Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
tr/agent.83648 und andere wie TR/Crypt gefunden

tr/agent.83648 und andere wie TR/Crypt gefunden


Plagegeister aller Art und deren Bekämpfung: tr/agent.83648 und andere wie TR/Crypt gefunden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 14.10.2014, 13:58   #16
schrauber
/// the machine
/// TB-Ausbilder
 
tr/agent.83648 und andere wie TR/Crypt gefunden - Standard

tr/agent.83648 und andere wie TR/Crypt gefunden


Schau mal hier:

Wie kann ich den Ordner "Windows.old" entfernen?


Dann bitte ein frisches FRST logfile.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.10.2014, 14:14   #17
123_Benutzer
 
tr/agent.83648 und andere wie TR/Crypt gefunden - Standard

tr/agent.83648 und andere wie TR/Crypt gefunden


Habe alles genau so gemacht wie es beschrieben wurde und die windows.old Ordner sind immer noch da ! (kann sie auch immer noch nicht löschen)

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Tim (administrator) on TIM-PC on 14-10-2014 15:06:08
Running from C:\Users\Tim\Desktop
Loaded Profile: Tim (Available profiles: Tim)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Tim\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Tim\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(Akamai Technologies, Inc.) C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Akamai Technologies, Inc.) C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Users\Tim\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tim\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tim\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tim\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tim\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-55065230-3091527404-1719944264-1000\...\Run: [Amazon Cloud Player] => C:\Users\Tim\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-55065230-3091527404-1719944264-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938112 2014-09-23] (Valve Corporation)
HKU\S-1-5-21-55065230-3091527404-1719944264-1000\...\Run: [Spotify] => C:\Users\Tim\AppData\Roaming\Spotify\Spotify.exe [6553144 2014-10-02] (Spotify Ltd)
HKU\S-1-5-21-55065230-3091527404-1719944264-1000\...\Run: [Spotify Web Helper] => C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-02] (Spotify Ltd)
HKU\S-1-5-21-55065230-3091527404-1719944264-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-55065230-3091527404-1719944264-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x41EE424A6361CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=103&systemid=473&v=a10918-135&apn_uid=3558326840134419&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\l1k9i5ge.default
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p14_serp_ff_de_display?ie=UTF8&tagbase=bds-p14&tag=bds-p14-serp-de-ff-21&tbrId=v1_abb-channel-14_824b8ec2eec444daa4e1bb35160161a6_16_37_20130721_DE_ff_ab_&query=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: LyricsFolder - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\l1k9i5ge.default\Extensions\116 [2013-06-21]
FF Extension: LyricsWoofer - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\l1k9i5ge.default\Extensions\122 [2013-07-15]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\l1k9i5ge.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-06-17]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [{c052547f-f958-4865-852b-1a05276bead4}] - C:\Program Files (x86)\LyricsFolder\130.xpi
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\l1k9i5ge.default\extensions\abb@amazon.com [Not Found]
FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\l1k9i5ge.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [Not Found]
FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\l1k9i5ge.default\extensions\snt@dotlabs.co.xpi [Not Found]
FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\l1k9i5ge.default\extensions\om@offermosquito.com.xpi [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-02-05]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [lmgddjncmooacfihfmikfohkldcjjgml] - C:\Program Files (x86)\LyricsFolder\130.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-01-24] (Perfect World Entertainment Inc)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-11-05] () [File not signed]
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4868640 2013-08-25] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-14] ()
R2 Realtek11nSU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8228240 2012-09-19] (Realtek Semiconductor Corp.)
S1 ajycpdri; \??\C:\Windows\system32\drivers\ajycpdri.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 ddddhjup; \??\C:\Windows\system32\drivers\ddddhjup.sys [X]
S3 dump_wmimmc; \??\C:\Program Files\Gpotato\Flyff\GameGuard\dump_wmimmc.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 15:06 - 2014-10-14 15:06 - 00018367 _____ () C:\Users\Tim\Desktop\FRST.txt
2014-10-13 22:54 - 2014-10-13 22:54 - 00000000 ____D () C:\Users\Tim\Desktop\FRST-OlderVersion
2014-10-12 14:30 - 2014-10-13 22:54 - 02110464 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe
2014-10-12 01:09 - 2014-10-12 01:09 - 00000219 _____ () C:\Users\Tim\Desktop\Team Fortress 2.url
2014-10-10 22:32 - 2014-10-10 22:31 - 00854417 _____ () C:\Users\Tim\Desktop\SecurityCheck.exe
2014-10-10 22:31 - 2014-10-10 22:31 - 00854417 _____ () C:\Users\Tim\Downloads\SecurityCheck.exe
2014-10-10 14:02 - 2014-10-10 14:02 - 02347384 _____ (ESET) C:\Users\Tim\Downloads\esetsmartinstaller_deu.exe
2014-10-09 18:15 - 2014-10-09 18:15 - 06099029 _____ () C:\Users\Tim\Downloads\ScamberZLauncher_1.3.9_Alpha.rar
2014-10-09 17:39 - 2014-10-09 17:39 - 00000000 ____D () C:\Windows\ERUNT
2014-10-09 17:22 - 2014-10-09 17:31 - 00000000 ____D () C:\AdwCleaner
2014-10-09 13:33 - 2014-10-09 13:33 - 01705755 _____ (Thisisu) C:\Users\Tim\Downloads\JRT.exe
2014-10-09 13:00 - 2014-10-09 13:00 - 01375089 _____ () C:\Users\Tim\Downloads\AdwCleaner_3.311.exe
2014-10-09 12:58 - 2014-10-09 13:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-09 12:58 - 2014-10-09 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-09 12:58 - 2014-10-09 12:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-09 12:58 - 2014-10-09 12:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-09 12:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-09 12:58 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-09 12:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-09 12:57 - 2014-10-09 12:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tim\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-08 17:49 - 2014-10-08 17:49 - 00069828 _____ () C:\ComboFix.txt
2014-10-08 17:34 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-08 17:34 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-08 17:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-08 17:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-08 17:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-08 17:34 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-08 17:34 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-08 17:34 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-08 17:31 - 2014-10-08 17:49 - 00000000 ____D () C:\Qoobox
2014-10-08 17:31 - 2014-10-08 17:47 - 00000000 ____D () C:\Windows\erdnt
2014-10-08 17:29 - 2014-10-08 17:29 - 00003254 _____ () C:\Windows\System32\Tasks\{A83988EB-3058-4914-8DF9-0FDF0FCA5B92}
2014-10-08 17:27 - 2014-10-08 17:29 - 05582481 _____ (Swearware) C:\Users\Tim\Downloads\ComboFix.exe
2014-10-08 17:18 - 2014-10-08 17:18 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-08 17:17 - 2014-10-08 17:17 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tim\Downloads\revosetup95.exe
2014-10-07 20:18 - 2014-10-10 22:38 - 00041661 _____ () C:\Users\Tim\Downloads\FRST.txt
2014-10-07 20:18 - 2014-10-07 20:19 - 00038834 _____ () C:\Users\Tim\Downloads\Addition.txt
2014-10-07 20:17 - 2014-10-14 15:06 - 00000000 ____D () C:\FRST
2014-10-07 20:17 - 2014-10-07 20:17 - 02109952 _____ (Farbar) C:\Users\Tim\Downloads\FRST64.exe
2014-10-07 18:12 - 2014-10-07 18:12 - 00000221 _____ () C:\Users\Tim\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url
2014-10-06 18:17 - 2014-10-06 18:17 - 00070352 _____ () C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-06 18:16 - 2014-10-14 14:47 - 00004290 _____ () C:\Windows\setupact.log
2014-10-06 18:16 - 2014-10-11 13:34 - 00149614 _____ () C:\Windows\PFRO.log
2014-10-06 18:16 - 2014-10-06 18:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-05 21:48 - 2014-10-05 21:59 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Wise Disk Cleaner
2014-10-05 21:48 - 2014-10-05 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2014-10-05 21:48 - 2014-10-05 21:48 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-10-05 21:35 - 2014-10-05 21:35 - 00000000 ____D () C:\Users\Tim\Documents\FLiNGTrainer
2014-10-05 19:08 - 2014-10-05 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-04 23:30 - 2014-10-06 22:54 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\OBS
2014-10-04 23:30 - 2014-10-04 23:30 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-10-04 23:30 - 2014-10-04 23:30 - 00000000 ____D () C:\Program Files\OBS
2014-10-04 23:29 - 2014-10-04 23:39 - 00000000 ____D () C:\Users\Tim\Desktop\twitch
2014-10-04 20:34 - 2014-10-04 20:34 - 00000000 ____D () C:\Users\Tim\Documents\WB Games
2014-10-04 15:43 - 2014-10-04 15:43 - 00000222 _____ () C:\Users\Tim\Desktop\Middle-earth Shadow of Mordor.url
2014-09-30 19:18 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:18 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 21:13 - 2014-09-29 21:13 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\StunlockStudios
2014-09-29 21:10 - 2014-09-29 21:10 - 00000000 ____D () C:\Users\Tim\Desktop\hack iss
2014-09-27 12:48 - 2014-09-27 12:48 - 00000222 _____ () C:\Users\Tim\Desktop\Dead Island Epidemic.url
2014-09-24 17:18 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 17:18 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-21 21:20 - 2014-09-21 21:21 - 00000000 ____D () C:\Users\Tim\AppData\Local\Akamai
2014-09-20 17:04 - 2014-09-20 17:04 - 00000222 _____ () C:\Users\Tim\Desktop\Scribblenauts Unmasked.url

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 15:05 - 2014-09-05 15:56 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-14 15:05 - 2014-01-23 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-14 15:05 - 2014-01-23 21:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-14 15:05 - 2013-10-04 16:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-14 15:05 - 2013-06-04 21:51 - 01183478 _____ () C:\Windows\WindowsUpdate.log
2014-10-14 15:04 - 2013-05-05 15:56 - 00000000 ____D () C:\Windows.old.000
2014-10-14 14:56 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-14 14:56 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-14 14:53 - 2014-07-18 22:58 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Spotify
2014-10-14 14:52 - 2013-06-17 18:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-14 14:49 - 2014-07-18 22:58 - 00000000 ____D () C:\Users\Tim\AppData\Local\Spotify
2014-10-14 14:48 - 2014-01-05 13:32 - 00000000 ____D () C:\Users\Tim\AppData\Local\LogMeIn Hamachi
2014-10-14 14:47 - 2013-06-05 15:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-14 14:47 - 2013-06-04 22:42 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-14 14:47 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-13 22:38 - 2013-06-04 22:21 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Skype
2014-10-13 22:31 - 2013-06-04 22:50 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-55065230-3091527404-1719944264-1000UA.job
2014-10-12 22:51 - 2013-08-01 22:17 - 00000000 ____D () C:\ProgramData\Origin
2014-10-12 16:31 - 2013-06-04 22:50 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-55065230-3091527404-1719944264-1000Core.job
2014-10-12 16:09 - 2013-08-01 22:17 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-12 01:09 - 2014-06-14 22:58 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-09 20:03 - 2014-02-02 11:02 - 00000000 ____D () C:\Users\Tim\AppData\Local\Battle.net
2014-10-09 19:34 - 2014-02-02 11:02 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Battle.net
2014-10-09 19:17 - 2014-04-25 23:07 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-09 19:12 - 2014-02-02 11:02 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-09 17:31 - 2013-09-21 20:18 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-10-09 17:31 - 2013-06-05 15:36 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Common
2014-10-09 17:31 - 2013-06-04 22:11 - 00000000 ____D () C:\Users\Tim
2014-10-09 13:34 - 2014-06-08 18:45 - 00000000 ____D () C:\ProgramData\Supersoftware App
2014-10-09 12:58 - 2014-02-18 14:29 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-09 12:58 - 2014-01-23 21:39 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-09 12:58 - 2014-01-23 21:39 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-08 17:44 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-08 17:38 - 2013-06-20 16:10 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-08 17:34 - 2013-06-04 22:59 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-10-05 21:56 - 2014-07-04 21:32 - 00000000 ____D () C:\Users\Tim\Tracing
2014-10-05 21:54 - 2014-02-05 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\GoforFiles
2014-10-05 21:54 - 2013-12-07 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-10-05 21:54 - 2013-11-05 21:03 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-10-05 21:54 - 2013-11-01 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher
2014-10-05 21:54 - 2013-09-09 20:22 - 00000000 ____D () C:\Users\Tim\AppData\Local\CrashDumps
2014-10-05 21:54 - 2013-06-04 22:45 - 00000000 ____D () C:\Windows\Panther
2014-10-05 21:35 - 2014-08-07 23:43 - 00000000 ____D () C:\Users\Tim\Desktop\saveedit_r237
2014-10-05 19:08 - 2014-03-16 01:38 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-10-05 19:08 - 2013-06-04 22:41 - 00000000 ____D () C:\ProgramData\Skype
2014-10-05 19:08 - 2013-05-06 18:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-02 16:36 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-29 21:09 - 2014-06-03 18:40 - 00123392 ___SH () C:\Users\Tim\Desktop\Thumbs.db
2014-09-26 20:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-26 18:35 - 2013-10-29 15:24 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2014-09-26 17:45 - 2014-03-13 15:13 - 00001185 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-09-23 20:52 - 2013-06-17 18:43 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 20:52 - 2013-06-17 18:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 20:52 - 2013-06-17 18:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-21 12:54 - 2014-07-29 22:03 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\.minecraft
2014-09-15 09:06 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Tim\AppData\Local\Temp\avgnt.exe
C:\Users\Tim\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2014-03-23 01:42] - [2011-08-19 17:39] - 2388992 ____A (Microsoft Corporation) 7A688948605A6E4261653E2B4D87F0B2

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-12 13:38

==================== End Of Log ============================
--- --- ---
__________________
Alt 15.10.2014, 09:48   #18
schrauber
/// the machine
/// TB-Ausbilder
 
tr/agent.83648 und andere wie TR/Crypt gefunden - Standard

tr/agent.83648 und andere wie TR/Crypt gefunden


Bitte mal im abgesicherten Modus versuchen den Ordner zu löschen.
__________________
__________________
Alt 15.10.2014, 16:33   #19
123_Benutzer
 
tr/agent.83648 und andere wie TR/Crypt gefunden - Standard

tr/agent.83648 und andere wie TR/Crypt gefunden


Lässt sich immer noch nicht löschen .

Alt 16.10.2014, 12:54   #20
schrauber
/// the machine
/// TB-Ausbilder
 
tr/agent.83648 und andere wie TR/Crypt gefunden - Standard

tr/agent.83648 und andere wie TR/Crypt gefunden


Zeig mir mal bitte einen Screenshot vom Windows.old ordner.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort
Seite 2 von 2 1 2

Themen zu tr/agent.83648 und andere wie TR/Crypt gefunden
adware adware/installcore.gen, fehlercode 0x5, fehlercode 0xc0000005, fehlercode 28, fehlercode windows, pup.optional.amazontb.a, pup.optional.babylon.a, pup.optional.datamangr.a, pup.optional.dealply.a, pup.optional.defaultsearch.a, pup.optional.delta.a, pup.optional.domaiq.a, pup.optional.dynconie.a, pup.optional.iminent.a, pup.optional.linkey.a, pup.optional.moviestoolbar.a, pup.optional.nationzoom.a, pup.optional.qone8, pup.optional.searchprotect, pup.optional.searchprotect.a, pup.optional.snapdo.t, pup.optional.suptab.a, pup.optional.wajam.a, pup.optional.webcake.a, tr/agent.83648, trojaner "tr/bprotector.gen"


« Laptop langsamer und auf jeder Webseite werbung | APPL/Somoto.hzis mit Antivir gefunden »


Ähnliche Themen: tr/agent.83648 und andere wie TR/Crypt gefunden


  1. XP Rechner TR/Agent.83648 Fbar löscht sich nach kopieren!
    Plagegeister aller Art und deren Bekämpfung - 10.11.2014 (9)
  2. TR/Crypt.EPACK.Gen2 bei AVIRA gefunden, aber MALWAREBYTES fand andere Schädlinge
    Plagegeister aller Art und deren Bekämpfung - 03.01.2013 (2)
  3. CRYPT.ZPACK.GEN2, JAVA.Ternub.gen und andere Schädlinge gefunden
    Plagegeister aller Art und deren Bekämpfung - 28.12.2012 (14)
  4. AntiVir hat folgede Viren gefunden: TR/Crypt.ZPACK.Gen2' & 'TR/Crypt.XPACK.Gen5' [trojan
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (33)
  5. TR/Agent.379392.F, TR/Drop.Agent.dil, TR/Crypt.ZPACK.Gen2 bei AntiVir gefunden
    Plagegeister aller Art und deren Bekämpfung - 25.12.2011 (43)
  6. TR/Crypt.XPACK.Gen und TR/Crypt.ZPACK.Gen2 gefunden PC extrem langsam
    Log-Analyse und Auswertung - 19.10.2011 (8)
  7. Befall TR/Crypt.ZPACK.Gen sowie Agent.AO.205 und Agent.AO.223
    Log-Analyse und Auswertung - 26.12.2010 (6)
  8. W32/Induc.A, TR/Dropper.Gen, TR/Crypt.ZPACK.Gen, TR/Crypt.XPACK.Gen3 gefunden - wie entfernen
    Plagegeister aller Art und deren Bekämpfung - 01.12.2010 (5)
  9. Massenweise Viren werden in Windows/Temp erstellt (Tr/Crypt.xpack.Gen3+TR/Crypt.Pepn.Gen und andere)
    Plagegeister aller Art und deren Bekämpfung - 08.10.2010 (6)
  10. RKIT/agent.biiu, TR/agent.ruo, TR/Crypt.ZPACK.Gen alle guten Dinge sind drei hahahaha
    Plagegeister aller Art und deren Bekämpfung - 06.09.2010 (25)
  11. TR/Crypt.XPACK.Gen2 und TR/Agent.193536 gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.06.2010 (5)
  12. 'TR/Agent.155648.BU' und 'TR/Crypt.ZPACK.Gen' von AntiVir gefunden
    Plagegeister aller Art und deren Bekämpfung - 15.05.2010 (3)
  13. Trojaner TR/Crypt.XPACK.Gen und andere gefunden
    Plagegeister aller Art und deren Bekämpfung - 19.04.2010 (8)
  14. Trojaner TR/Crypt.XPACK.Gen und andere Malware gefunden
    Plagegeister aller Art und deren Bekämpfung - 04.02.2010 (41)
  15. TR/Crypt.IL,TR/Crypt.FSPM.Gen,TR/Dldr.Agent.vxo,etc.;formatieren wird geblockt
    Plagegeister aller Art und deren Bekämpfung - 03.05.2009 (1)
  16. TR/Crypt.XPACK.Gen und andere
    Log-Analyse und Auswertung - 21.03.2009 (0)
  17. TR/Agent.VB.AO.1 und TR/Crypt.CFI.Gen auf brandneuem laptop gefunden
    Plagegeister aller Art und deren Bekämpfung - 30.01.2008 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema tr/agent.83648 und andere wie TR/Crypt gefunden - Schau mal hier: Wie kann ich den Ordner "Windows.old" entfernen? Dann bitte ein frisches FRST logfile. - tr/agent.83648 und andere wie TR/Crypt gefunden...
Archiv
Du betrachtest: tr/agent.83648 und andere wie TR/Crypt gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55