImHttpComm.dll
2013-05-16 14:02 - 2013-05-27 10:51 - 00632656 ____A (Microsoft Corporation) C:\Windows\System32\msvcr80.dll
2013-05-16 14:02 - 2013-05-27 10:51 - 00554832 ____A (Microsoft Corporation) C:\Windows\System32\msvcp80.dll
2013-05-16 14:02 - 2013-05-27 10:51 - 00479232 ____A (Microsoft Corporation) C:\Windows\System32\msvcm80.dll
2013-05-16 14:02 - 2013-05-27 10:51 - 00001870 ____A C:\Windows\System32\Microsoft.VC80.CRT.manifest
2013-05-16 14:02 - 2011-02-19 23:03 - 00421200 ____A (Microsoft Corporation) C:\Windows\System32\msvcp100.dll
2013-05-16 14:02 - 2011-02-19 00:40 - 00773968 ____A (Microsoft Corporation) C:\Windows\System32\msvcr100.dll
2013-05-13 17:43 - 2008-11-16 16:36 - 00002637 ____A C:\Users\andrea\Desktop\Microsoft Office Word 2007.lnk

Files to move or delete:
====================
C:\Users\Public\Firefox Setup 2.0.0.12.exe
C:\Users\Public\IPODACCESS_SETUP.EXE
C:\ProgramData\firstlsp.reg.dat

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-06-08 19:02

==================== End Of Log ============================

--- --- ---

schrauber · 08.06.2013, 20:47

Ehm, wo ist der Fix? Hast den gemacht? Gab es ein Fixlog?

Ändria · 09.06.2013, 13:29

Ähm, ups... Meinst du den hier:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-06-2013 02
Ran by andrea at 2013-06-09 14:18:15 Run:1
Running from C:\Users\andrea\Desktop
Boot Mode: Normal

==============================================

E:\1b371942ca3c183f7b0cd2ac => File/Directory not found.

"C:\ProgramData\BrowserProtect" directory move:

Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23. => Scheduled to move on reboot.
Could not move C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js. => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserProtect" directory. => Scheduled to move on reboot.

C:\Users\andrea\AppData\Roaming\Delta => Moved successfully.
C:\Users\andrea\AppData\Roaming\Babylon => Moved successfully.
C:\Users\andrea\AppData\Roaming\BabSolution => Moved successfully.
C:\ProgramData\Babylon => Moved successfully.
C:\Program Files\Delta => Moved successfully.
C:\ProgramData\Ask => Moved successfully.
C:\Users\andrea\AppData\Roaming\Delta => File/Directory not found.
C:\Users\andrea\AppData\Roaming\Babylon => File/Directory not found.
C:\Users\andrea\AppData\Roaming\BabSolution => File/Directory not found.
C:\ProgramData\Babylon => File/Directory not found.
C:\Program Files\Delta => File/Directory not found.
C:\Users\Public\Firefox Setup 2.0.0.12.exe => Moved successfully.
C:\Users\Public\IPODACCESS_SETUP.EXE => Moved successfully.
C:\ProgramData\firstlsp.reg.dat => Moved successfully.

=========== Result of Scheduled Files to move ===========
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 => File could not move.
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js => File could not move.
C:\ProgramData\BrowserProtect => Directory could not move.

==== End of Fixlog ====

schrauber · 09.06.2013, 15:20

Frisches FRST Log bitte. Mault dein Avira immer noch wegen E:?

Ich hab jetzt 4 Logfiles insgesamt, wo ich den Ordner in E löschen wollte, und immer heisst es "den Ordner gibt es nicht"

Ändria · 10.06.2013, 09:18

Bisher hat er die Meldung nicht nochmal angezeigt. Aber ich warte mal ab.
Was aber echt komisch ist, ist dass mein Rechner super langsam läuft und manchmal hängt.
Es folgt der log. Hoffe, ist jetzt der richtige ;-)

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-06-2013 02
Ran by andrea (administrator) on 10-06-2013 10:15:44
Running from C:\Users\andrea\Desktop
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
(Agere Systems) C:\Windows\system32\agrsmsvc.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
(Secunia) C:\Program Files\Secunia\PSI\PSIA.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
() C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0\bin\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Somoto) C:\Program Files\FilesFrog Update Checker\update_checker.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Silicon Motion) C:\Program Files\Silicon Motion\USB2.0 UVC WebCam\STIMON.exe
(Dropbox, Inc.) C:\Users\andrea\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [438272 2006-03-22] (TOSHIBA)
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [411192 2007-03-29] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [509496 2007-05-23] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [538744 2007-05-22] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] NDSTray.exe [x]
HKLM\...\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [894512 2007-06-08] (Synaptics, Inc.)
HKLM\...\Run: [Skytel] Skytel.exe [x]
HKLM\...\Run: [UnlockerAssistant] "C:\Users\andrea\Desktop\Unlocker\UnlockerAssistant.exe" [x]
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [77824 2007-04-16] (Sun Microsystems, Inc.)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1233920 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto  [201808 2013-01-31] (Somoto)
HKU\Default\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\Default User\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Start Menu\Programs\Startup\STIMON.lnk
ShortcutTarget: STIMON.lnk -> C:\Program Files\Silicon Motion\USB2.0 UVC WebCam\STIMON.exe (Silicon Motion)
Startup: C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\andrea\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKCU SearchScopes: DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default
FF SearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR Extension: (Iminent) - C:\Users\andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.21.4.1

========================== Services (Whitelisted) =================

R2 AntiVirScheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [68865 2008-10-24] (Avira GmbH)
R2 AntiVirService; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [151297 2008-10-24] (Avira GmbH)
R2 Automatisches LiveUpdate - Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352 2007-09-26] (Symantec Corporation)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 gupdate1c9e6e4bfd02130; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-06-06] (Google Inc.)
S3 LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2999664 2007-09-26] (Symantec Corporation)
R2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll [537992 2008-04-10] (Symantec Corporation)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [306432 2008-01-15] (TuneUp Software GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
S2 AntiVirMailService; C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe [x]
S2 AVEService; C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe [x]
S2 LiveUpdate Notice Ex; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
S2 TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [x]

==================== Drivers (Whitelisted) ====================

R1 avgio; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [11608 2009-05-27] (Avira GmbH)
R3 avgntflt; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [52056 2009-05-27] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [75096 2009-05-27] (Avira GmbH)
R0 CplIR; C:\Windows\System32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
S3 dtscsi; C:\Windows\System32\Drivers\dtscsi.sys [223128 2008-01-15] (DT Soft Ltd.)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-04-18] (Secunia)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2008-01-15] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [21248 2008-04-17] (AVIRA GmbH)
S1 avgntdd; SYSTEM32\DRIVERS\avgntdd.sys [x]
S0 avgntmgr; SYSTEM32\drivers\avgntmgr.sys [x]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\Users\andrea\AppData\Local\Temp\catchme.sys [x]
S3 igfx; system32\DRIVERS\igdkmd32.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Tosrfcom; No ImagePath
S3 TpChoice; system32\DRIVERS\TpChoice.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-10 10:15 - 2013-06-10 10:15 - 00000000 ____A C:\Users\andrea\Desktop\FRST.txt
2013-06-08 08:45 - 2013-06-09 14:26 - 00000000 ____D C:\FRST
2013-06-08 08:45 - 2013-06-08 08:45 - 01358671 ____A (Farbar) C:\Users\andrea\Desktop\FRST.exe
2013-06-05 14:19 - 2013-06-05 14:19 - 00000000 ____D C:\_OTL
2013-06-05 11:33 - 2013-06-05 11:33 - 00602112 ____A (OldTimer Tools) C:\Users\andrea\Desktop\OTL.exe
2013-06-03 17:01 - 2013-06-03 17:01 - 03715248 ____A (Speedchecker Limited                                        ) C:\Users\andrea\Documents\PCSUUpdate.exe
2013-06-03 14:07 - 2013-06-03 14:07 - 00055088 ____A C:\Users\andrea\Documents\PCSU_Update.exe
2013-06-03 14:06 - 2013-06-04 21:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-03 14:06 - 2013-06-03 14:06 - 02086240 ____A C:\Users\andrea\Desktop\avira-free-antivirus.exe
2013-06-01 10:04 - 2013-06-01 10:04 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-06-01 10:04 - 2013-06-01 10:04 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-05-31 13:11 - 2013-05-31 13:12 - 00000000 ____D C:\Users\andrea\Documents\Bafög Uni Osnabrück
2013-05-31 13:08 - 2013-05-31 13:09 - 00000000 ____D C:\Users\andrea\Documents\Band
2013-05-31 09:39 - 2013-05-31 10:30 - 00000862 ____A C:\Windows\System32\InstallUtil.InstallLog
2013-05-31 09:37 - 2013-06-04 21:39 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-05-30 14:24 - 2013-05-30 14:24 - 00000000 ____D C:\Users\andrea\AppData\Local\APN
2013-05-30 14:19 - 2013-05-30 14:19 - 00000000 ____D C:\Users\andrea\AppData\Roaming\WinPatrol
2013-05-30 14:12 - 2013-05-31 13:17 - 00000000 ____D C:\Users\andrea\Desktop\PC Schutz
2013-05-30 14:09 - 2013-05-30 14:09 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-05-30 14:09 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-30 08:35 - 2013-05-30 08:36 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-05-29 18:38 - 2013-05-29 18:40 - 00000000 ____D C:\Program Files\QuickTime
2013-05-29 18:36 - 2013-05-29 18:36 - 00000000 ____D C:\Program Files\Bonjour
2013-05-29 18:30 - 2013-05-29 18:30 - 00477616 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll
2013-05-29 18:30 - 2013-05-29 18:30 - 00162224 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2013-05-29 18:30 - 2013-05-29 18:30 - 00149936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
2013-05-29 18:30 - 2013-05-29 18:30 - 00149936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
2013-05-29 18:09 - 2013-05-29 18:09 - 00000000 ____D C:\Users\andrea\AppData\Local\WindowsUpdate
2013-05-29 18:07 - 2013-05-29 18:07 - 00000000 ____D C:\Users\andrea\AppData\Local\Secunia PSI
2013-05-29 18:07 - 2013-05-29 18:07 - 00000000 ____D C:\Program Files\Secunia
2013-05-29 17:47 - 2013-05-29 17:48 - 00001789 ____A C:\DelFix.txt
2013-05-29 16:29 - 2013-05-29 16:29 - 00000000 ____D C:\Program Files\FilesFrog Update Checker
2013-05-27 17:50 - 2013-05-29 17:47 - 00000000 ____D C:\Windows\ERUNT
2013-05-27 17:39 - 2013-05-27 17:39 - 00000130 ____A C:\Windows\DeleteOnReboot.bat
2013-05-27 16:44 - 2013-05-27 17:02 - 00000000 ____D C:\Windows\erdnt
2013-05-27 14:50 - 2013-05-27 14:50 - 00138720 ____A C:\Windows\Minidump\Mini052713-01.dmp
2013-05-27 11:47 - 2013-05-31 09:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-27 10:53 - 2013-05-27 10:53 - 00000000 ____D C:\Program Files\7-Zip
2013-05-27 10:51 - 2013-05-27 10:52 - 00000000 ____D C:\Windows\System32\jmdp
2013-05-27 10:51 - 2013-05-27 10:51 - 00000000 ____D C:\Windows\System32\ARFC
2013-05-27 10:51 - 2013-05-16 14:30 - 00028160 ____A C:\Windows\System32\ImHttpComm.dll
2013-05-27 10:51 - 2013-05-16 14:02 - 00632656 ____A (Microsoft Corporation) C:\Windows\System32\msvcr80.dll
2013-05-27 10:51 - 2013-05-16 14:02 - 00554832 ____A (Microsoft Corporation) C:\Windows\System32\msvcp80.dll
2013-05-27 10:51 - 2013-05-16 14:02 - 00479232 ____A (Microsoft Corporation) C:\Windows\System32\msvcm80.dll
2013-05-27 10:51 - 2013-05-16 14:02 - 00001870 ____A C:\Windows\System32\Microsoft.VC80.CRT.manifest
2013-05-18 10:40 - 2013-05-18 10:40 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Malwarebytes
2013-05-18 10:39 - 2013-05-18 10:39 - 00000000 ____D C:\ProgramData\Malwarebytes

==================== One Month Modified Files and Folders ========

2013-06-10 10:15 - 2013-06-10 10:15 - 00000000 ____A C:\Users\andrea\Desktop\FRST.txt
2013-06-10 10:08 - 2009-07-02 16:11 - 00001098 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-10 10:07 - 2008-01-04 11:10 - 01525661 ____A C:\Windows\WindowsUpdate.log
2013-06-10 10:00 - 2009-11-04 14:36 - 00000000 ___RD C:\Users\andrea\Documents\My Dropbox
2013-06-10 10:00 - 2009-11-04 14:34 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Dropbox
2013-06-10 09:58 - 2009-07-02 16:11 - 00001094 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-10 09:58 - 2008-04-16 12:59 - 00000435 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-06-10 09:57 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-10 09:57 - 2006-11-02 14:47 - 00003568 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-10 09:57 - 2006-11-02 14:47 - 00003568 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-09 15:29 - 2006-11-02 15:01 - 00032562 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-09 14:40 - 2012-04-24 17:32 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-09 14:26 - 2013-06-08 08:45 - 00000000 ____D C:\FRST
2013-06-09 14:19 - 2008-04-17 17:57 - 01353878 ____A C:\Windows\PFRO.log
2013-06-09 14:18 - 2006-11-02 13:18 - 00000000 ___RD C:\users\Public
2013-06-09 13:46 - 2008-01-04 12:43 - 00000420 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{929C5347-AE8B-4470-A617-D957BEE3A63C}.job
2013-06-08 19:01 - 2006-11-02 12:33 - 01445116 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-08 08:45 - 2013-06-08 08:45 - 01358671 ____A (Farbar) C:\Users\andrea\Desktop\FRST.exe
2013-06-06 13:32 - 2009-06-06 22:23 - 00001052 ____A C:\Windows\Tasks\Google Software Updater.job
2013-06-05 14:19 - 2013-06-05 14:19 - 00000000 ____D C:\_OTL
2013-06-05 11:33 - 2013-06-05 11:33 - 00602112 ____A (OldTimer Tools) C:\Users\andrea\Desktop\OTL.exe
2013-06-05 11:30 - 2006-11-02 12:24 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-04 21:39 - 2013-06-03 14:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-04 21:39 - 2013-05-31 09:37 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-06-03 17:01 - 2013-06-03 17:01 - 03715248 ____A (Speedchecker Limited                                        ) C:\Users\andrea\Documents\PCSUUpdate.exe
2013-06-03 14:07 - 2013-06-03 14:07 - 00055088 ____A C:\Users\andrea\Documents\PCSU_Update.exe
2013-06-03 14:06 - 2013-06-03 14:06 - 02086240 ____A C:\Users\andrea\Desktop\avira-free-antivirus.exe
2013-06-01 16:46 - 2011-07-14 12:23 - 00000000 ____D C:\Users\andrea\AppData\Roaming\vlc
2013-06-01 10:10 - 2008-11-16 16:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-01 10:04 - 2013-06-01 10:04 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-06-01 10:04 - 2013-06-01 10:04 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-05-31 13:52 - 2011-09-19 17:14 - 00000000 ____D C:\Users\andrea\Desktop\Programme
2013-05-31 13:17 - 2013-05-30 14:12 - 00000000 ____D C:\Users\andrea\Desktop\PC Schutz
2013-05-31 13:14 - 2010-11-07 14:02 - 00000000 ____D C:\Users\andrea\Documents\Uni
2013-05-31 13:12 - 2013-05-31 13:11 - 00000000 ____D C:\Users\andrea\Documents\Bafög Uni Osnabrück
2013-05-31 13:09 - 2013-05-31 13:08 - 00000000 ____D C:\Users\andrea\Documents\Band
2013-05-31 13:07 - 2011-09-19 15:55 - 00000000 ____D C:\Users\andrea\Documents\Sportpsychologie
2013-05-31 12:59 - 2009-07-14 21:29 - 00000000 ____D C:\Users\andrea\Documents\Bergsteigen 2009
2013-05-31 12:56 - 2011-01-06 01:53 - 00000000 ____D C:\Users\andrea\Documents\Bücher
2013-05-31 12:55 - 2011-09-19 15:50 - 00000000 ____D C:\Users\andrea\Desktop\Diplomprüfung!
2013-05-31 12:48 - 2011-09-12 19:30 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Skype
2013-05-31 12:48 - 2009-12-19 14:18 - 00000000 ____D C:\ProgramData\Skype
2013-05-31 11:03 - 2010-12-18 16:08 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-05-31 11:03 - 2008-08-31 11:25 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-05-31 10:38 - 2007-04-16 08:23 - 00000000 ____D C:\ProgramData\Symantec
2013-05-31 10:38 - 2007-04-16 08:23 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-05-31 10:36 - 2009-11-04 15:06 - 00008831 ____A C:\ProgramData\LUUnInstall.LiveUpdate
2013-05-31 10:35 - 2007-04-16 08:23 - 00000000 ____D C:\Program Files\Symantec
2013-05-31 10:30 - 2013-05-31 09:39 - 00000862 ____A C:\Windows\System32\InstallUtil.InstallLog
2013-05-31 10:12 - 2008-03-13 10:48 - 00000000 ____D C:\ProgramData\EPSON
2013-05-31 10:11 - 2007-04-16 07:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-05-31 09:49 - 2008-01-17 13:47 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-05-31 09:38 - 2013-05-27 11:47 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-30 14:24 - 2013-05-30 14:24 - 00000000 ____D C:\Users\andrea\AppData\Local\APN
2013-05-30 14:19 - 2013-05-30 14:19 - 00000000 ____D C:\Users\andrea\AppData\Roaming\WinPatrol
2013-05-30 14:09 - 2013-05-30 14:09 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-05-30 10:25 - 2008-01-04 12:24 - 00093464 ____A C:\Users\andrea\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-30 10:22 - 2008-01-17 13:51 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Apple Computer
2013-05-30 10:16 - 2006-11-02 14:47 - 00340040 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-30 09:13 - 2008-11-16 16:34 - 00000000 ____D C:\Program Files\Microsoft Works
2013-05-30 09:13 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-05-30 08:36 - 2013-05-30 08:35 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-05-30 08:36 - 2010-09-25 12:34 - 00000000 ____D C:\ProgramData\Adobe
2013-05-30 08:35 - 2008-01-04 14:40 - 00000000 ____D C:\Users\andrea\AppData\Local\Adobe
2013-05-30 08:35 - 2007-04-16 08:30 - 00000000 ____D C:\Program Files\Adobe
2013-05-29 18:40 - 2013-05-29 18:38 - 00000000 ____D C:\Program Files\QuickTime
2013-05-29 18:36 - 2013-05-29 18:36 - 00000000 ____D C:\Program Files\Bonjour
2013-05-29 18:35 - 2008-01-17 13:47 - 00000000 ____D C:\ProgramData\Apple
2013-05-29 18:34 - 2008-01-04 12:24 - 00000000 ____D C:\users\andrea
2013-05-29 18:30 - 2013-05-29 18:30 - 00477616 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll
2013-05-29 18:30 - 2013-05-29 18:30 - 00162224 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2013-05-29 18:30 - 2013-05-29 18:30 - 00149936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
2013-05-29 18:30 - 2013-05-29 18:30 - 00149936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
2013-05-29 18:30 - 2010-06-26 10:04 - 00473520 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll
2013-05-29 18:30 - 2007-04-16 07:04 - 00000000 ____D C:\Program Files\Java
2013-05-29 18:09 - 2013-05-29 18:09 - 00000000 ____D C:\Users\andrea\AppData\Local\WindowsUpdate
2013-05-29 18:07 - 2013-05-29 18:07 - 00000000 ____D C:\Users\andrea\AppData\Local\Secunia PSI
2013-05-29 18:07 - 2013-05-29 18:07 - 00000000 ____D C:\Program Files\Secunia
2013-05-29 17:48 - 2013-05-29 17:47 - 00001789 ____A C:\DelFix.txt
2013-05-29 17:47 - 2013-05-27 17:50 - 00000000 ____D C:\Windows\ERUNT
2013-05-29 16:52 - 2006-11-02 12:23 - 00000215 ____A C:\Windows\system.ini
2013-05-29 16:29 - 2013-05-29 16:29 - 00000000 ____D C:\Program Files\FilesFrog Update Checker
2013-05-28 21:24 - 2008-04-24 12:18 - 00000074 ____A C:\Users\andrea\AppData\default.pls
2013-05-27 23:47 - 2010-08-07 20:25 - 00000000 ____D C:\Windows\pss
2013-05-27 17:39 - 2013-05-27 17:39 - 00000130 ____A C:\Windows\DeleteOnReboot.bat
2013-05-27 17:05 - 2006-11-02 13:18 - 00000000 __RHD C:\users\Default
2013-05-27 17:02 - 2013-05-27 16:44 - 00000000 ____D C:\Windows\erdnt
2013-05-27 16:07 - 2012-05-07 20:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-05-27 14:50 - 2013-05-27 14:50 - 00138720 ____A C:\Windows\Minidump\Mini052713-01.dmp
2013-05-27 14:50 - 2008-04-18 02:40 - 00000000 ____D C:\Windows\Minidump
2013-05-27 14:49 - 2009-07-14 12:43 - 00000000 ____D C:\Users\Public\Documents\Symantec
2013-05-27 14:49 - 2008-04-18 02:39 - 268499548 ____A C:\Windows\MEMORY.DMP
2013-05-27 10:53 - 2013-05-27 10:53 - 00000000 ____D C:\Program Files\7-Zip
2013-05-27 10:52 - 2013-05-27 10:51 - 00000000 ____D C:\Windows\System32\jmdp
2013-05-27 10:51 - 2013-05-27 10:51 - 00000000 ____D C:\Windows\System32\ARFC
2013-05-18 11:05 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2013-05-18 10:40 - 2013-05-18 10:40 - 00000000 ____D C:\Users\andrea\AppData\Roaming\Malwarebytes
2013-05-18 10:39 - 2013-05-18 10:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-17 19:18 - 2008-01-15 13:33 - 00000392 ____A C:\Windows\Tasks\1-Klick-Wartung.job
2013-05-17 13:40 - 2012-04-24 17:32 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-05-17 13:40 - 2011-10-08 13:51 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-05-16 14:30 - 2013-05-27 10:51 - 00028160 ____A C:\Windows\System32\ImHttpComm.dll
2013-05-16 14:02 - 2013-05-27 10:51 - 00632656 ____A (Microsoft Corporation) C:\Windows\System32\msvcr80.dll
2013-05-16 14:02 - 2013-05-27 10:51 - 00554832 ____A (Microsoft Corporation) C:\Windows\System32\msvcp80.dll
2013-05-16 14:02 - 2013-05-27 10:51 - 00479232 ____A (Microsoft Corporation) C:\Windows\System32\msvcm80.dll
2013-05-16 14:02 - 2013-05-27 10:51 - 00001870 ____A C:\Windows\System32\Microsoft.VC80.CRT.manifest
2013-05-16 14:02 - 2011-02-19 23:03 - 00421200 ____A (Microsoft Corporation) C:\Windows\System32\msvcp100.dll
2013-05-16 14:02 - 2011-02-19 00:40 - 00773968 ____A (Microsoft Corporation) C:\Windows\System32\msvcr100.dll
2013-05-13 17:43 - 2008-11-16 16:36 - 00002637 ____A C:\Users\andrea\Desktop\Microsoft Office Word 2007.lnk

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-06-10 10:12

==================== End Of Log ============================

--- --- ---

Soeben hat er mir den Trojaner wieder angezeigt in Laufwerk E

schrauber · 10.06.2013, 14:50

Daten die DU unbedingt brauchst runter von E, extern sichern, E formatieren.

Ändria · 10.06.2013, 18:43

alles klar. hab ich gemacht!

schrauber · 10.06.2013, 19:29

Wenn Avira jetzt immer noch was auf E findet rast ich aus

Ändria · 12.06.2013, 15:52

So, habe vorgestern formatiert und auf E ist nichs mehr drauf. Heute Rechner angemacht und er zeigt schon wieder das gleiche an: Trojaner auf E. :-(((((!!!!

schrauber · 12.06.2013, 19:35

Du willst mich verkacken oder?

Schmeiss Avira weg, deinstallieren, avast free installieren, scannen.

Ändria · 13.06.2013, 09:27

Ne, leider nicht. Ich schaffs erst morgen wieder an den Rechner u deinstalliere dann avira.
Ich meld mich dann die Tage nochmal.
Also, wenn Avira mir die ganze Zeit scheiß angezeigt hat, war die ganze Sache hier voll umsonst ;-). Naja, aber besser als n Virus :-).

schrauber · 13.06.2013, 11:06

Naja, zumindest bei Laufwerk E erzählt Avira Schmarn

Ändria · 15.06.2013, 11:16

Hey,
ich versuche avira (antivirpersonaledition) zu deinstallieren. Das funktioniert nicht. Der zeigt dann an dass er die Master Ressource datei nicht laden kann.
Weißt du was ich machen kann?

schrauber · 15.06.2013, 14:29

Revo Uninstaller Pro - Uninstall Software, Remove Programs easily, Forced Uninstall, Leftovers Uninstaller

Benutz Revo, die Trial Version

08.06.2013, 20:47	#63
schrauber /// the machine /// TB-Ausbilder	Trojaner TR/Crypt.XPACK.Gen3 auf Laptop, wie entfernen? Ehm, wo ist der Fix? Hast den gemacht? Gab es ein Fixlog? __________________ __________________

10.06.2013, 14:50	#67
schrauber /// the machine /// TB-Ausbilder	Trojaner TR/Crypt.XPACK.Gen3 auf Laptop, wie entfernen? Daten die DU unbedingt brauchst runter von E, extern sichern, E formatieren. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

10.06.2013, 19:29	#69
schrauber /// the machine /// TB-Ausbilder	Trojaner TR/Crypt.XPACK.Gen3 auf Laptop, wie entfernen? Wenn Avira jetzt immer noch was auf E findet rast ich aus __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

12.06.2013, 19:35	#71
schrauber /// the machine /// TB-Ausbilder	Trojaner TR/Crypt.XPACK.Gen3 auf Laptop, wie entfernen? Du willst mich verkacken oder? Schmeiss Avira weg, deinstallieren, avast free installieren, scannen. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

13.06.2013, 11:06	#73
schrauber /// the machine /// TB-Ausbilder	Trojaner TR/Crypt.XPACK.Gen3 auf Laptop, wie entfernen? Naja, zumindest bei Laufwerk E erzählt Avira Schmarn __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Trojaner TR/Crypt.XPACK.Gen3 auf Laptop, wie entfernen?

Log-Analyse und Auswertung: Trojaner TR/Crypt.XPACK.Gen3 auf Laptop, wie entfernen?