Trojaner-Board - 37 Funde, alles aufm Desktop gelöscht!

Hi.
Es wurden dauernd Dateien wie setup120909321.exe und so geöffnet.
Das wurde mir zubunt als noch Error Meldungen dazukamen.
Abgesicherter Modus gescannt, 37 funde, mit Malwarebytes gelöscht.
Soweit so gut.
Problem bestand weiter, alle Dateien auf Desktop als unsichtbar makiert.(Vom Virus)
Combofix gemacht, problem weg, Daten auf dem Desktop auch.
Virus KA ob der da ist.
Alles auf meinem Desktop ist weg, hab aber genausoviel speicher wie davor?
Help? Komisch? Unteranderem war vom TR/CRYPT.XPACK oder so die rede...
hier mal die logs
MALWAREBYTES log nicht vorhanden....
COMBOFIX :

Hab Malwarebytes log gefunden !!!!

Code:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Datenbank Version: 6414

 

Windows 6.1.7600 (Safe Mode)

Internet Explorer 8.0.7600.16385

 

21.04.2011 20:02:05

mbam-log-2011-04-21 (20-02-05).txt

 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)

Durchsuchte Objekte: 423351

Laufzeit: 1 Stunde(n), 1 Minute(n), 42 Sekunde(n)

 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 4

Infizierte Registrierungswerte: 2

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 30

 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)

 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)

 

Infizierte Registrierungsschlüssel:

HKEY_CURRENT_USER\SOFTWARE\0ESKOMO9JO (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\TBXQRHV4KR (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

 

Infizierte Registrierungswerte:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\0ESKOMO9JO (Trojan.Downloader) -> Value: 0ESKOMO9JO -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{46F2B195-AD7D-A938-2EDF-467AED7695D7} (Trojan.ZbotR.Gen) -> Value: {46F2B195-AD7D-A938-2EDF-467AED7695D7} -> Quarantined and deleted successfully.

 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)

 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)

 

Infizierte Dateien:

c:\Users\mediazentrum\AppData\Local\temp\Zty.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\0.5206876489920494.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\7E9D.tmp (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup1619385488.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup1838246504.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup2078615880.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup235097744.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup2545332152.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup2761652480.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup3005424944.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup3099047544.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup3486702696.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup3603794976.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup3935219352.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup4142847080.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\setup60898832.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\Ztx.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\Ztz.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\7ZipSfx.000\Pack\kalt\kalt.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\7ZipSfx.000\Pack\kont\kont.exe (Spyware.Banker) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\7ZipSfx.001\Pack\kalt\kalt.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\7ZipSfx.001\Pack\kont\kont.exe (Spyware.Banker) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Local\temp\\Pack\kont\kalt.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\downloads\Remb0r\o1.6.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.

c:\Windows\kont.exe (Spyware.Banker) -> Quarantined and deleted successfully.

c:\Windows\Zwiwea.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.

c:\Users\mediazentrum\AppData\Roaming\Haudsi\couhc.exe (Trojan.ZbotR.Gen) -> Quarantined and deleted successfully.