| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 8 - Fund: tr/crypt.xpack.genWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
05.12.2013, 19:22
| #1 |
| |  Windows 8 - Fund: tr/crypt.xpack.gen Hallo Trojaner-Board, gestern meldete Avira Antivirus den Trojaner "tr/crypt.xpack.gen" auf meinem ca. 4 Wochen alten Rechner, was mich sehr beunruhigt. Ich habe den Trojaner mit Avira in Quarantäne verschoben. Ich bin nicht sicher, ob es sich eventuell um einen Fehlalarm handelt, da es sich bei der infizierten Datei um ein vorinstalliertes Programm von Intel handelt. Antivirus Log mit Fund Code:
ATTFilter Avira Free Antivirus
Report file date: Mittwoch, 4. Dezember 2013 21:28
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 8.1
Windows version : (plain) [6.2.9200]
Boot mode : Normally booted
Username : SYSTEM
Computer name : BAKA
Version information:
BUILD.DAT : 14.0.1.749 55392 Bytes 22.11.2013 12:01:00
AVSCAN.EXE : 14.0.1.645 1030712 Bytes 31.10.2013 18:25:19
AVSCANRC.DLL : 14.0.1.641 52280 Bytes 31.10.2013 18:25:19
LUKE.DLL : 14.0.1.641 65080 Bytes 31.10.2013 18:25:40
AVSCPLR.DLL : 14.0.1.641 124472 Bytes 31.10.2013 18:25:19
AVREG.DLL : 14.0.1.641 250424 Bytes 31.10.2013 18:25:19
avlode.dll : 14.0.1.681 517176 Bytes 31.10.2013 18:25:19
avlode.rdf : 13.0.1.48 27867 Bytes 16.11.2013 21:17:22
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 18:25:41
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 18:25:41
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 18:25:41
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 18:25:41
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 18:25:41
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 18:25:41
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24.09.2013 18:25:41
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28.11.2013 12:49:20
VBASE008.VDF : 7.11.116.39 2048 Bytes 28.11.2013 12:49:20
VBASE009.VDF : 7.11.116.40 2048 Bytes 28.11.2013 12:49:20
VBASE010.VDF : 7.11.116.41 2048 Bytes 28.11.2013 12:49:20
VBASE011.VDF : 7.11.116.42 2048 Bytes 28.11.2013 12:49:20
VBASE012.VDF : 7.11.116.43 2048 Bytes 28.11.2013 12:49:20
VBASE013.VDF : 7.11.116.44 2048 Bytes 28.11.2013 12:49:20
VBASE014.VDF : 7.11.116.195 149504 Bytes 30.11.2013 12:49:20
VBASE015.VDF : 7.11.117.180 271872 Bytes 04.12.2013 20:25:32
VBASE016.VDF : 7.11.117.181 2048 Bytes 04.12.2013 20:25:32
VBASE017.VDF : 7.11.117.182 2048 Bytes 04.12.2013 20:25:33
VBASE018.VDF : 7.11.117.183 2048 Bytes 04.12.2013 20:25:33
VBASE019.VDF : 7.11.117.184 2048 Bytes 04.12.2013 20:25:34
VBASE020.VDF : 7.11.117.185 2048 Bytes 04.12.2013 20:25:36
VBASE021.VDF : 7.11.117.186 2048 Bytes 04.12.2013 20:25:36
VBASE022.VDF : 7.11.117.187 2048 Bytes 04.12.2013 20:25:36
VBASE023.VDF : 7.11.117.188 2048 Bytes 04.12.2013 20:25:36
VBASE024.VDF : 7.11.117.189 2048 Bytes 04.12.2013 20:25:36
VBASE025.VDF : 7.11.117.190 2048 Bytes 04.12.2013 20:25:36
VBASE026.VDF : 7.11.117.191 2048 Bytes 04.12.2013 20:25:37
VBASE027.VDF : 7.11.117.192 2048 Bytes 04.12.2013 20:25:37
VBASE028.VDF : 7.11.117.193 2048 Bytes 04.12.2013 20:25:37
VBASE029.VDF : 7.11.117.194 2048 Bytes 04.12.2013 20:25:37
VBASE030.VDF : 7.11.117.195 2048 Bytes 04.12.2013 20:25:37
VBASE031.VDF : 7.11.117.230 145408 Bytes 04.12.2013 20:25:38
Engine version : 8.2.12.158
AEVDF.DLL : 8.1.3.4 102774 Bytes 31.10.2013 18:25:18
AESCRIPT.DLL : 8.1.4.172 520574 Bytes 03.12.2013 19:13:00
AESCN.DLL : 8.1.10.4 131446 Bytes 31.10.2013 18:25:18
AESBX.DLL : 8.2.16.26 1245560 Bytes 31.10.2013 18:25:18
AERDL.DLL : 8.2.0.138 704888 Bytes 03.12.2013 19:12:59
AEPACK.DLL : 8.3.3.6 762232 Bytes 03.12.2013 19:12:59
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 31.10.2013 18:25:18
AEHEUR.DLL : 8.1.4.790 6328698 Bytes 03.12.2013 19:12:58
AEHELP.DLL : 8.1.27.10 266618 Bytes 23.11.2013 12:01:45
AEGEN.DLL : 8.1.7.20 446839 Bytes 16.11.2013 21:17:17
AEEXP.DLL : 8.4.1.114 381304 Bytes 23.11.2013 12:01:47
AEEMU.DLL : 8.1.3.2 393587 Bytes 31.10.2013 18:25:18
AECORE.DLL : 8.1.32.2 201081 Bytes 16.11.2013 21:17:16
AEBB.DLL : 8.1.1.4 53619 Bytes 31.10.2013 18:25:18
AVWINLL.DLL : 14.0.1.641 23608 Bytes 31.10.2013 18:25:19
AVPREF.DLL : 14.0.1.641 48696 Bytes 31.10.2013 18:25:19
AVREP.DLL : 14.0.1.641 175672 Bytes 31.10.2013 18:25:19
AVARKT.DLL : 14.0.1.641 257080 Bytes 31.10.2013 18:25:18
AVEVTLOG.DLL : 14.0.1.641 165944 Bytes 31.10.2013 18:25:18
SQLITE3.DLL : 3.7.0.1 394808 Bytes 31.10.2013 18:25:40
AVSMTP.DLL : 14.0.1.641 60472 Bytes 31.10.2013 18:25:19
NETNT.DLL : 14.0.1.641 13368 Bytes 31.10.2013 18:25:40
RCIMAGE.DLL : 14.0.1.641 4788792 Bytes 31.10.2013 18:25:40
RCTEXT.DLL : 14.0.1.641 66616 Bytes 31.10.2013 18:25:40
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: Mittwoch, 4. Dezember 2013 21:28
Start scanning boot sectors:
Boot sector 'HDD0(C:, D:)'
[INFO] No virus was found!
Starting search for hidden objects.
Error in ARK library
The scan of running processes will be started:
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'svchost.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '78' Module(s) have been scanned
Scan process 'svchost.exe' - '157' Module(s) have been scanned
Scan process 'svchost.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '106' Module(s) have been scanned
Scan process 'dwm.exe' - '39' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '70' Module(s) have been scanned
Scan process 'ASLDRSrv.exe' - '25' Module(s) have been scanned
Scan process 'WLANExt.exe' - '78' Module(s) have been scanned
Scan process 'conhost.exe' - '12' Module(s) have been scanned
Scan process 'GFNEXSrv.exe' - '15' Module(s) have been scanned
Scan process 'spoolsv.exe' - '69' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'sched.exe' - '58' Module(s) have been scanned
Scan process 'svchost.exe' - '77' Module(s) have been scanned
Scan process 'avguard.exe' - '99' Module(s) have been scanned
Scan process 'InsOnSrv.exe' - '36' Module(s) have been scanned
Scan process 'AsusWSWinService.exe' - '54' Module(s) have been scanned
Scan process 'DptfParticipantProcessorService.exe' - '17' Module(s) have been scanned
Scan process 'DptfPolicyConfigTDPService.exe' - '17' Module(s) have been scanned
Scan process 'DptfPolicyCriticalService.exe' - '17' Module(s) have been scanned
Scan process 'DptfPolicyLpmService.exe' - '17' Module(s) have been scanned
Scan process 'dashost.exe' - '48' Module(s) have been scanned
Scan process 'EvtEng.exe' - '62' Module(s) have been scanned
Scan process 'HeciServer.exe' - '26' Module(s) have been scanned
Scan process 'ibtrksrv.exe' - '29' Module(s) have been scanned
Scan process 'iSCTAgent.exe' - '89' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '37' Module(s) have been scanned
Scan process 'ZeroConfigService.exe' - '75' Module(s) have been scanned
Scan process 'BrcmSetSecurity.exe' - '50' Module(s) have been scanned
Scan process 'unsecapp.exe' - '23' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '50' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'HControl.exe' - '43' Module(s) have been scanned
Scan process 'InsOnWMI.exe' - '49' Module(s) have been scanned
Scan process 'taskhostex.exe' - '47' Module(s) have been scanned
Scan process 'ColorUService.exe' - '54' Module(s) have been scanned
Scan process 'AsPatchTouchPanel64.exe' - '26' Module(s) have been scanned
Scan process 'BatteryLife.exe' - '48' Module(s) have been scanned
Scan process 'USBChargerPlus.exe' - '42' Module(s) have been scanned
Scan process 'ACMON.exe' - '53' Module(s) have been scanned
Scan process 'Explorer.EXE' - '213' Module(s) have been scanned
Scan process 'KBFiltr.exe' - '23' Module(s) have been scanned
Scan process 'JpnIME.exe' - '29' Module(s) have been scanned
Scan process 'LiveComm.exe' - '110' Module(s) have been scanned
Scan process 'wwahost.exe' - '85' Module(s) have been scanned
Scan process 'AsusTPLoader.exe' - '41' Module(s) have been scanned
Scan process 'QuickGesture64.exe' - '31' Module(s) have been scanned
Scan process 'QuickGesture.exe' - '36' Module(s) have been scanned
Scan process 'TabTip.exe' - '50' Module(s) have been scanned
Scan process 'TabTip32.exe' - '21' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '73' Module(s) have been scanned
Scan process 'svchost.exe' - '26' Module(s) have been scanned
Scan process 'AsusTPCenter.exe' - '69' Module(s) have been scanned
Scan process 'skydrive.exe' - '90' Module(s) have been scanned
Scan process 'ATKOSD2.exe' - '38' Module(s) have been scanned
Scan process 'DMedia.exe' - '37' Module(s) have been scanned
Scan process 'wwahost.exe' - '76' Module(s) have been scanned
Scan process 'AsusTPHelper.exe' - '19' Module(s) have been scanned
Scan process 'igfxpers.exe' - '34' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '34' Module(s) have been scanned
Scan process 'SettingSyncHost.exe' - '93' Module(s) have been scanned
Scan process 'RuntimeBroker.exe' - '71' Module(s) have been scanned
Scan process 'DptfPolicyLpmServiceHelper.exe' - '19' Module(s) have been scanned
Scan process 'igfxtray.exe' - '33' Module(s) have been scanned
Scan process 'hkcmd.exe' - '31' Module(s) have been scanned
Scan process 'RAVCpl64.exe' - '45' Module(s) have been scanned
Scan process 'RAVBg64.exe' - '51' Module(s) have been scanned
Scan process 'rundll32.exe' - '53' Module(s) have been scanned
Scan process 'sidebar.exe' - '84' Module(s) have been scanned
Scan process 'avgnt.exe' - '94' Module(s) have been scanned
Scan process 'devmonsrv.exe' - '41' Module(s) have been scanned
Scan process 'obexsrv.exe' - '40' Module(s) have been scanned
Scan process 'avcenter.exe' - '106' Module(s) have been scanned
Scan process 'BTHSAmpPalService.exe' - '15' Module(s) have been scanned
Scan process 'BTHSSecurityMgr.exe' - '40' Module(s) have been scanned
Scan process 'IntelMeFWService.exe' - '22' Module(s) have been scanned
Scan process 'jhi_service.exe' - '28' Module(s) have been scanned
Scan process 'LMS.exe' - '59' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '76' Module(s) have been scanned
Scan process 'avscan.exe' - '108' Module(s) have been scanned
Scan process 'WMIADAP.EXE' - '26' Module(s) have been scanned
Scan process 'firefox.exe' - '102' Module(s) have been scanned
Scan process 'vssvc.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '41' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '26' Module(s) have been scanned
Scan process 'wininit.exe' - '15' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'winlogon.exe' - '33' Module(s) have been scanned
Starting to scan executable files (registry):
The registry was scanned ( '957' files ).
Starting the file scan:
Begin scan in 'C:\' <OS>
C:\swapfile.sys
[WARNING] The file could not be opened!
C:\eSupport\eDriver\Software\Others\Intel\IRST\Vista64_Win7_64_Win8_64_12.7.0.1036\rstcli.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
Begin scan in 'D:\' <DATA>
Beginning disinfection:
C:\eSupport\eDriver\Software\Others\Intel\IRST\Vista64_Win7_64_Win8_64_12.7.0.1036\rstcli.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '540a099b.qua'!
End of the scan: Mittwoch, 4. Dezember 2013 22:51
Used time: 52:59 Minute(s)
The scan has been done completely.
33357 Scanned directories
1025496 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
1025494 Files not concerned
5545 Archives were scanned
1 Warnings
1 Notes
97 Objects were scanned with rootkit scan
0 Hidden objects were found
Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.12.04.09 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16438 BABA :: BAKA [Administrator] 04.12.2013 22:58:41 MBAM-log-2013-12-04 (23-01-21).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 225463 Laufzeit: 2 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Users\BABA\AppData\Local\Temp\AskPIP_FF_.exe (PUP.Optional.Spigot.A) -> Keine Aktion durchgeführt. C:\Users\BABA\Downloads\SoftonicDownloader_fuer_format-factory.exe (PUP.Optional.Softonic.A) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.12.04.09 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16438 BABA :: BAKA [Administrator] 04.12.2013 23:07:30 mbam-log-2013-12-04 (23-07-30).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 352490 Laufzeit: 12 Minute(n), 35 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Avira Free Antivirus
Report file date: Donnerstag, 5. Dezember 2013 18:19
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 8.1
Windows version : (plain) [6.2.9200]
Boot mode : Normally booted
Username : SYSTEM
Computer name : BAKA
Version information:
BUILD.DAT : 14.0.1.759 55393 Bytes 26.11.2013 12:19:00
AVSCAN.EXE : 14.0.1.645 1030712 Bytes 31.10.2013 18:25:19
AVSCANRC.DLL : 14.0.1.641 52280 Bytes 31.10.2013 18:25:19
LUKE.DLL : 14.0.1.641 65080 Bytes 31.10.2013 18:25:40
AVSCPLR.DLL : 14.0.1.641 124472 Bytes 31.10.2013 18:25:19
AVREG.DLL : 14.0.1.641 250424 Bytes 31.10.2013 18:25:19
avlode.dll : 14.0.1.681 517176 Bytes 31.10.2013 18:25:19
avlode.rdf : 13.0.1.48 27867 Bytes 16.11.2013 21:17:22
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 18:25:41
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 18:25:41
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 18:25:41
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 18:25:41
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 18:25:41
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 18:25:41
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24.09.2013 18:25:41
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28.11.2013 12:49:20
VBASE008.VDF : 7.11.116.39 2048 Bytes 28.11.2013 12:49:20
VBASE009.VDF : 7.11.116.40 2048 Bytes 28.11.2013 12:49:20
VBASE010.VDF : 7.11.116.41 2048 Bytes 28.11.2013 12:49:20
VBASE011.VDF : 7.11.116.42 2048 Bytes 28.11.2013 12:49:20
VBASE012.VDF : 7.11.116.43 2048 Bytes 28.11.2013 12:49:20
VBASE013.VDF : 7.11.116.44 2048 Bytes 28.11.2013 12:49:20
VBASE014.VDF : 7.11.116.195 149504 Bytes 30.11.2013 12:49:20
VBASE015.VDF : 7.11.117.180 271872 Bytes 04.12.2013 20:25:32
VBASE016.VDF : 7.11.117.181 2048 Bytes 04.12.2013 20:25:32
VBASE017.VDF : 7.11.117.182 2048 Bytes 04.12.2013 20:25:33
VBASE018.VDF : 7.11.117.183 2048 Bytes 04.12.2013 20:25:33
VBASE019.VDF : 7.11.117.184 2048 Bytes 04.12.2013 20:25:34
VBASE020.VDF : 7.11.117.185 2048 Bytes 04.12.2013 20:25:36
VBASE021.VDF : 7.11.117.186 2048 Bytes 04.12.2013 20:25:36
VBASE022.VDF : 7.11.117.187 2048 Bytes 04.12.2013 20:25:36
VBASE023.VDF : 7.11.117.188 2048 Bytes 04.12.2013 20:25:36
VBASE024.VDF : 7.11.117.189 2048 Bytes 04.12.2013 20:25:36
VBASE025.VDF : 7.11.117.190 2048 Bytes 04.12.2013 20:25:36
VBASE026.VDF : 7.11.117.191 2048 Bytes 04.12.2013 20:25:37
VBASE027.VDF : 7.11.117.192 2048 Bytes 04.12.2013 20:25:37
VBASE028.VDF : 7.11.117.193 2048 Bytes 04.12.2013 20:25:37
VBASE029.VDF : 7.11.117.194 2048 Bytes 04.12.2013 20:25:37
VBASE030.VDF : 7.11.117.195 2048 Bytes 04.12.2013 20:25:37
VBASE031.VDF : 7.11.117.248 186880 Bytes 05.12.2013 17:16:49
Engine version : 8.2.12.158
AEVDF.DLL : 8.1.3.4 102774 Bytes 31.10.2013 18:25:18
AESCRIPT.DLL : 8.1.4.172 520574 Bytes 03.12.2013 19:13:00
AESCN.DLL : 8.1.10.4 131446 Bytes 31.10.2013 18:25:18
AESBX.DLL : 8.2.16.26 1245560 Bytes 31.10.2013 18:25:18
AERDL.DLL : 8.2.0.138 704888 Bytes 03.12.2013 19:12:59
AEPACK.DLL : 8.3.3.6 762232 Bytes 03.12.2013 19:12:59
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 31.10.2013 18:25:18
AEHEUR.DLL : 8.1.4.790 6328698 Bytes 03.12.2013 19:12:58
AEHELP.DLL : 8.1.27.10 266618 Bytes 23.11.2013 12:01:45
AEGEN.DLL : 8.1.7.20 446839 Bytes 16.11.2013 21:17:17
AEEXP.DLL : 8.4.1.114 381304 Bytes 23.11.2013 12:01:47
AEEMU.DLL : 8.1.3.2 393587 Bytes 31.10.2013 18:25:18
AECORE.DLL : 8.1.32.2 201081 Bytes 16.11.2013 21:17:16
AEBB.DLL : 8.1.1.4 53619 Bytes 31.10.2013 18:25:18
AVWINLL.DLL : 14.0.1.641 23608 Bytes 31.10.2013 18:25:19
AVPREF.DLL : 14.0.1.641 48696 Bytes 31.10.2013 18:25:19
AVREP.DLL : 14.0.1.641 175672 Bytes 31.10.2013 18:25:19
AVARKT.DLL : 14.0.1.641 257080 Bytes 31.10.2013 18:25:18
AVEVTLOG.DLL : 14.0.1.641 165944 Bytes 31.10.2013 18:25:18
SQLITE3.DLL : 3.7.0.1 394808 Bytes 31.10.2013 18:25:40
AVSMTP.DLL : 14.0.1.641 60472 Bytes 31.10.2013 18:25:19
NETNT.DLL : 14.0.1.641 13368 Bytes 31.10.2013 18:25:40
RCIMAGE.DLL : 14.0.1.641 4788792 Bytes 31.10.2013 18:25:40
RCTEXT.DLL : 14.0.1.641 66616 Bytes 31.10.2013 18:25:40
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: Donnerstag, 5. Dezember 2013 18:19
Start scanning boot sectors:
Boot sector 'HDD0(C:, D:)'
[INFO] No virus was found!
Starting search for hidden objects.
Error in ARK library
The scan of running processes will be started:
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'svchost.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '86' Module(s) have been scanned
Scan process 'dwm.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '188' Module(s) have been scanned
Scan process 'svchost.exe' - '51' Module(s) have been scanned
Scan process 'svchost.exe' - '104' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '74' Module(s) have been scanned
Scan process 'ASLDRSrv.exe' - '25' Module(s) have been scanned
Scan process 'WLANExt.exe' - '78' Module(s) have been scanned
Scan process 'conhost.exe' - '12' Module(s) have been scanned
Scan process 'GFNEXSrv.exe' - '15' Module(s) have been scanned
Scan process 'spoolsv.exe' - '69' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '80' Module(s) have been scanned
Scan process 'InsOnSrv.exe' - '36' Module(s) have been scanned
Scan process 'AsusWSWinService.exe' - '54' Module(s) have been scanned
Scan process 'DptfParticipantProcessorService.exe' - '17' Module(s) have been scanned
Scan process 'dashost.exe' - '48' Module(s) have been scanned
Scan process 'DptfPolicyConfigTDPService.exe' - '17' Module(s) have been scanned
Scan process 'DptfPolicyCriticalService.exe' - '17' Module(s) have been scanned
Scan process 'DptfPolicyLpmService.exe' - '17' Module(s) have been scanned
Scan process 'EvtEng.exe' - '62' Module(s) have been scanned
Scan process 'HeciServer.exe' - '26' Module(s) have been scanned
Scan process 'ibtrksrv.exe' - '29' Module(s) have been scanned
Scan process 'iSCTAgent.exe' - '93' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '37' Module(s) have been scanned
Scan process 'ZeroConfigService.exe' - '75' Module(s) have been scanned
Scan process 'BrcmSetSecurity.exe' - '50' Module(s) have been scanned
Scan process 'unsecapp.exe' - '23' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '49' Module(s) have been scanned
Scan process 'HControl.exe' - '43' Module(s) have been scanned
Scan process 'InsOnWMI.exe' - '49' Module(s) have been scanned
Scan process 'BatteryLife.exe' - '48' Module(s) have been scanned
Scan process 'taskhostex.exe' - '55' Module(s) have been scanned
Scan process 'ACMON.exe' - '53' Module(s) have been scanned
Scan process 'ColorUService.exe' - '54' Module(s) have been scanned
Scan process 'AsPatchTouchPanel64.exe' - '27' Module(s) have been scanned
Scan process 'KBFiltr.exe' - '23' Module(s) have been scanned
Scan process 'Explorer.EXE' - '221' Module(s) have been scanned
Scan process 'JpnIME.exe' - '30' Module(s) have been scanned
Scan process 'AsusTPLoader.exe' - '41' Module(s) have been scanned
Scan process 'QuickGesture64.exe' - '31' Module(s) have been scanned
Scan process 'QuickGesture.exe' - '36' Module(s) have been scanned
Scan process 'igfxpers.exe' - '34' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '26' Module(s) have been scanned
Scan process 'ATKOSD2.exe' - '40' Module(s) have been scanned
Scan process 'DMedia.exe' - '37' Module(s) have been scanned
Scan process 'SettingSyncHost.exe' - '91' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '72' Module(s) have been scanned
Scan process 'skydrive.exe' - '89' Module(s) have been scanned
Scan process 'AsusTPHelper.exe' - '19' Module(s) have been scanned
Scan process 'RuntimeBroker.exe' - '72' Module(s) have been scanned
Scan process 'DptfPolicyLpmServiceHelper.exe' - '19' Module(s) have been scanned
Scan process 'igfxtray.exe' - '33' Module(s) have been scanned
Scan process 'hkcmd.exe' - '31' Module(s) have been scanned
Scan process 'RAVCpl64.exe' - '45' Module(s) have been scanned
Scan process 'RAVBg64.exe' - '51' Module(s) have been scanned
Scan process 'rundll32.exe' - '53' Module(s) have been scanned
Scan process 'sidebar.exe' - '90' Module(s) have been scanned
Scan process 'devmonsrv.exe' - '41' Module(s) have been scanned
Scan process 'obexsrv.exe' - '40' Module(s) have been scanned
Scan process 'BTHSAmpPalService.exe' - '15' Module(s) have been scanned
Scan process 'BTHSSecurityMgr.exe' - '40' Module(s) have been scanned
Scan process 'IntelMeFWService.exe' - '22' Module(s) have been scanned
Scan process 'jhi_service.exe' - '28' Module(s) have been scanned
Scan process 'LMS.exe' - '59' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '78' Module(s) have been scanned
Scan process 'LiveComm.exe' - '114' Module(s) have been scanned
Scan process 'TabTip.exe' - '51' Module(s) have been scanned
Scan process 'TabTip32.exe' - '22' Module(s) have been scanned
Scan process 'firefox.exe' - '120' Module(s) have been scanned
Scan process 'LiveUpdate.exe' - '105' Module(s) have been scanned
Scan process 'wwahost.exe' - '109' Module(s) have been scanned
Scan process 'glcnd.exe' - '75' Module(s) have been scanned
Scan process 'AsusTPCenter.exe' - '46' Module(s) have been scanned
Scan process 'sched.exe' - '58' Module(s) have been scanned
Scan process 'avguard.exe' - '99' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'avgnt.exe' - '95' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '54' Module(s) have been scanned
Scan process 'avcenter.exe' - '93' Module(s) have been scanned
Scan process 'avscan.exe' - '108' Module(s) have been scanned
Scan process 'vssvc.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '31' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '26' Module(s) have been scanned
Scan process 'wininit.exe' - '15' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'winlogon.exe' - '36' Module(s) have been scanned
Starting to scan executable files (registry):
The registry was scanned ( '957' files ).
Starting the file scan:
Begin scan in 'C:\' <OS>
C:\swapfile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <DATA>
End of the scan: Donnerstag, 5. Dezember 2013 19:20
Used time: 1:00:05 Hour(s)
The scan has been done completely.
33403 Scanned directories
1028133 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
1028132 Files not concerned
5643 Archives were scanned
1 Warnings
0 Notes
98 Objects were scanned with rootkit scan
0 Hidden objects were found
Was soll ich mit den Dateien in Quarantäne tun? Danke im Voraus! Geändert von NegaNo (05.12.2013 um 19:24 Uhr) Grund: typo |
| Themen zu Windows 8 - Fund: tr/crypt.xpack.gen |
| administrator, antivirus, autostart, avira, dateien, desktop, explorer.exe, fehlalarm, file, hdd0(c:, infizierte, livecomm.exe, log, lsass.exe, malwarebytes, programm, rundll, service.exe, software, svchost.exe, temp, tr/crypt.xpack.ge, tr/crypt.xpack.gen, vista, warning, windows, winlogon.exe, wmp |
Baum-Darstellung