Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
TR/Zapchast.aix.79, TR/Dldr.FraudLoad.wybc, TR/Spy.Gen, TR/Crypt.XPACK TR/Rootkit.Gen

TR/Zapchast.aix.79, TR/Dldr.FraudLoad.wybc, TR/Spy.Gen, TR/Crypt.XPACK TR/Rootkit.Gen


Plagegeister aller Art und deren Bekämpfung: TR/Zapchast.aix.79, TR/Dldr.FraudLoad.wybc, TR/Spy.Gen, TR/Crypt.XPACK TR/Rootkit.Gen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 13.02.2010, 22:54   #2
CastorTroy
 
TR/Zapchast.aix.79, TR/Dldr.FraudLoad.wybc, TR/Spy.Gen, TR/Crypt.XPACK TR/Rootkit.Gen - Standard

TR/Zapchast.aix.79, TR/Dldr.FraudLoad.wybc, TR/Spy.Gen, TR/Crypt.XPACK TR/Rootkit.Gen


Hier noch die restlichen Logs

RSIT info

Code:
ATTFilter
info.txt logfile of random's system information tool 1.06 2010-02-12 19:17:05

======Uninstall list======

-->"C:\Programme\Creative\Sound Blaster X-Fi Surround 5.1\Program\SETUP.EXE" /s /U /W /L:GER
-->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043}
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x7 
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{88C97CD1-C7C6-4CEC-B15C-F4D3E26F6A6F}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{88C97CD1-C7C6-4CEC-B15C-F4D3E26F6A6F}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x7  /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee Classic-->C:\Tools\ACDSee\UNWISE.EXE C:\Tools\ACDSee\INSTALL.LOG
Acer ePowerManagement-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x7 
Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
Adobe After Effects CS3-->MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Contribute CS3-->MsiExec.exe /I{FF3E2850-BD2E-4B56-A89D-21E588D518E0}
Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\67a7fb1e97aa14ee9ef0950eb6fd757\Setup.exe
Adobe Creative Suite 3 Master Collection-->MsiExec.exe /I{DA896917-C1DA-45B2-B4D2-68162F16C0DD}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->MsiExec.exe /I{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}
Adobe ExtendScript Toolkit 2-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash CS3-->MsiExec.exe /I{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Flash Video Encoder-->MsiExec.exe /I{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
Adobe Illustrator CS3-->MsiExec.exe /I{C8D7A672-F697-4572-AC62-C856053A8DBC}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{411E0CC3-587A-468C-B461-95FAFD05E4DE}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}
Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
Adobe Premiere Pro CS3 Third Party Content-->MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}
Adobe Premiere Pro CS3-->MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Setup-->MsiExec.exe /I{DFFDDCF5-CB32-4354-8823-1B9E68025953}
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
ATI - Software Uninstall Utility-->C:\Programme\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 
ATI Control Panel-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" 
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
Audiograbber 1.83 SE -->"C:\Tools\Audiograbber\Uninstall.exe"
Audiograbber Lame-MP3-Plugin-->"C:\Tools\Audiograbber\Lame-Uninstall.exe"
Avira AntiVir Personal - Free Antivirus-->C:\ProgramsCT\Avira\AntiVir Desktop\setup.exe /REMOVE
CCleaner-->"C:\Tools\CCleaner\uninst.exe"
CINEMA 4D Release 11-->C:\WINDOWS\unvise32.exe c:\programsct\Cinema4D\MAXON\CINEMA 4D R11\uninstal_C4D.log
Cisco AnyConnect VPN Client-->MsiExec.exe /X{5F64E152-51C1-47B4-BEA8-007D73C7460F}
Conexant AC-Link Audio-->CIAunwdm.exe
CPUID HWMonitor 1.15-->"C:\Tools\HWMonitor\unins000.exe"
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x7  /remove
Creative Systeminformationen-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x7  /remove
DivX Plus Web Player-->C:\Programme\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Dragon Age: Origins-->C:\Programme\Gemeinsame Dateien\BioWare\Uninstall Dragon Age.exe
FoxyTunes for Firefox-->"C:\ProgramsCT\Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
Futuremark SystemInfo-->"C:\Programme\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
Gothic II-->C:\Games\GOTHIC~1\UNWISE.EXE C:\Games\GOTHIC~1\INSTALL.LOG
HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
IsoBuster 2.4-->"C:\Tools\IsoBuster\Uninst\unins000.exe"
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Launch Manager-->C:\WINDOWS\UnInst32.exe QtZgAcer.UNI
Lexmark Software deinstallieren-->C:\Programme\Lexmark_HostCD\Install\x86\Uninstall.exe
Logitech MouseWare 9.80 -->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x7 -l0007 UNINSTALL
LogonStudio-->C:\Tools\LOGONS~1\UNWISE.EXE C:\Tools\LOGONS~1\INSTALL.LOG
Malwarebytes' Anti-Malware-->"C:\Tools\Malwarebytes\unins000.exe"
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.6)-->C:\ProgramsCT\Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.23)-->C:\ProgramsCT\Thunderbird\uninstall\helper.exe
Mp3tag v2.43-->C:\Tools\Mp3tag\Mp3tagUninstall.EXE
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Nero 7 Ultra Edition-->MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031}
NET Render Release 11-->C:\WINDOWS\unvise32.exe c:\programsct\cinema4d\MAXON\NET Render R11\uninstal_NET.log
NVIDIA PhysX-->MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477CD655043}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Sicherheitsupdate für Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SoftV92 Data Fax Modem with SmartCP-->C:\Programme\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_00661025\HXFSETUP.EXE -U -Iqta00665.inf
Sound Blaster X-Fi Surround 5.1-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{12BEF00E-ECFF-4820-BEDF-CCB9CC06A955}\SETUP.EXE" -l0x7  /remove
Synaptics Pointing Device Driver-->rundll32.exe "C:\Programme\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Toolbar fuer eBay-->regsvr32 /u /s "C:\Dokumente und Einstellungen\CastorTroy\Anwendungsdaten\Toolbars\Toolbar fuer eBay\ebay.dll" 
Total Commander (Remove or Repair)-->C:\Tools\totalcmd\tcuninst.exe
Update für Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe"
Update für Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VLC media player 1.0.3-->C:\ProgramsCT\VLC\uninstall.exe
VSO Image Resizer 1.0.11-->"C:\Tools\Image Resizer\unins000.exe"
Wacom Tablett-->C:\Programme\Tablet\Wacom\Remove.exe /u
Winamp-->"C:\ProgramsCT\Winamp\UninstWA.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPcap 3.1 beta3-->"C:\Programme\WinPcap\Uninstall.exe" "C:\Programme\WinPcap\install.log"
WinRAR-->C:\Tools\WinRAR\uninstall.exe

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: CT
Event Code: 8021
Message: Der Suchdienst konnte keine Serverliste vom Hauptsuchdienst "\\DANIEL-PC" auf dem Netzwerk "\Device\NetBT_Tcpip_{4866996C-D265-4ACE-8304-5374A9664836}" erhalten.
Daten: Fehlercode.

Record Number: 1886
Source Name: BROWSER
Time Written: 20100109092724.000000+060
Event Type: Warnung
User: 

Computer Name: CT
Event Code: 4201
Message: Netzwerkadapter "\DEVICE\TCPIP_{4866996C-D265-4ACE-8304-5374A9664836}" wurde mit dem Netzwerk verbunden, und das
System wurde über das Netzwerk im normalen Zustand gestartet.

Record Number: 1885
Source Name: Tcpip
Time Written: 20100108201939.000000+060
Event Type: Informationen
User: 

Computer Name: CT
Event Code: 7036
Message: Dienst "RAS-Verbindungsverwaltung" befindet sich jetzt im Status "Ausgeführt".

Record Number: 1884
Source Name: Service Control Manager
Time Written: 20100108164548.000000+060
Event Type: Informationen
User: 

Computer Name: CT
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "RAS-Verbindungsverwaltung" gesendet.

Record Number: 1883
Source Name: Service Control Manager
Time Written: 20100108164547.000000+060
Event Type: Informationen
User: CT\CastorTroy

Computer Name: CT
Event Code: 7036
Message: Dienst "Telefonie" befindet sich jetzt im Status "Ausgeführt".

Record Number: 1882
Source Name: Service Control Manager
Time Written: 20100108164547.000000+060
Event Type: Informationen
User: 

=====Application event log=====

Computer Name: CT
Event Code: 1800
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.

Record Number: 403
Source Name: SecurityCenter
Time Written: 20091205093304.000000+060
Event Type: Informationen
User: 

Computer Name: CT
Event Code: 0
Message: 
Record Number: 402
Source Name: RegSrvc
Time Written: 20091205093245.000000+060
Event Type: Informationen
User: 

Computer Name: CT
Event Code: 0
Message: 
Record Number: 401
Source Name: EvtEng
Time Written: 20091205093244.000000+060
Event Type: Informationen
User: 

Computer Name: CT
Event Code: 1
Message: 
Record Number: 400
Source Name: Bonjour Service
Time Written: 20091205093243.000000+060
Event Type: Informationen
User: 

Computer Name: CT
Event Code: 4096
Message: Der AntiVir Dienst wurde erfolgreich gestartet!

Record Number: 399
Source Name: Avira AntiVir
Time Written: 20091205093237.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\ATI Technologies\ATI Control Panel;C:\Tools\IsoBuster;C:\Programme\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------

GMER log

Code:
ATTFilter
GMER 1.0.15.15281 - h**p://www.gmer.net
Rootkit quick scan 2010-02-13 15:42:21
Windows 5.1.2600 Service Pack 3
Running: 4cz2pr82.exe; Driver: C:\DOKUME~1\CASTOR~1\LOKALE~1\Temp\pxtdqpob.sys


---- System - GMER 1.0.15 ----

SSDT            spne.sys                                 ZwEnumerateKey [0xB9EC6CA2]                             <-- ROOTKIT !!!
SSDT            spne.sys                                 ZwEnumerateValueKey [0xB9EC7030]                        <-- ROOTKIT !!!

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                   89E417D0
Device          \FileSystem\Ntfs \Ntfs                   89DE41F8

AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0  SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- Services - GMER 1.0.15 ----

Service          (*** hidden *** )                       [BOOT] fpujcv                                           <-- ROOTKIT !!!

---- EOF - GMER 1.0.15 ----



GMER 1.0.15.15281 - h**p://www.gmer.net
Rootkit scan 2010-02-13 22:03:27
Windows 5.1.2600 Service Pack 3
Running: 4cz2pr82.exe; Driver: C:\DOKUME~1\CASTOR~1\LOKALE~1\Temp\pxtdqpob.sys


---- System - GMER 1.0.15 ----

SSDT            BA741B7E                                                                                                             ZwCreateKey
SSDT            BA741B74                                                                                                             ZwCreateThread
SSDT            BA741B83                                                                                                             ZwDeleteKey
SSDT            BA741B8D                                                                                                             ZwDeleteValueKey
SSDT            spne.sys                                                                                                             ZwEnumerateKey [0xB9EC6CA2]                                                                                        <-- ROOTKIT !!!
SSDT            spne.sys                                                                                                             ZwEnumerateValueKey [0xB9EC7030]                                                                                   <-- ROOTKIT !!!
SSDT            BA741B92                                                                                                             ZwLoadKey
SSDT            spne.sys                                                                                                             ZwOpenKey [0xB9EA80C0]                                                                                             <-- ROOTKIT !!!
SSDT            BA741B60                                                                                                             ZwOpenProcess
SSDT            BA741B65                                                                                                             ZwOpenThread
SSDT            spne.sys                                                                                                             ZwQueryKey [0xB9EC7108]                                                                                            <-- ROOTKIT !!!
SSDT            spne.sys                                                                                                             ZwQueryValueKey [0xB9EC6F88]                                                                                       <-- ROOTKIT !!!
SSDT            BA741B9C                                                                                                             ZwReplaceKey
SSDT            BA741B97                                                                                                             ZwRestoreKey
SSDT            BA741B88                                                                                                             ZwSetValueKey
SSDT            BA741B6F                                                                                                             ZwTerminateProcess

INT 0x62        ?                                                                                                                    89DE5BF8
INT 0x63        ?                                                                                                                    89947E08
INT 0xA4        ?                                                                                                                    89947E08
INT 0xB4        ?                                                                                                                    89947E08

---- Kernel code sections - GMER 1.0.15 ----

?               spne.sys                                                                                                             Das System kann die angegebene Datei nicht finden. !
.pak2           C:\WINDOWS\system32\drivers\fpujcv.sys                                                                               entry point in ".pak2" section [0xB9D9018B]
?               C:\WINDOWS\system32\drivers\fpujcv.sys                                                                               Ein an das System angeschlossenes Gerät funktioniert nicht.
.text           C:\WINDOWS\system32\DRIVERS\ati2mtag.sys                                                                             section is writeable [0xB95F4000, 0x1C5D58, 0xE8000020]
.text           USBPORT.SYS!DllUnload                                                                                                B95D38AC 5 Bytes  JMP 899473E8 
init            C:\WINDOWS\system32\drivers\tifm21.sys                                                                               entry point in "init" section [0xB95B7ABF]
.text           awg6p3vv.SYS                                                                                                         B9288386 35 Bytes  [00, 00, 00, 00, 00, 00, 20, ...]
.text           awg6p3vv.SYS                                                                                                         B92883AA 24 Bytes  [00, 00, 00, 00, 00, 00, 00, ...]
.text           awg6p3vv.SYS                                                                                                         B92883C4 3 Bytes  [00, 70, 02] {ADD [EAX+0x2], DH}
.text           awg6p3vv.SYS                                                                                                         B92883C9 1 Byte  [2E]
.text           awg6p3vv.SYS                                                                                                         B92883C9 11 Bytes  [2E, 00, 00, 00, 5A, 02, 00, ...]
.text           ...                                                                                                                  

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                                   [B9EA9040] spne.sys
IAT             atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                                           [B9EA913C] spne.sys
IAT             atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                                  [B9EA90BE] spne.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                                          [B9EA97FC] spne.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                                  [B9EA96D2] spne.sys
IAT             \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                                                   [B9EB9048] spne.sys
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!KfAcquireSpinLock]                                                 C0840CEC
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!READ_PORT_UCHAR]                                                   053C0D74
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!KeGetCurrentIrql]                                                  57B80974
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!KfRaiseIrql]                                                       8B000000
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!KfLowerIrql]                                                       56C35DE5
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!HalGetInterruptVector]                                             8D08758B
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!HalTranslateBusAddress]                                            8D51FC4D
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!KeStallExecutionProcessor]                                         8D52FD55
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!KfReleaseSpinLock]                                                 8D51FE4D
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!READ_PORT_BUFFER_USHORT]                                           8D52FF55
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!READ_PORT_USHORT]                                                  8D51F84D
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                          5052F455
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[HAL.dll!WRITE_PORT_UCHAR]                                                  EACAE856
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[WMILIB.SYS!WmiSystemControl]                                               0FC08520
IAT             \SystemRoot\System32\Drivers\awg6p3vv.SYS[WMILIB.SYS!WmiCompleteRequest]                                             0001B185

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                               89E417D0
Device          \FileSystem\Ntfs \Ntfs                                                                                               89DE41F8

AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0                                                                              SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device          \Driver\usbuhci \Device\USBPDO-0                                                                                     898F3368
Device          \Driver\usbuhci \Device\USBPDO-1                                                                                     898F3368
Device          \Driver\usbuhci \Device\USBPDO-2                                                                                     898F3368
Device          \Driver\usbuhci \Device\USBPDO-3                                                                                     898F3368
Device          \Driver\usbehci \Device\USBPDO-4                                                                                     89A304B8
Device          \Driver\Ftdisk \Device\HarddiskVolume1                                                                               89E511F8
Device          \Driver\Cdrom \Device\CdRom0                                                                                         89A5C500
Device          \Driver\PCI_PNP8570 \Device\00000059                                                                                 spne.sys
Device          \Driver\Cdrom \Device\CdRom1                                                                                         89A5C500
Device          \Driver\atapi \Device\Ide\IdePort0                                                                                   [B9CD5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4                                                                          [B9CD5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c                                                                          [B9CD5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\NetBT \Device\NetBT_Tcpip_{4866996C-D265-4ACE-8304-5374A9664836}                                             898531F8
Device          \Driver\sptd \Device\3516811070                                                                                      spne.sys
Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                              898531F8
Device          \Driver\NetBT \Device\NetbiosSmb                                                                                     898531F8
Device          \Driver\usbuhci \Device\USBFDO-0                                                                                     898F3368
Device          \Driver\usbuhci \Device\USBFDO-1                                                                                     898F3368
Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                                    89A392E8
Device          \Driver\usbuhci \Device\USBFDO-2                                                                                     898F3368
Device          \FileSystem\MRxSmb \Device\LanmanRedirector                                                                          89A392E8
Device          \Driver\usbuhci \Device\USBFDO-3                                                                                     898F3368
Device          \Driver\usbehci \Device\USBFDO-4                                                                                     89A304B8
Device          \Driver\Ftdisk \Device\FtControl                                                                                     89E511F8
Device          \Driver\awg6p3vv \Device\Scsi\awg6p3vv1Port1Path0Target0Lun0                                                         898FD500
Device          \Driver\awg6p3vv \Device\Scsi\awg6p3vv1                                                                              898FD500
Device          \FileSystem\Cdfs \Cdfs                                                                                               8993E500

---- Services - GMER 1.0.15 ----

Service          (*** hidden *** )                                                                                                   [BOOT] fpujcv                                                                                                      <-- ROOTKIT !!!

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000b6b916a28                                          
Reg             HKLM\SYSTEM\CurrentControlSet\Services\fpujcv@Type                                                                   1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\fpujcv@Start                                                                  0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\fpujcv@ErrorControl                                                           0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\fpujcv@Group                                                                  Boot Bus Extender
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                                   771343423
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                                   285507792
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                                   1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                                     
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                  C:\Tools\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                  0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                               0xE8 0xAB 0x75 0x7B ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001                            
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                         0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                      0xAF 0xF0 0xC8 0x15 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                0xCF 0xED 0x36 0x1D ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000b6b916a28 (not active ControlSet)                      
Reg             HKLM\SYSTEM\ControlSet003\Services\fpujcv@Type                                                                       1
Reg             HKLM\SYSTEM\ControlSet003\Services\fpujcv@Start                                                                      0
Reg             HKLM\SYSTEM\ControlSet003\Services\fpujcv@ErrorControl                                                               0
Reg             HKLM\SYSTEM\ControlSet003\Services\fpujcv@Group                                                                      Boot Bus Extender
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)                 
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                      C:\Tools\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                      0
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                   0xE8 0xAB 0x75 0x7B ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)        
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                          0xAF 0xF0 0xC8 0x15 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                    0xCF 0xED 0x36 0x1D ...

---- EOF - GMER 1.0.15 ----
__________________
 

Themen zu TR/Zapchast.aix.79, TR/Dldr.FraudLoad.wybc, TR/Spy.Gen, TR/Crypt.XPACK TR/Rootkit.Gen
.com, 0 bytes, adobe, adware.adon, antivir, antivir guard, antivirus, avgntflt.sys, avira, backdoor.bot.gen, bho, bonjour, browser, content.ie5, device driver, diagnostics, ebayshortcuts.exe, einstellungen, eudora, explorer, frage, gerätetreiber, hijack, hijackthis, internet, jusched.exe, launch, malware.packer.gen, nt.dll, pdf-datei, plug-in, problem, registrierungsschlüssel, registry, rundll, skype.exe, software, spyware.passwords, studio, suchlauf, taskman, temp, toolbars, tr/crypt.xpack, tr/crypt.xpack.gen, tr/dldr.fraudload.wybc, tr/rootkit.gen, tr/spy.gen, tr/zapchast.aix.79, trojan, viren, warnung, windows, worm.autorun.b


« mit Trojaner TR/Dropper.Gen infiziert | svchost.exe »


Ähnliche Themen: TR/Zapchast.aix.79, TR/Dldr.FraudLoad.wybc, TR/Spy.Gen, TR/Crypt.XPACK TR/Rootkit.Gen


  1. TR/Sirefef.BP.1, TR/Crypt.XPACK.Gen, TR/Rootkit.Gen2 und Avira bekommt es nicht weg
    Plagegeister aller Art und deren Bekämpfung - 19.03.2012 (16)
  2. TR/Fraudload.xzail , TR/PSW.Karagany.A.73 und TR/Crypt.XPACK.Gen8
    Plagegeister aller Art und deren Bekämpfung - 08.02.2012 (24)
  3. AntiVir hat DR/PSW.Cain.284.3 Dropper TR/Rootkit.Gen und TR/Crypt.XPACK.Gen2 gefunden!
    Plagegeister aller Art und deren Bekämpfung - 04.06.2011 (37)
  4. Infiziert mit TR/Dldr.Renos.CH und TR/Crypt.XPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 13.10.2010 (15)
  5. TR/Dldr.Pher.gml + TR/Crypt.XPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 05.10.2010 (2)
  6. Trojaner TR/Dldr.Small.aulw und TR/Crypt.XPACK.Gen2 + Gen3 gefunden
    Plagegeister aller Art und deren Bekämpfung - 26.09.2010 (15)
  7. TR/Dropper.gen und TR/Crypt.XPACK.Gen und TR/Crypt.XPACK.Gen2 und TR/Dldr.Agent.cxyf.3
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (32)
  8. TR/dldr.swizzor.gen2, TR/crypt.xpack.gen, TR/crypt.zpack.gen unter Windows XP
    Plagegeister aller Art und deren Bekämpfung - 16.06.2010 (15)
  9. Trojaner TR/Trash.gen und TR/Crypt.XPACK.Gen' und 'TR/Rootkit.Gen' [trojan]
    Plagegeister aller Art und deren Bekämpfung - 31.03.2010 (3)
  10. TR/Crypt.XPACK.Gen + TR/TDss.avki + TR/Dldr.FraudLoad.wxpm .. wie bloß sicher entf ?
    Plagegeister aller Art und deren Bekämpfung - 08.02.2010 (1)
  11. Habe/Hatte 2 Trojaner: TR/Crypt.XPACK.Gen UND TR/Dldr.WMA.Wimad.X....HILFE!!!
    Plagegeister aller Art und deren Bekämpfung - 22.09.2009 (20)
  12. TR/Dldr.Fraudload.fcu, BDS/Zdoogu.FB, BDS/Bredolab.DM u.a.
    Plagegeister aller Art und deren Bekämpfung - 26.08.2009 (3)
  13. TR/Crypt.XPACK.Gen & TR/Rootkit. Gen & HTML/Fake Alert.njh Trojaner - Brauche Hilfe!
    Plagegeister aller Art und deren Bekämpfung - 29.06.2009 (1)
  14. Crypt.XPACK.Gen und Dldr.Small.abfr , was dagegen tun?
    Plagegeister aller Art und deren Bekämpfung - 20.08.2008 (1)
  15. Trojaner-Besuch:TR/Dldr.FraudLoad.baf,...
    Mülltonne - 27.06.2008 (0)
  16. Hilfe! TR/Dldr.ConHook.Pr1 TR/Crypt.XPack.Gen TR/PrivacySet.A TR/Vundo.ELT
    Plagegeister aller Art und deren Bekämpfung - 18.05.2008 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR/Zapchast.aix.79, TR/Dldr.FraudLoad.wybc, TR/Spy.Gen, TR/Crypt.XPACK TR/Rootkit.Gen - Hier noch die restlichen Logs RSIT info Code: Alles auswählen Aufklappen ATTFilter info.txt logfile of random's system information tool 1.06 2010-02-12 19:17:05 ======Uninstall list====== -->"C:\Programme\Creative\Sound Blaster X-Fi Surround 5.1\Program\SETUP.EXE" /s - TR/Zapchast.aix.79, TR/Dldr.FraudLoad.wybc, TR/Spy.Gen, TR/Crypt.XPACK TR/Rootkit.Gen...
Archiv
Du betrachtest: TR/Zapchast.aix.79, TR/Dldr.FraudLoad.wybc, TR/Spy.Gen, TR/Crypt.XPACK TR/Rootkit.Gen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131