Entfernen Trojaner TR/Crypt. Gen (kleio)Hi. Hab mir den Virus TR/Crypt. Hier mein Logfile: Logfile of Trend Micro Hijack. This v. 2. 0. 2. Scan saved at 1. Entfernen Trojaner TR/Crypt.xpack.Gen. Hi. Hab mir den Virus TR/Crypt.xpack.gen eingefangen und bräuchte tips wie ich den wieder wegbekomme. C:\programme\panda software\panda internet security 2007\firewall\PNMSRV.EXE O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient. What is HControl.exe? The.exe extension on a filename indicates an exe cutable file. Executable files may, in some cases, harm your computer. Therefore, please read below to decide for yourself whether the HControl.exe on. (Image courtesy animationplayhouse.com) Welcome to TechSpot, Chris! ak.exe.imgfarm is part of the name of a website for images. I note is has FunWebProducts which is a straight road to the MyWebSearch Malware. If you system is. Information fichier HControl.exe. Le processus appartient au logiciel ATK0100 ou ATK Hotkey ou ATK Package ou ASUS HControl de la compagnie ATK0100 ou ASUSTek Computer (www.asus.com) ou ASUS (www.asus.com) ou ASUSTeK COMPUTER. Atk0100 Hcontrol Executive SummaryAtk0100 Hcontrol ExerciseShould I block HControl.exe? (145c1889d985ab4f508e4bc7b1df7441) hcontrol.exe executes as a process with the local user's privileges typically within the context of its parent <a href="/asldrsrv.exe-16819. Platform: Windows XP SP2 (Win. NT 5. 0. 1. 2. 60. MSIE: Internet Explorer v. SP2 (6. 0. 0. 2. 90. Informazioni sul file HControl.exe. Il processo appartiene al software ATK0100 o ATK Hotkey o ATK Package o ASUS HControl o Windows Update di ATK0100 o ASUS (www.asus.com) o ASUSTeK COMPUTER INC (www.asus.com) o ASUSTek. HControl.exe is loaded in the all users (HKLM) registry as a startup file name 'HControl' which loads as 'C:\Program Files\ASUS\ATK Hotkey\HControl.exe'. HControlUser.exe is loaded in the all users (HKLM) registry as a startup. Bonjour, Besoin de votre aide Ci-joint après les explications; HITJACTHIS 1) AVIRA ANTIVIR a détecté les Pb suivants: - TR/Dropper.gen, TR/crypt.XPACK et TR/Crypt.XPACK.gen2, TR/crypt.ULFM.gen - AUTORUN.INF bloqué par. Boot mode: Normal. Running processes: C: \WINDOWS\System. C: \WINDOWS\system. C: \WINDOWS\system. C: \WINDOWS\system. C: \WINDOWS\system. C: \WINDOWS\System. C: \WINDOWS\system. Zone. Labs\vsmon. C: \WINDOWS\system. C: \Programme\Avira\Anti. Vir Personal. Edition Classic\sched. C: \Programme\Avira\Anti. Vir Personal. Edition Classic\avguard. C: \Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\Apple. Mobile. Device. Service. C: \Programme\Bonjour\m. DNSResponder. exe. C: \WINDOWS\system. C: \WINDOWS\System. C: \WINDOWS\System. C: \WINDOWS\Explorer. EXEC: \WINDOWS\RTHDCPL. EXEC: \WINDOWS\system. RUNDLL3. 2. EXEC: \WINDOWS\sm. C: \Programme\Synaptics\Syn. TP\Syn. TPEnh. exe. C: \WINDOWS\ATK0. HControl. exe. C: \Programme\Thomson\Speed. Touch USB\Dragdiag. C: \Programme\Adobe\Acrobat 8. Acrobat\Acrotray. C: \Programme\i. Tunes\i. Tunes. Helper. exe. C: \Programme\Java\jre. C: \Programme\Zone Labs\Zone. Alarm\zlclient. exe. C: \WINDOWS\system. C: \Programme\Skype\Phone\Skype. C: \Programme\DAEMON Tools Lite\daemon. C: \Programme\Open. Office. org 2. 4\program\soffice. C: \Programme\Open. Office. org 2. 4\program\soffice. BINC: \WINDOWS\ATK0. ATKOSD. exe. C: \Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensing. Service. exe. C: \Programme\i. Pod\bin\i. Pod. Service. C: \Programme\Skype\Plugin Manager\skype. PM. exe. C: \Programme\Mozilla Thunderbird\thunderbird. C: \WINDOWS\system. C: \Programme\Avira\Anti. Vir Personal. Edition Classic\avgnt. C: \Programme\Avira\Anti. Vir Personal. Edition Classic\avscan. C: \Programme\Mozilla Firefox\firefox. C: \Programme\Trend Micro\Hijack. This\Hijack. This. R1 - HKCU\Software\Microsoft\Windows\Current. Version\Internet Settings,Proxy. Override = *. local. O2 - BHO: Adobe PDF Reader - {0. E9. F- C8. D7- 4. D5. 9- B8. 7D- 7. B7. D6. BE0. B3} - C: \Programme\Gemeinsame Dateien\Adobe\Acrobat\Active. X\Acro. IEHelper. O2 - BHO: Acro. IEHelper. Stub - {1. 8DF0. 81. C- E8. AD- 4. 28. A5. 96- FA5. 78. C2. EBDC3} - C: \Programme\Gemeinsame Dateien\Adobe\Acrobat\Active. X\Acro. IEHelper. Shim. dll. O2 - BHO: SSVHelper Class - {7. BB- D6. F0- 4. 62. C- B6. EB- D4. DAF1. D9. 2D4. 3} - C: \Programme\Java\jre. O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7. CD0. 45- E8. 61- 4. EE1. 61. 91. 0} - C: \Programme\Adobe\Acrobat 8. Acrobat\Acro. IEFav. Client. dll. O2 - BHO: (no name) - {ca. C: \WINDOWS\system. O3 - Toolbar: Adobe PDF - {4. D0. C5- 4. 12. 5- 9. FA8- 0. 81. 9E2. EAAC9. C: \Programme\Adobe\Acrobat 8. Acrobat\Acro. IEFav. Client. dll. O4 - HKLM\.\Run: [RTHDCPL] RTHDCPL. EXEO4 - HKLM\.\Run: [Alcmtr] ALCMTR. EXEO4 - HKLM\.\Run: [Nv. Cpl. Daemon] RUNDLL3. EXE C: \WINDOWS\system. Nv. Cpl. dll,Nv. Startup. O4 - HKLM\.\Run: [nwiz] nwiz. O4 - HKLM\.\Run: [Nv. Media. Center] RUNDLL3. EXE C: \WINDOWS\system. Nv. Mc. Tray. dll,Nv. Taskbar. Init. O4 - HKLM\.\Run: [SMSERIAL] C: \WINDOWS\sm. O4 - HKLM\.\Run: [Syn. TPEnh] C: \Programme\Synaptics\Syn. TP\Syn. TPEnh. exe. O4 - HKLM\.\Run: [HControl] C: \WINDOWS\ATK0. HControl. exe. O4 - HKLM\.\Run: [avgnt] "C: \Programme\Avira\Anti. Vir Personal. Edition Classic\avgnt. O4 - HKLM\.\Run: [Speed. Touch USB Diagnostics] "C: \Programme\Thomson\Speed. Touch USB\Dragdiag. O4 - HKLM\.\Run: [Acrobat Assistant 8. C: \Programme\Adobe\Acrobat 8. Acrobat\Acrotray. O4 - HKLM\.\Run: [Apple. Sync. Notifier] C: \Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\Apple. Sync. Notifier. exe. O4 - HKLM\.\Run: [Quick. Time Task] "C: \Programme\Quick. Time\QTTask. exe" - atboottime. O4 - HKLM\.\Run: [i. Tunes. Helper] "C: \Programme\i. Tunes\i. Tunes. Helper. O4 - HKLM\.\Run: [Sun. Java. Update. Sched] "C: \Programme\Java\jre. O4 - HKLM\.\Run: [Nero. Check] C: \WINDOWS\system. Nero. Check. exe. O4 - HKLM\.\Run: [Zone. Alarm Client] "C: \Programme\Zone Labs\Zone. Alarm\zlclient. exe"O4 - HKLM\.\Run: [rehiyatoyu] Rundll. C: \WINDOWS\system. O4 - HKLM\.\Run: [Adobe Reader Speed Launcher] "C: \Programme\Adobe\Reader 9. Reader\Reader_sl. O4 - HKLM\.\Run: [a. C: \WINDOWS\system. O4 - HKLM\.\Run: [CPMab. Rundll. 32. exe "c: \windows\system. O4 - HKCU\.\Run: [CTFMON. EXE] C: \WINDOWS\system. O4 - HKCU\.\Run: [Skype] "C: \Programme\Skype\Phone\Skype. O4 - HKCU\.\Run: [DAEMON Tools Lite] "C: \Programme\DAEMON Tools Lite\daemon. O4 - HKUS\S- 1- 5- 1. Run: [CTFMON. EXE] C: \WINDOWS\System. CTFMON. EXE (User 'LOKALER DIENST')O4 - HKUS\S- 1- 5- 1. Run: [rehiyatoyu] Rundll. C: \WINDOWS\system. User 'LOKALER DIENST')O4 - HKUS\S- 1- 5- 2. Run: [CTFMON. EXE] C: \WINDOWS\System. CTFMON. EXE (User 'NETZWERKDIENST')O4 - HKUS\S- 1- 5- 1. Run: [CTFMON. EXE] C: \WINDOWS\System. CTFMON. EXE (User 'SYSTEM')O4 - HKUS\. DEFAULT\.\Run: [CTFMON. EXE] C: \WINDOWS\System. CTFMON. EXE (User 'Default user')O4 - Startup: Open. Office. org 2. 4. C: \Programme\Open. Office. org 2. 4\program\quickstart. O8 - Extra context menu item: Append to existing PDF - res: //C: \Programme\Adobe\Acrobat 8. Acrobat\Acro. IEFav. Client. dll/Acro. IEAppend. html. O8 - Extra context menu item: Convert link target to Adobe PDF - res: //C: \Programme\Adobe\Acrobat 8. Acrobat\Acro. IEFav. Client. dll/Acro. IECapture. html. O8 - Extra context menu item: Convert link target to existing PDF - res: //C: \Programme\Adobe\Acrobat 8. Acrobat\Acro. IEFav. Client. dll/Acro. IEAppend. html. O8 - Extra context menu item: Convert selected links to Adobe PDF - res: //C: \Programme\Adobe\Acrobat 8. Acrobat\Acro. IEFav. Client. dll/Acro. IECapture. Sel. Links. O8 - Extra context menu item: Convert selected links to existing PDF - res: //C: \Programme\Adobe\Acrobat 8. Acrobat\Acro. IEFav. Client. dll/Acro. IEAppend. Sel. Links. O8 - Extra context menu item: Convert selection to Adobe PDF - res: //C: \Programme\Adobe\Acrobat 8. Acrobat\Acro. IEFav. Client. dll/Acro. IECapture. html. O8 - Extra context menu item: Convert selection to existing PDF - res: //C: \Programme\Adobe\Acrobat 8. IEAppend. html. O8 - Extra context menu item: Convert to Adobe PDF - res: //C: \Programme\Adobe\Acrobat 8. Acrobat\Acro. IEFav. Client. dll/Acro. IECapture. html. O9 - Extra button: (no name) - {0. B0. E5. C0- 4. FCB- 1. CF- AAA5- 0. 04. 01. C6. 08. 50. 1} - C: \Programme\Java\jre. O9 - Extra 'Tools' menuitem: Sun Java Konsole - {0. B0. E5. C0- 4. FCB- 1. CF- AAA5- 0. 04. 01. C6. 08. 50. 1} - C: \Programme\Java\jre. O9 - Extra button: ICQ6 - {E5. EB1. 21- F3. 39- 4. A3. BA- FE4. 9C3. C2} - C: \Programme\ICQ6\ICQ. O9 - Extra 'Tools' menuitem: ICQ6 - {E5. EB1. 21- F3. 39- 4. A3. BA- FE4. 9C3. C2} - C: \Programme\ICQ6\ICQ. O9 - Extra button: Messenger - {FB5. F1. 91. 0- F1. 10- 1. BB9. E- 0. 0C0. 4F7. C: \Programme\Messenger\msmsgs. O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5. F1. 91. 0- F1. 10- 1. BB9. E- 0. 0C0. 4F7. C: \Programme\Messenger\msmsgs. O1. 7 - HKLM\System\CCS\Services\Tcpip\.\{3. BC3. 55. A- F7. DD- 4. E5. 6- BF2. 8- DCC3. EAD1. DB1. 3}: Name. Server = 1. 0. 0. O1. 7 - HKLM\System\CS1\Services\Tcpip\Parameters: Search. List = int. campus- sbg. O1. 7 - HKLM\System\CCS\Services\Tcpip\Parameters: Search. List = int. campus- sbg. O1. 8 - Protocol: skype. FFC8. B9. 62- 9. B4. DFF- 9. 45. 8- 1. C7. DD7. F5. D} - C: \PROGRA~1\GEMEIN~1\Skype\SKYPE4~1. DLLO2. 0 - App. Init_DLLs: C: \WINDOWS\system. O2. 1 - SSODL: SSODL - {EC4. E3. FD- 5. C6. 0- 4. D7- E0. B8. 5DBDD6. C4} - c: \windows\system. O2. 2 - Shared. Task. Scheduler: STS - {EC4. E3. FD- 5. C6. 0- 4. D7- E0. B8. 5DBDD6. C4} - c: \windows\system. O2. 3 - Service: Avira Anti. Vir Personal – Free Antivirus Planer (Anti. Vir. Scheduler) - Avira Gmb. H - C: \Programme\Avira\Anti. Vir Personal. Edition Classic\sched. O2. 3 - Service: Avira Anti. Vir Personal – Free Antivirus Guard (Anti. Vir. Service) - Avira Gmb. H - C: \Programme\Avira\Anti. Vir Personal. Edition Classic\avguard. O2. 3 - Service: Apple Mobile Device - Apple Inc. C: \Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\Apple. Mobile. Device. Service. O2. 3 - Service: Bonjour- Dienst (Bonjour Service) - Apple Inc. C: \Programme\Bonjour\m. DNSResponder. exe. O2. 3 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. C: \Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensing. Service. exe. O2. Service: get. Plus(R) Helper - NOS Microsystems Ltd. C: \Programme\NOS\bin\get. Plus_Helper. Svc. O2. 3 - Service: i. Pod- Dienst (i. Pod Service) - Apple Inc. C: \Programme\i. Pod\bin\i. Pod. Service. exe. O2. 3 - Service: NVIDIA Display. Driver Service (NVSvc) - NVIDIA Corporation - C: \WINDOWS\system. O2. 3 - Service: True. Vector Internet Monitor (vsmon) - Zone Labs, LLC - C: \WINDOWS\system. Zone. Labs\vsmon. End of file - 9. 13. Hab einen Virenscann heute in der Früh gemacht und da war noch nichts. Am Nachmittag hab ich dann Facebook geöffnet und auf einmal kam eine Virenscannermeldung und ein Browserfenster hat sich geöffnet und sich als Virenscan ausgegeben. Habe es gleich weggeklickt, aber war wahrscheinlich zu spät. Hab danach antivir scannen lassen und dann war der Trojaner schon da. Bitte um Hilfe. Danke.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
October 2016
Categories |