Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
TR/CryptZPackGen loswerden?

TR/CryptZPackGen loswerden?


Plagegeister aller Art und deren Bekämpfung: TR/CryptZPackGen loswerden?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.12.2009, 13:56   #1
markusm2710
 
TR/CryptZPackGen loswerden? - Standard

TR/CryptZPackGen loswerden?


Hallo
Hab vor kurzen einen Trojaner eingefangen Typ: TR/CryptZPackGen.
Nun kommt so ca. alle 4 Minuten eine Meldung vom Programm AVIRA ein Virus-Fund.
Aufgefallen ist mir das es jedesmal im gleichen Ordner der Virus auftaucht: C:\Windows\Temp\ zum Beispiel steht dann:
C:\Windows\Temp\uphd.tmp\svchost.exe

Nun habe ich die von Trojaner-Board Regel-Punkt 2 befolgt
und die Prüfberichte erstellt.

Nachdem das Programm random's system information tool beendet wurde, kam der Befehl Neustart durchführen.
Dannach wurde das das Windows Vista neugestartet, und es kam die Meldung C:\boot defekt

Würde mich Freuen wenn sich hier jemand auskennen würde was jetzt zu tun wäre.

Mit Freundlichen Grüßen Markus



Malwarebytes' Anti-Malware 1.42
Datenbank Version: 3299
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18828

05.12.2009 13:01:10
mbam-log-2009-12-05 (13-01-10).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 307762
Laufzeit: 52 minute(s), 56 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Standpc\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.


_______________________________________________


info.txt logfile of random's system information tool 1.06 2009-12-05 13:16:29

======Uninstall list======

32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Acer Arcade Live Main Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\Setup.exe" -uninstall
Acer DV Magician-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6EFFB76-4A07-11DA-9D78-000129760D75}\Setup.exe" -uninstall
Acer GameZone Console DTV 2.0.1.1-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"
Acer HomeMedia Connect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}\Setup.exe" -uninstall
Acer HomeMedia Trial Creator-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B580C409-E16F-44FF-904D-3AE94E113BE0}\Setup.exe" -uninstall
Acer HomeMedia-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer SlideShow DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41581EF5-45A7-11DA-9D78-000129760D75}\SETUP.EXE" -uninstall
Acer VideoMagician-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\Setup.exe" -uninstall
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A92000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AV Input Selection-->MsiExec.exe /X{DEB38E1A-F4E5-4DF0-96F4-4050567A9D09}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
BitTorrent-->C:\Program Files\BitTorrent\uninst.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Dassault Systemes Software B19-->"D:\Program Files\Dassault Systemes\B19\intel_a\code\bin\Uninstall.exe" "D:\Program Files\Dassault Systemes\B19" "CODE" "GUI" "B19" "0"
Dassault Systemes Software Prerequisites x86-->MsiExec.exe /X{6DE6837F-F3A3-40FF-9F5C-A0B95948E32D}
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Google Earth-->MsiExec.exe /X{9074AFC0-CFDA-11DE-B484-005056806466}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 8.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet All-In-One Software 8.0-->C:\Program Files\HP\Digital Imaging\{24557DC0-0839-496f-82F9-C4EB72EFE4FA}\setup\hpzscr01.exe -datfile hposcr12.dat
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
ITECIR Driver-->C:\Program Files\InstallShield Installation Information\{FCED9B62-34FF-4C15-8A23-F65221F7874D}\setup.exe -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft LifeCam-->MsiExec.exe /X{726DBFE3-BE2B-4FFA-9787-D6495765CFD2}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{4EA2F95F-A537-4D17-9E7F-6B3FF8D9BBE3}
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3 Rocket-->C:\Program Files\MP3 Rocket\Uninstall.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nokia Connectivity Cable Driver-->RUNDLL32.EXE nsesetup.dll,DoNTUninst
NTI Backup NOW! 4.7-->C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe -runfromtemp -l0x0407
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1031 CDM7
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
PhotoScape-->"C:\Program Files\PhotoScape\uninstall.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PixiePack Codec Pack-->MsiExec.exe /I{9C450606-ED24-4958-92BA-B8940C99D441}
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Sweet Home 3D version 2.0-->"C:\Program Files\Sweet Home 3D\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb975960)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1AB1BED-7477-4D5A-BD0C-04C2109459A5}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live Fotogalerie-->MsiExec.exe /X{2BA722D1-48D1-406E-9123-8AE5431D63EF}
Windows Live ID-Anmelde-Assistent-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live Sync-->MsiExec.exe /X{76618402-179D-4699-A66B-D351C59436BC}
Windows Live Toolbar-->MsiExec.exe /X{70B7A167-0B88-445D-A3EA-97C73AA88CAC}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows-Treiberpaket - ITE Tech.Inc. (itecir) HIDClass (06/20/2007 5.0.0004.2)-->C:\PROGRA~1\DIFX\F46A63020E122F0A\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\itecir.inf_709ef2e8\itecir.inf

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: Standpc-PC
Event Code: 4376
Message: Windows-Wartung erforderte einen Neustart, um das Paket KB970653(Update) in den Status Installiert(Installed) setzen zu können.
Record Number: 74238
Source Name: Microsoft-Windows-Servicing
Time Written: 20090914115226.000000-000
Event Type: Warnung
User: Standpc-PC\Standpc

Computer Name: Standpc-PC
Event Code: 4376
Message: Windows-Wartung erforderte einen Neustart, um das Paket KB970653(Update) in den Status Installiert(Installed) setzen zu können.
Record Number: 74237
Source Name: Microsoft-Windows-Servicing
Time Written: 20090914115226.000000-000
Event Type: Warnung
User: Standpc-PC\Standpc

Computer Name: Standpc-PC
Event Code: 4376
Message: Windows-Wartung erforderte einen Neustart, um das Paket KB970653(Update) in den Status Installiert(Installed) setzen zu können.
Record Number: 74236
Source Name: Microsoft-Windows-Servicing
Time Written: 20090914115226.000000-000
Event Type: Warnung
User: Standpc-PC\Standpc

Computer Name: Standpc-PC
Event Code: 4376
Message: Windows-Wartung erforderte einen Neustart, um das Paket KB970653(Update) in den Status Installation angefordert(Install Requested) setzen zu können.
Record Number: 74235
Source Name: Microsoft-Windows-Servicing
Time Written: 20090914115226.000000-000
Event Type: Warnung
User: Standpc-PC\Standpc

Computer Name: Standpc-PC
Event Code: 4376
Message: Windows-Wartung erforderte einen Neustart, um das Paket KB970653(Update) in den Status Installation angefordert(Install Requested) setzen zu können.
Record Number: 74234
Source Name: Microsoft-Windows-Servicing
Time Written: 20090914115226.000000-000
Event Type: Warnung
User: Standpc-PC\Standpc

=====Application event log=====

Computer Name: WIN-R2NWMX80J96
Event Code: 1532
Message: Das Benutzerprofil wurde angehalten


Record Number: 915
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20080917055238.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: WIN-R2NWMX80J96
Event Code: 6000
Message: Der Winlogon-Benachrichtigungsabonnent <SessionEnv> war nicht verfügbar, um das Benachrichtigungsereignis zu verarbeiten.
Record Number: 914
Source Name: Microsoft-Windows-Winlogon
Time Written: 20080917055238.000000-000
Event Type: Informationen
User:

Computer Name: WIN-R2NWMX80J96
Event Code: 9009
Message: Der Desktopfenster-Manager wurde mit dem Code (0x40010004) abgebrochen.
Record Number: 913
Source Name: Desktop Window Manager
Time Written: 20080917055237.000000-000
Event Type: Informationen
User:

Computer Name: WIN-R2NWMX80J96
Event Code: 0
Message: Der Dienst wurde beendet.
Record Number: 912
Source Name: ALaunchService
Time Written: 20080917055222.000000-000
Event Type: Informationen
User:

Computer Name: WIN-R2NWMX80J96
Event Code: 1013
Message: Der Windows-Suchdienst wurde normal beendet.

Record Number: 911
Source Name: Microsoft-Windows-Search
Time Written: 20080917055215.000000-000
Event Type: Informationen
User:

=====Security event log=====

Computer Name: Standpc-PC
Event Code: 4616
Message: Die Systemzeit wurde geändert.

Antragsteller:
Sicherheits-ID: S-1-5-19
Kontoname: LOKALER DIENST
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e5

Prozessinformationen:
Prozess-ID: 0x4dc
Name: C:\Windows\System32\svchost.exe

Vorherige Zeit: 14:19:18 15.11.2008
Neue Zeit: 14:19:18 15.11.2008

Dieses Ereignis wird generiert, wenn die Systemzeit geändert wird. Es ist normal, dass der mit Systemberechtigung ausgeführte Windows-Zeitdienst die Systemzeit regelmäßig ändert. Andere Änderungen der Systemzeit können darauf hinweisen, dass der Computer manipuliert wird.
Record Number: 2418
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081115131919.071000-000
Event Type: Überwachung erfolgreich
User:

Computer Name: Standpc-PC
Event Code: 1100
Message: Der Ereignisprotokollierungsdienst wurde heruntergefahren.
Record Number: 2417
Source Name: Microsoft-Windows-Eventlog
Time Written: 20081115131920.679000-000
Event Type: Überwachung erfolgreich
User:

Computer Name: Standpc-PC
Event Code: 4647
Message: Benutzerinitiierte Abmeldung:

Antragsteller:
Sicherheits-ID: S-1-5-21-1329758648-3248927420-855977625-1000
Kontoname: Standpc
Kontodomäne: Standpc-PC
Anmelde-ID: 0x36dda

Dieses Ereignis wird generiert, wenn eine Abmeldung initiiert wird, aber die Anzahl der Tokenreferenzen nicht Null ist und die Anmeldesitzung nicht zerstört werden kann. Es kann keiner Benutzerinitiierte Aktion erfolgen. Dieses Ereignis kann als Abmeldeereignis interpretiert werden.
Record Number: 2416
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081115131915.972515-000
Event Type: Überwachung erfolgreich
User:

Computer Name: Standpc-PC
Event Code: 4634
Message: Ein Konto wurde abgemeldet.

Antragsteller:
Sicherheits-ID: S-1-5-7
Kontoname: ANONYMOUS-ANMELDUNG
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x137a09

Anmeldetyp: 3

Dieses Ereignis wird generiert, wenn eine Anmeldesitzung zerstört wird. Es kann anhand des Wertes der Anmelde-ID positiv mit einem Anmeldeereignis korreliert werden. Anmelde-IDs sind nur zwischen Neustarts auf demselben Computer eindeutig.
Record Number: 2415
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081115123608.822515-000
Event Type: Überwachung erfolgreich
User:

Computer Name: Standpc-PC
Event Code: 4634
Message: Ein Konto wurde abgemeldet.

Antragsteller:
Sicherheits-ID: S-1-5-7
Kontoname: ANONYMOUS-ANMELDUNG
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x1379fc

Anmeldetyp: 3

Dieses Ereignis wird generiert, wenn eine Anmeldesitzung zerstört wird. Es kann anhand des Wertes der Anmelde-ID positiv mit einem Anmeldeereignis korreliert werden. Anmelde-IDs sind nur zwischen Neustarts auf demselben Computer eindeutig.
Record Number: 2414
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081115123608.818515-000
Event Type: Überwachung erfolgreich
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------



Logfile of random's system information tool 1.06 (written by random/random)
Run by Standpc at 2009-12-05 13:16:21
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 119 GB (81%) free of 148 GB
Total RAM: 1791 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:16:27, on 05.12.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Standpc\Downloads\RSIT(2).exe
C:\Program Files\Trend Micro\HijackThis\Standpc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [photo_id] C:\Windows\system32\config\systemprofile\photo_id.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [photo_id] C:\Windows\system32\config\systemprofile\photo_id.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Acer HomeMedia Connect Service - Unknown owner - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: eRecovery Service (eRecoveryService) - Unknown owner - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (file missing)
O23 - Service: Google Update Service (gupdate1ca09e58d43ebea) (gupdate1ca09e58d43ebea) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 6302 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Driver Robot.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1329758648-3248927420-855977625-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1329758648-3248927420-855977625-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{78A62D8A-6B5E-41AC-B252-081C92121E44}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-09-01 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-21 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-31 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"eRecoveryService"= []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-29 61440]
" Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-12-03 1394000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioCDClass]
regsvr32 /s /u C:\Users\Standpc\AppData\Local\AudioCD\AudioCDClass.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeploymentToolkit]
regsvr32 /s /u C:\Users\Standpc\AppData\Local\Deployment\DeploymentToolkit.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Standpc\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-15 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveContact]
regsvr32 /s /u C:\Users\Standpc\AppData\Local\Groove\GrooveContact.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMMediaSharing]
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\photo_id]
C:\Windows\system32\photo_id.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regedit32]
C:\Windows\system32\regedit.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2007-06-20 4493312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-31 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TabletManagerClass]
regsvr32 /s /u C:\Users\Standpc\AppData\Local\TabletManager\TabletManagerClass.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TipTsfDataClass]
regsvr32 /s /u C:\Users\Standpc\AppData\Local\TipTsfData\TipTsfDataClass.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-09-01 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
C:\Windows\vVX1000.exe [2007-04-10 709992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
C:\Acer\EMPOWE~1\EAPLAU~1.EXE [2007-04-14 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-01-02 210520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7b30c68b-bae0-11de-b51e-001fe23b0784}]
shell\AutoRun\command - F:\s3ek.exe
shell\open\command - F:\s3ek.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f8b99ab-8420-11de-a76a-001fe23b0784}]
shell\AutoRun\command - F:\LaunchU3.exe -a


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-12-05 13:16:21 ----D---- C:\rsit
2009-12-05 11:21:47 ----D---- C:\Users\Standpc\AppData\Roaming\Malwarebytes
2009-12-05 11:21:41 ----D---- C:\ProgramData\Malwarebytes
2009-12-05 11:21:41 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-04 23:41:42 ----D---- C:\Program Files\Trend Micro
2009-12-04 11:05:38 ----D---- C:\Windows\Downloaded Installations
2009-11-30 20:54:22 ----D---- C:\Program Files\ATI Technologies
2009-11-30 20:36:17 ----D---- C:\Program Files\ATI
2009-11-25 20:15:22 ----D---- C:\Users\Standpc\AppData\Roaming\K-Meleon
2009-11-25 02:17:40 ----A---- C:\Windows\system32\tzres.dll
2009-11-24 23:08:21 ----A---- C:\Windows\system32\msxml6.dll
2009-11-24 23:08:20 ----A---- C:\Windows\system32\msxml3.dll
2009-11-23 22:52:05 ----D---- C:\Users\Standpc\AppData\Roaming\Blitware
2009-11-23 21:10:55 ----D---- C:\ATI
2009-11-23 19:13:30 ----D---- C:\Program Files\Common Files\Adobe
2009-11-23 19:13:30 ----D---- C:\Program Files\Adobe
2009-11-22 13:19:58 ----D---- C:\Users\Standpc\AppData\Roaming\WinRAR
2009-11-19 14:37:28 ----D---- C:\Program Files\Common Files\Autodata Limited Shared
2009-11-18 09:48:15 ----D---- C:\ProgramData\DassaultSystemes
2009-11-18 09:48:14 ----D---- C:\Users\Standpc\AppData\Roaming\DassaultSystemes
2009-11-17 17:03:20 ----D---- C:\Program Files\Windows Portable Devices
2009-11-17 15:57:35 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-17 15:57:34 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-17 15:57:34 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-17 15:57:16 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-17 15:57:15 ----A---- C:\Windows\system32\cdd.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-17 15:57:14 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\FntCache.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\dxgi.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-17 15:57:14 ----A---- C:\Windows\system32\DWrite.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\d3d11.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-17 15:57:14 ----A---- C:\Windows\system32\d2d1.dll
2009-11-17 15:57:13 ----A---- C:\Windows\system32\d3d10.dll
2009-11-17 15:56:56 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-17 15:56:56 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-17 15:56:56 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-17 15:56:53 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-17 15:56:52 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-11-17 15:56:52 ----A---- C:\Windows\system32\WpdConns.dll
2009-11-17 15:56:51 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-17 15:56:51 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-17 15:56:51 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-17 15:56:51 ----A---- C:\Windows\system32\WpdMtp.dll
2009-11-17 15:56:51 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-17 15:56:51 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-17 15:56:51 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-17 15:56:51 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-17 15:56:51 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-17 15:55:50 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-17 15:55:49 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-17 15:55:49 ----A---- C:\Windows\system32\oleacc.dll
2009-11-14 12:51:42 ----D---- C:\Program Files\Microsoft Silverlight
2009-11-14 12:51:21 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-11-14 12:50:50 ----D---- C:\Program Files\Microsoft Sync Framework
2009-11-14 12:49:56 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-11-14 12:49:28 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-11-14 12:49:01 ----D---- C:\Program Files\Microsoft
2009-11-12 11:12:15 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-11 21:10:27 ----D---- C:\ProgramData\Autodata Limited
2009-11-06 10:40:16 ----A---- C:\Windows\system32\wups2.dll
2009-11-06 10:40:16 ----A---- C:\Windows\system32\wuauclt.exe
2009-11-06 10:40:15 ----A---- C:\Windows\system32\wucltux.dll
2009-11-06 10:40:15 ----A---- C:\Windows\system32\wuaueng.dll
2009-11-06 10:39:56 ----A---- C:\Windows\system32\wups.dll
2009-11-06 10:39:56 ----A---- C:\Windows\system32\wudriver.dll
2009-11-06 10:39:56 ----A---- C:\Windows\system32\wuapi.dll

======List of files/folders modified in the last 1 months======

2009-12-05 13:16:22 ----D---- C:\Windows\Temp
2009-12-05 13:14:42 ----D---- C:\Windows\Tasks
2009-12-05 13:11:40 ----D---- C:\Windows
2009-12-05 13:05:37 ----D---- C:\Windows\system32\drivers
2009-12-05 13:04:31 ----D---- C:\Windows\L2Schemas
2009-12-05 11:21:41 ----RD---- C:\Program Files
2009-12-05 11:21:41 ----HD---- C:\ProgramData
2009-12-05 11:21:26 ----D---- C:\Windows\Prefetch
2009-12-05 11:10:18 ----SHD---- C:\System Volume Information
2009-12-05 10:53:15 ----D---- C:\Windows\System32
2009-12-05 10:53:15 ----D---- C:\Windows\inf
2009-12-05 10:53:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-05 00:13:24 ----D---- C:\Users\Standpc\AppData\Roaming\BitTorrent
2009-12-04 12:05:16 ----SHD---- C:\Windows\Installer
2009-12-04 12:04:55 ----HD---- C:\Config.Msi
2009-12-04 12:04:55 ----D---- C:\Windows\system32\catroot
2009-12-04 12:04:52 ----D---- C:\Program Files\Common Files
2009-12-04 09:37:52 ----D---- C:\Program Files\Google
2009-12-01 10:39:50 ----D---- C:\Windows\system32\catroot2
2009-11-30 20:09:59 ----D---- C:\PerfLogs
2009-11-29 11:11:46 ----D---- C:\Users\Standpc\AppData\Roaming\MP3Rocket
2009-11-29 11:07:02 ----D---- C:\Program Files\MP3 Rocket
2009-11-25 13:07:15 ----D---- C:\Users\Standpc\AppData\Roaming\Image Zone Express
2009-11-25 11:21:28 ----D---- C:\Windows\rescache
2009-11-25 02:18:17 ----D---- C:\Windows\winsxs
2009-11-25 02:18:06 ----D---- C:\Windows\system32\de-DE
2009-11-23 22:52:06 ----D---- C:\Windows\system32\Tasks
2009-11-23 22:30:55 ----SD---- C:\Users\Standpc\AppData\Roaming\Microsoft
2009-11-23 22:15:33 ----D---- C:\Windows\pss
2009-11-23 20:06:26 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-23 20:02:23 ----D---- C:\ProgramData\Adobe
2009-11-19 14:38:45 ----A---- C:\Windows\win.ini
2009-11-18 10:04:50 ----RSD---- C:\Windows\Fonts
2009-11-18 09:55:02 ----D---- C:\Program Files\Common Files\DESIGNER
2009-11-18 09:54:59 ----D---- C:\Program Files\Microsoft Office
2009-11-17 17:03:20 ----D---- C:\Windows\system32\wbem
2009-11-17 17:03:17 ----D---- C:\Windows\system32\uk-UA
2009-11-17 17:03:17 ----D---- C:\Windows\system32\pt-PT
2009-11-17 17:03:17 ----D---- C:\Windows\system32\pt-BR
2009-11-17 17:03:17 ----D---- C:\Windows\system32\pl-PL
2009-11-17 17:03:17 ----D---- C:\Windows\system32\ko-KR
2009-11-17 17:03:17 ----D---- C:\Windows\system32\it-IT
2009-11-17 17:03:17 ----D---- C:\Windows\system32\he-IL
2009-11-17 17:03:17 ----D---- C:\Windows\system32\bg-BG
2009-11-17 17:03:16 ----D---- C:\Windows\system32\zh-TW
2009-11-17 17:03:16 ----D---- C:\Windows\system32\zh-HK
2009-11-17 17:03:16 ----D---- C:\Windows\system32\zh-CN
2009-11-17 17:03:16 ----D---- C:\Windows\system32\tr-TR
2009-11-17 17:03:16 ----D---- C:\Windows\system32\th-TH
2009-11-17 17:03:16 ----D---- C:\Windows\system32\sv-SE
2009-11-17 17:03:16 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-17 17:03:16 ----D---- C:\Windows\system32\sl-SI
2009-11-17 17:03:16 ----D---- C:\Windows\system32\sk-SK
2009-11-17 17:03:16 ----D---- C:\Windows\system32\ru-RU
2009-11-17 17:03:16 ----D---- C:\Windows\system32\ro-RO
2009-11-17 17:03:16 ----D---- C:\Windows\system32\nl-NL
2009-11-17 17:03:16 ----D---- C:\Windows\system32\lv-LV
2009-11-17 17:03:16 ----D---- C:\Windows\system32\lt-LT
2009-11-17 17:03:16 ----D---- C:\Windows\system32\ja-JP
2009-11-17 17:03:16 ----D---- C:\Windows\system32\hu-HU
2009-11-17 17:03:16 ----D---- C:\Windows\system32\hr-HR
2009-11-17 17:03:16 ----D---- C:\Windows\system32\fr-FR
2009-11-17 17:03:16 ----D---- C:\Windows\system32\fi-FI
2009-11-17 17:03:16 ----D---- C:\Windows\system32\et-EE
2009-11-17 17:03:16 ----D---- C:\Windows\system32\es-ES
2009-11-17 17:03:16 ----D---- C:\Windows\system32\el-GR
2009-11-17 17:03:16 ----D---- C:\Windows\system32\cs-CZ
2009-11-17 17:03:16 ----D---- C:\Windows\system32\ar-SA
2009-11-17 17:03:15 ----D---- C:\Windows\system32\nb-NO
2009-11-17 17:03:15 ----D---- C:\Windows\system32\en-US
2009-11-17 17:03:15 ----D---- C:\Windows\system32\da-DK
2009-11-14 12:51:22 ----D---- C:\Program Files\Common Files\System
2009-11-14 12:51:11 ----D---- C:\Program Files\Windows Live
2009-11-14 12:50:40 ----SD---- C:\ProgramData\Microsoft
2009-11-14 12:49:29 ----RSD---- C:\Windows\assembly
2009-11-13 18:17:20 ----D---- C:\Users\Standpc\AppData\Roaming\dvdcss
2009-11-12 13:26:00 ----D---- C:\Windows\Debug
2009-11-12 13:23:45 ----D---- C:\Program Files\Windows Mail
2009-11-12 13:22:46 ----D---- C:\ProgramData\Microsoft Help
2009-11-08 14:54:23 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 LUMDriver;LUMDriver; \??\C:\Windows\system32\drivers\LUMDriver.sys [2007-04-24 16688]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-30 1184768]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-09-30 4450816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-06-22 1788056]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-04-11 6144]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2007-05-14 135400]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
S2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 Dot4;MS IEEE-1284.4-Treiber; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Druckerklassentreiber für IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-05-02 8064]
S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-02 8064]
S3 VX1000;VX-1000; C:\Windows\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 xnacc;Treiberdienst XBOX 360-Controller für Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2008-01-21 521216]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\Windows\system32\DRIVERS\zebrbus.sys [2009-08-02 83200]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\Windows\system32\DRIVERS\zebrmdfl.sys [2009-08-02 14848]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\Windows\system32\DRIVERS\zebrmdm.sys [2009-08-02 109568]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\Windows\system32\DRIVERS\zebrmdmc.sys [2009-08-02 109568]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-09-30 733184]
R2 Autodata Limited License Service;Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [2009-11-19 72704]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2008-06-13 241734]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe []
S2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe []
S2 gupdate1ca09e58d43ebea;Google Update Service (gupdate1ca09e58d43ebea); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-21 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-21 190448]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------


Mit Freundlichen Grüßen Markus

Alt 05.12.2009, 15:36   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/CryptZPackGen loswerden? - Standard

TR/CryptZPackGen loswerden?


Hallo und

Ein Logfile wäre noch gut: Lade dir Lop S&D herunter.

Windows2000/XP: Führe Lop S&D.exe per Doppelklick aus.

Windows Vista und 7: Rechtsklick auf Lop S&D.exe => Ausführen als Admin!!

Wähle die Sprache deiner Wahl und anschließend die Option 1.
Warte bis der Scanbericht erstellt wird und poste ihn hier (Du findest ihn unter C:\lopR.txt, sollte der Bericht nicht erscheinen).
__________________

__________________
Alt 05.12.2009, 19:23   #3
markusm2710
 
TR/CryptZPackGen loswerden? - Standard

TR/CryptZPackGen loswerden?


Hallo cosinus

Danke für Deine Antwort, hab den Logfile nun erstellt
Hoffe das es Dir/Euch helfen kann,
Mit Freundlichen Grüßen Markus


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Home Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) Dual Core Processor 4450e )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Standpc ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:144 Go (Free:116 Go)
D:\ (Local Disk) - NTFS - Total:144 Go (Free:130 Go)
E:\ (CD or DVD)
G:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 05.12.2009|19:14 )

[ UAC => 1 ]

--------------------\\ Ordner Verzeichnis unter Local

[05.09.2009|14:49] C:\Users\Standpc\AppData\Local\Acer Arcade Live
[10.11.2008|22:08] C:\Users\Standpc\AppData\Local\Acer DV Magician
[10.11.2008|22:16] C:\Users\Standpc\AppData\Local\Acer DVDivine
[10.11.2008|22:09] C:\Users\Standpc\AppData\Local\Acer SlideShow DVD
[05.09.2009|13:05] C:\Users\Standpc\AppData\Local\Acer VideoMagician
[23.11.2009|19:15] C:\Users\Standpc\AppData\Local\Adobe
[06.11.2008|19:22] C:\Users\Standpc\AppData\Local\Anwendungsdaten
[07.11.2008|17:30] C:\Users\Standpc\AppData\Local\Apple
[07.11.2008|17:31] C:\Users\Standpc\AppData\Local\Apple Computer
[15.11.2008|14:46] C:\Users\Standpc\AppData\Local\Apps
[06.11.2008|19:24] C:\Users\Standpc\AppData\Local\ATI
[26.11.2009|13:56] C:\Users\Standpc\AppData\Local\AudioCD
[30.11.2009|20:44] C:\Users\Standpc\AppData\Local\d3d9caps.dat
[18.11.2009|10:31] C:\Users\Standpc\AppData\Local\DassaultSystemes
[09.11.2009|14:42] C:\Users\Standpc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[26.11.2009|13:56] C:\Users\Standpc\AppData\Local\Deployment
[22.11.2008|14:16] C:\Users\Standpc\AppData\Local\edsinstaller.txt-20081122.log
[19.11.2009|16:00] C:\Users\Standpc\AppData\Local\GDIPFONTCACHEV1.DAT
[21.07.2009|10:28] C:\Users\Standpc\AppData\Local\Google
[28.11.2009|12:39] C:\Users\Standpc\AppData\Local\Groove
[05.12.2009|16:19] C:\Users\Standpc\AppData\Local\IconCache.db
[14.08.2009|13:17] C:\Users\Standpc\AppData\Local\Microsoft
[06.11.2008|20:54] C:\Users\Standpc\AppData\Local\Microsoft Games
[23.11.2009|17:14] C:\Users\Standpc\AppData\Local\Microsoft Help
[31.05.2009|13:54] C:\Users\Standpc\AppData\Local\Mozilla
[06.11.2008|19:23] C:\Users\Standpc\AppData\Local\PowerCinema
[24.08.2009|11:12] C:\Users\Standpc\AppData\Local\RapidSolution
[24.07.2009|09:33] C:\Users\Standpc\AppData\Local\Seven Zip
[26.11.2009|13:56] C:\Users\Standpc\AppData\Local\TabletManager
[05.12.2009|19:14] C:\Users\Standpc\AppData\Local\Temp
[06.11.2008|19:22] C:\Users\Standpc\AppData\Local\Temporary Internet Files
[26.11.2009|13:56] C:\Users\Standpc\AppData\Local\TipTsfData
[06.11.2008|19:22] C:\Users\Standpc\AppData\Local\Verlauf
[07.11.2008|17:33] C:\Users\Standpc\AppData\Local\VirtualStore
[5|Datei(en),] C:\Users\Standpc\AppData\Local\Bytes
[31|Verzeichnis(se),] C:\Users\Standpc\AppData\Local\Bytes frei

--------------------\\ Geplante Aufgaben unter C:\Windows\Tasks

[23.11.2009 23:05][--a------] C:\Windows\tasks\Driver Robot.job
[05.12.2009 16:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{78A62D8A-6B5E-41AC-B252-081C92121E44}.job
[05.12.2009 17:36][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[05.12.2009 19:01][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[05.12.2009 19:04][--a------] C:\Windows\tasks\Google Software Updater.job
[05.12.2009 19:14][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1329758648-3248927420-855977625-1000UA.job
[05.12.2009 19:14][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1329758648-3248927420-855977625-1000Core.job
[05.12.2009 19:01][--ah-----] C:\Windows\tasks\SA.DAT
[05.12.2009 17:54][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Ordner Verzeichnis unter C:\ProgramData

[30.10.2008|09:49] C:\ProgramData\8f01a90e-7eb3-48d3-93b1-50d88fd146fb
[11.04.2007|07:32] C:\ProgramData\Acer GameZone Console
[23.11.2009|20:02] C:\ProgramData\Adobe
[06.11.2008|19:18] C:\ProgramData\Anwendungsdaten
[07.11.2008|17:30] C:\ProgramData\Apple
[03.08.2009|23:37] C:\ProgramData\Apple Computer
[02.11.2006|14:02] C:\ProgramData\Application Data
[11.11.2009|21:10] C:\ProgramData\Autodata Limited
[15.08.2009|18:07] C:\ProgramData\avg8
[15.08.2009|18:11] C:\ProgramData\Avira
[10.11.2008|22:09] C:\ProgramData\CyberLink
[18.11.2009|09:54] C:\ProgramData\DassaultSystemes
[02.11.2006|14:02] C:\ProgramData\Desktop
[02.11.2006|14:02] C:\ProgramData\Documents
[06.11.2008|19:18] C:\ProgramData\Dokumente
[06.11.2008|22:24] C:\ProgramData\eSobi
[06.11.2008|19:18] C:\ProgramData\Favoriten
[02.11.2006|14:02] C:\ProgramData\Favorites
[11.04.2007|07:33] C:\ProgramData\FloodLightGames
[21.07.2009|10:27] C:\ProgramData\Google Updater
[03.08.2009|10:05] C:\ProgramData\Hewlett-Packard
[03.08.2009|10:36] C:\ProgramData\HP
[03.08.2009|10:30] C:\ProgramData\HPSSUPPLY
[03.08.2009|10:35] C:\ProgramData\hpzinstall.log
[05.12.2009|11:21] C:\ProgramData\Malwarebytes
[22.10.2009|14:57] C:\ProgramData\McAfee
[20.10.2009|14:57] C:\ProgramData\McAfee Security Scan
[14.11.2009|12:50] C:\ProgramData\Microsoft
[12.11.2009|13:22] C:\ProgramData\Microsoft Help
[27.10.2009|18:24] C:\ProgramData\NCH Swift Sound
[14.09.2009|11:58] C:\ProgramData\Office Genuine Advantage
[10.10.2009|23:29] C:\ProgramData\RapidSolution
[01.09.2009|13:16] C:\ProgramData\Real
[08.11.2008|10:46] C:\ProgramData\SiteAdvisor
[02.11.2006|14:02] C:\ProgramData\Start Menu
[06.11.2008|19:18] C:\ProgramData\Startmenü
[07.11.2008|17:33] C:\ProgramData\TEMP
[02.11.2006|14:02] C:\ProgramData\Templates
[06.11.2008|19:18] C:\ProgramData\Vorlagen
[03.08.2009|10:35] C:\ProgramData\WEBREG
[2|Datei(en),] C:\ProgramData\Bytes
[40|Verzeichnis(se),] C:\ProgramData\Bytes frei

--------------------\\ Ordner Verzeichnis unter C:\Program Files

[11.04.2007|07:55] C:\Program Files\Acer Arcade Live
[22.11.2008|14:19] C:\Program Files\Acer GameZone
[17.09.2008|06:50] C:\Program Files\Acer Incorporated
[23.11.2009|19:13] C:\Program Files\Adobe
[07.11.2008|17:30] C:\Program Files\Apple Software Update
[30.11.2009|20:41] C:\Program Files\ATI
[30.11.2009|20:55] C:\Program Files\ATI Technologies
[15.08.2009|18:11] C:\Program Files\Avira
[04.10.2009|14:19] C:\Program Files\BitTorrent
[11.08.2009|11:08] C:\Program Files\CCleaner
[04.12.2009|12:04] C:\Program Files\Common Files
[11.04.2007|07:49] C:\Program Files\CyberLink
[11.04.2007|08:33] C:\Program Files\DIFX
[07.05.2009|11:32] C:\Program Files\DivX
[06.11.2008|22:27] C:\Program Files\eSobi
[06.11.2008|19:18] C:\Program Files\Gemeinsame Dateien [C:\Program Files\Common Files]
[04.12.2009|09:37] C:\Program Files\Google
[03.08.2009|10:29] C:\Program Files\Hewlett-Packard
[03.08.2009|10:32] C:\Program Files\HP
[22.11.2008|14:16] C:\Program Files\InstallShield Installation Information
[28.10.2009|13:43] C:\Program Files\Internet Explorer
[21.10.2009|05:54] C:\Program Files\Java
[05.12.2009|11:21] C:\Program Files\Malwarebytes' Anti-Malware
[14.11.2009|12:51] C:\Program Files\Microsoft
[02.11.2006|13:37] C:\Program Files\Microsoft Games
[22.07.2009|12:28] C:\Program Files\Microsoft LifeCam
[18.11.2009|09:54] C:\Program Files\Microsoft Office
[14.11.2009|12:51] C:\Program Files\Microsoft Office Outlook Connector
[15.11.2009|12:11] C:\Program Files\Microsoft Silverlight
[14.11.2009|12:49] C:\Program Files\Microsoft SQL Server Compact Edition
[14.11.2009|12:50] C:\Program Files\Microsoft Sync Framework
[24.07.2009|09:46] C:\Program Files\Microsoft Visual Studio
[24.07.2009|09:43] C:\Program Files\Microsoft Visual Studio 8
[15.10.2009|11:15] C:\Program Files\Microsoft Works
[24.07.2009|09:45] C:\Program Files\Microsoft.NET
[14.09.2009|12:58] C:\Program Files\Movie Maker
[08.11.2009|14:54] C:\Program Files\Mozilla Firefox
[29.11.2009|11:07] C:\Program Files\MP3 Rocket
[24.07.2009|09:46] C:\Program Files\MSBuild
[06.11.2008|19:46] C:\Program Files\MSXML 4.0
[11.04.2007|08:37] C:\Program Files\NewTech Infosystems
[12.08.2009|20:10] C:\Program Files\PhotoScape
[24.08.2009|11:12] C:\Program Files\PixiePack Codec Pack
[03.08.2009|23:37] C:\Program Files\QuickTime
[01.09.2009|13:16] C:\Program Files\Real
[11.04.2007|08:10] C:\Program Files\Realtek
[02.11.2006|13:37] C:\Program Files\Reference Assemblies
[02.08.2009|19:51] C:\Program Files\Sony Ericsson
[08.09.2009|17:53] C:\Program Files\Sweet Home 3D
[04.12.2009|23:41] C:\Program Files\Trend Micro
[02.11.2006|14:01] C:\Program Files\Uninstall Information
[10.11.2008|21:46] C:\Program Files\VideoLAN
[14.09.2009|12:58] C:\Program Files\Windows Calendar
[14.09.2009|12:58] C:\Program Files\Windows Collaboration
[14.09.2009|12:57] C:\Program Files\Windows Defender
[14.09.2009|12:58] C:\Program Files\Windows Journal
[14.11.2009|12:51] C:\Program Files\Windows Live
[22.07.2009|12:25] C:\Program Files\Windows Live SkyDrive
[12.11.2009|13:23] C:\Program Files\Windows Mail
[28.10.2009|13:43] C:\Program Files\Windows Media Player
[06.11.2008|19:18] C:\Program Files\Windows NT
[14.09.2009|12:58] C:\Program Files\Windows Photo Gallery
[17.11.2009|17:03] C:\Program Files\Windows Portable Devices
[14.09.2009|12:58] C:\Program Files\Windows Sidebar
[27.08.2009|16:43] C:\Program Files\Yahoo!
[17.09.2008|06:48] C:\Program Files\YUAN
[0|Datei(en),] C:\Program Files\Bytes
[68|Verzeichnis(se),] C:\Program Files\Bytes frei

--------------------\\ Ordner Verzeichnis unter C:\Program Files\Common Files

[23.11.2009|19:13] C:\Program Files\Common Files\Adobe
[19.11.2009|14:37] C:\Program Files\Common Files\Autodata Limited Shared
[18.11.2009|09:55] C:\Program Files\Common Files\DESIGNER
[07.05.2009|11:32] C:\Program Files\Common Files\DivX Shared
[03.08.2009|10:29] C:\Program Files\Common Files\Hewlett-Packard
[03.08.2009|10:32] C:\Program Files\Common Files\HP
[11.04.2007|08:36] C:\Program Files\Common Files\InstallShield
[07.11.2008|16:55] C:\Program Files\Common Files\Java
[11.04.2007|08:37] C:\Program Files\Common Files\LightScribe
[23.11.2009|20:06] C:\Program Files\Common Files\microsoft shared
[11.04.2007|08:36] C:\Program Files\Common Files\muvee Technologies
[11.04.2007|08:37] C:\Program Files\Common Files\NewTech Infosystems
[20.07.2009|22:46] C:\Program Files\Common Files\PX Storage Engine
[01.09.2009|13:16] C:\Program Files\Common Files\Real
[02.11.2006|12:18] C:\Program Files\Common Files\Services
[02.11.2006|12:18] C:\Program Files\Common Files\SpeechEngines
[14.11.2009|12:51] C:\Program Files\Common Files\System
[25.08.2009|13:29] C:\Program Files\Common Files\Tobit
[22.07.2009|12:21] C:\Program Files\Common Files\Windows Live
[01.09.2009|13:16] C:\Program Files\Common Files\xing shared
[0|Datei(en),] C:\Program Files\Common Files\Bytes
[22|Verzeichnis(se),] C:\Program Files\Common Files\Bytes frei

--------------------\\ Process

( 57 Processes )

... OK !

--------------------\\ Ueberpruefung mit S_Lop

Kein Lop Ordner gefunden !

--------------------\\ Suche nach Lop Dateien - Ordnern

C:\Users\Standpc\AppData\Local\Temp\Standpc.bmp

--------------------\\ Suche innerhalb der Registry

..... OK !

--------------------\\ Ueberpruefung der Hosts Datei

Hosts Datei SAUBER


--------------------\\ Suche nach verborgenen Dateien mit Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-12-05 19:15:20
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Suche nach anderen Infektionen

--------------------\\ Cracks & Keygens ..

C:\Users\Standpc\AppData\Roaming\BitTorrent\Autodata 2005 [MULTILANGUAGE][Crack]WwW.LiMiTeDiVx.CoM[LMD-T34M-Flint].1.torrent
C:\Users\Standpc\AppData\Roaming\BitTorrent\Autodata 2005 [MULTILANGUAGE][Crack]WwW.LiMiTeDiVx.CoM[LMD-T34M-Flint].torrent
C:\Users\Standpc\AppData\Roaming\BitTorrent\AutoData 3.24 + Crack.1.torrent
C:\Users\Standpc\AppData\Roaming\BitTorrent\AutoData 3.24 + Crack.torrent


[F:14][D:6]-> C:\Users\Standpc\AppData\Local\Temp
[F:18][D:1]-> C:\Users\Standpc\AppData\Roaming\MICROS~1\Windows\Cookies
[F:23][D:4]-> C:\Users\Standpc\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:118][D:4]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 05.12.2009|19:16 - Option : [1]

--------------------\\ Scan beendet um 19:16:50
[ UAC => 1 ]
__________________
Alt 07.12.2009, 08:11   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/CryptZPackGen loswerden? - Standard

TR/CryptZPackGen loswerden?


Zitat:
--------------------\\ Cracks & Keygens ..

C:\Users\Standpc\AppData\Roaming\BitTorrent\Autodata 2005 [MULTILANGUAGE][Crack]WwW.LiMiTeDiVx.CoM[LMD-T34M-Flint].1.torrent
C:\Users\Standpc\AppData\Roaming\BitTorrent\Autoda ta 2005 [MULTILANGUAGE][Crack]WwW.LiMiTeDiVx.CoM[LMD-T34M-Flint].torrent
C:\Users\Standpc\AppData\Roaming\BitTorrent\AutoDa ta 3.24 + Crack.1.torrent
C:\Users\Standpc\AppData\Roaming\BitTorrent\AutoDa ta 3.24 + Crack.torrent
Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr.

Für Dich geht es hier weiter => Neuaufsetzen des Systems
Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken.

Danach nie wieder sowas anrühren!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 07.12.2009, 09:48   #5
markusm2710
 
TR/CryptZPackGen loswerden? - Standard

TR/CryptZPackGen loswerden?


Hy, Ok werde den Computer neu aufsetzen.

Mit Freundlichen Grüßen Markus


Antwort

Themen zu TR/CryptZPackGen loswerden?
.com, 1.exe, antivir, antivir guard, avgnt, avgnt.exe, avgntflt.sys, avira, benutzerprofil, bho, c:\windows\temp, components, control center, desktop, device driver, diagnostics, email, error, excel, firefox, flash player, fontcache, gupdate, hdaudio.sys, hkus\s-1-5-18, home premium, install.exe, installation, jusched.exe, logfile, loswerden, malware.trace, malwarebytes' anti-malware, msiexec.exe, notepad.exe, object, office 2007, plug-in, popup, programdata, programm, registrierungsschlüssel, registry, seaport.exe, senden, server, software, start menu, system, trojaner, trojaner eingefangen, trojaner-board, vista, windows, windows\temp, wireless lan, wlidsvc.exe, wscript.exe


« Internet Explorer blockt andere Webbrowser | Zlob.DNS Changer (Datenausführungsverhinderung: kdrgi.exe) »


Ähnliche Themen: TR/CryptZPackGen loswerden?


  1. GVU Trojaner loswerden
    Log-Analyse und Auswertung - 25.06.2013 (5)
  2. Spyhunter 4 loswerden
    Plagegeister aller Art und deren Bekämpfung - 25.05.2013 (2)
  3. Spyhunter 4 loswerden
    Log-Analyse und Auswertung - 17.04.2013 (5)
  4. DeltaSearch loswerden
    Plagegeister aller Art und deren Bekämpfung - 09.03.2013 (30)
  5. W32/Ramnit.A loswerden?
    Plagegeister aller Art und deren Bekämpfung - 17.12.2012 (12)
  6. Incredibar loswerden
    Plagegeister aller Art und deren Bekämpfung - 06.12.2012 (35)
  7. GVU Trojaner loswerden
    Plagegeister aller Art und deren Bekämpfung - 28.09.2012 (9)
  8. GVU Trojaner loswerden
    Log-Analyse und Auswertung - 06.09.2012 (7)
  9. Win XP GVU 2.07 Trojaner loswerden
    Plagegeister aller Art und deren Bekämpfung - 18.08.2012 (19)
  10. Cycbot loswerden
    Plagegeister aller Art und deren Bekämpfung - 21.12.2011 (4)
  11. 007Guard , wie Loswerden ?
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (2)
  12. ICQsearch loswerden - wie?
    Plagegeister aller Art und deren Bekämpfung - 29.12.2009 (24)
  13. BDS/Agent.vxa.1 loswerden
    Mülltonne - 04.01.2009 (0)
  14. zlob loswerden?
    Log-Analyse und Auswertung - 03.04.2008 (3)
  15. TR/Inject.ZS - wie loswerden?
    Plagegeister aller Art und deren Bekämpfung - 20.03.2008 (7)
  16. CiD entlich loswerden!!
    Log-Analyse und Auswertung - 28.02.2008 (3)
  17. SysKontroller loswerden
    Mülltonne - 12.02.2008 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR/CryptZPackGen loswerden? - Hallo Hab vor kurzen einen Trojaner eingefangen Typ: TR/CryptZPackGen. Nun kommt so ca. alle 4 Minuten eine Meldung vom Programm AVIRA ein Virus-Fund. Aufgefallen ist mir das es jedesmal im - TR/CryptZPackGen loswerden?...
Archiv
Du betrachtest: TR/CryptZPackGen loswerden? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131