Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 09.10.2010, 18:27   #1
Stern1710
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Hallo,

ich habe vor etwa 3 Tagen von Antivir beim Hochfahren meines Laptops angezeigt bekommen, dass sich der Trojaner TR/Crypt.XPACK.Gen eingenistet hat.
Habe ihn zuerst in die Quarantäne bei Antivir geschoben und anschließend gelöscht. Beim erneuten Hochfahren bekam ich dieselbe Meldung wie zuvor.
Mittlerweile befinden sich 2 davon bei Antivir in Quarantäne, einen Dritten, der mir vorhin angezeigt wurde, noch nicht.
Habe mir Malwarebytes' Anti-Malware heruntergeladen und anschließend scannen lassen.
Nichts gefunden.
Antivir zeigt mir zwar an, dass der Trojaner drauf ist, findet aber beim Scan auch nichts.
Da aber einer noch nicht in Quarantäne ist, müsste der doch von beiden Programmen angezeigt werden oder?

Habe dann noch einmal gegoogelt und Hijack-This heruntergeladen und durchgeführt.

Das kam dann bei raus:
HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:59:46, on 09.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ICQ7.2\ICQ.exe
C:\Users\Steffi\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 11571 bytes
         
--- --- ---


Hoffe, ihr könnt mir weiterhelfen...

Gruß,
Steffi

Alt 09.10.2010, 21:11   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Zitat:
dass sich der Trojaner TR/Crypt.XPACK.Gen eingenistet hat.
Immer die genauen Schädlingsnamen und Pfadangaben notieren und posten!

Aus den Regeln:

5. Beschreibe Dein Problem in einigen Sätzen und arbeite diese Anleitung ab Punkt 2. durch
Auch Funde von deiner Sicherheitssoftware bitte im Thema nennen: (z.B. c:\windows\virus.exe)
Fehlen diese Angaben, kann und wird dir hier niemand helfen.
__________________

__________________

Alt 10.10.2010, 23:48   #3
Stern1710
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Okay, dann nochmal etwas genauer.

TR/Crypt.XPACK.Gen gefunden in:

C:\Users\...\AppData\Local\Temp\EADE465.exe
C:\Users\...\AppData\Local\Temp\EADDBFC.exe
C:\Users\...\AppData\Local\Temp\EADF4B.exe
C:\Users\...\AppData\Local\Temp\EAD3F40.exe
C:\Users\...\AppData\Local\Temp\EAD5263.exe

Report von Malewarebytes:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4770

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11.10.2010 00:31:26
mbam-log-2010-10-11 (00-31-26).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 376821
Laufzeit: 1 Stunde(n), 43 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:41:17, on 11.10.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Steffi\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) -  - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11645 bytes
         
--- --- ---
__________________

Alt 11.10.2010, 09:35   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.10.2010, 10:33   #5
Stern1710
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 11.10.2010 11:22:10 - Run 1
OTL by OldTimer - Version 3.2.15.0     Folder = C:\Users\Steffi\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 29,12 Gb Free Space | 39,08% Space Free | Partition Type: NTFS
Drive D: | 208,92 Gb Total Space | 208,88 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
 
Computer Name: STEFFI-PC | User Name: Steffi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{23B45E10-0CA5-43E9-BD6D-C2BD6CBE11AC}" = iTunes
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{3768263E-8BE8-4CEF-9463-6D36F731824B}" = Windows Live Family Safety
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security
"{90120000-0028-0404-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0404-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0408-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Greek) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{90120000-002A-040D-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Hebrew) 2007
"{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007
"{90120000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2007
"{90120000-002A-0816-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007
"{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security
"{B4F9E407-95F4-EAA4-B253-C1FE391E0A6C}" = ATI Catalyst Install Manager
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{FF8BC37A-2DFB-95B6-4F09-05C7304891F3}" = ccc-utility64
"ASUS USB2.0 UVC VGA WebCam" = ASUS USB2.0 UVC VGA WebCam
"ASUS WebStorage" = ASUS WebStorage
"Elantech" = ETDWare PS/2-x64 7.0.5.9_WHQL
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0058143E-0C1F-530B-C75D-4B4D272BA857}" = CCC Help Portuguese
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0C5D9A6B-FF26-9DD9-8CFE-6348C6216F90}" = Catalyst Control Center Graphics Full Existing
"{0E00E89C-D6C1-4736-CBE0-F97566641F2D}" = CCC Help Swedish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B75F827-8404-871C-908D-FE2841809879}" = ccc-core-static
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2582CC36-8FF2-37A4-E4DF-20D98AFC2FD2}" = CCC Help Polish
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{29906EE7-6EDB-8336-4455-A65A5343EA49}" = CCC Help English
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{2F300A26-2149-4BE3-4E46-0244DE26243A}" = CCC Help Greek
"{37DBA48D-B4D0-FEFD-AC97-A3B02A41D7BD}" = CCC Help Finnish
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{455CD05F-2041-F120-992C-8B390FD902B9}" = Catalyst Control Center InstallProxy
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4C6F31F8-81E0-CFCE-DCF8-63D0179BE7E8}" = CCC Help Italian
"{4F5B18A3-E921-4FFE-BEF4-ACBB98964FC2}" = AMD USB Filter Driver
"{51B618BD-9DD2-BEDA-9CF3-EE7A7D574234}" = CCC Help French
"{566BAEC0-74CB-4ACC-9E18-8779AC974FB0}" = Windows Live Toolbar
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5C6BF318-B9A6-E5FC-6FED-BB010CA4879C}" = CCC Help Chinese Standard
"{5CF94DB3-AD09-8E75-6780-9CA707E16579}" = CCC Help Hungarian
"{5DB2F906-140A-E5A1-6CF8-7F8D4D84EE0A}" = CCC Help Korean
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7664A6B5-A117-67E2-E49A-AE7E4C64FDCE}" = Catalyst Control Center Graphics Full New
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{81601299-AD02-403C-9A47-93C509FE2EC2}" = Catalyst Control Center - Branding
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{81B9F470-8E68-C4EC-9E3C-DE176811887E}" = CCC Help Japanese
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}" = Piggly FREE
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}" = Smileyville FREE
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8C73B81B-2BBA-744F-2BDA-E2ACFA9E94AA}" = CCC Help Turkish
"{8EEE95B9-D3AD-C483-7F3E-BA643FF5A3FE}" = CCC Help Thai
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0404-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Traditional)) 2007
"{90120000-0015-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0408-0000-0000000FF1CE}" = Microsoft Office Access MUI (Greek) 2007
"{90120000-0015-0408-0000-0000000FF1CE}_PROHYBRIDR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040D-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hebrew) 2007
"{90120000-0015-040D-0000-0000000FF1CE}_PROHYBRIDR_{A5B40B57-F7E1-4C88-A3A4-D1E1C07F023F}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0816-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Portugal)) 2007
"{90120000-0015-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0404-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007
"{90120000-0016-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0408-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Greek) 2007
"{90120000-0016-0408-0000-0000000FF1CE}_PROHYBRIDR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040D-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hebrew) 2007
"{90120000-0016-040D-0000-0000000FF1CE}_PROHYBRIDR_{A5B40B57-F7E1-4C88-A3A4-D1E1C07F023F}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007
"{90120000-0016-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0404-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
"{90120000-0018-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0408-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Greek) 2007
"{90120000-0018-0408-0000-0000000FF1CE}_PROHYBRIDR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040D-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hebrew) 2007
"{90120000-0018-040D-0000-0000000FF1CE}_PROHYBRIDR_{A5B40B57-F7E1-4C88-A3A4-D1E1C07F023F}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007
"{90120000-0018-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0404-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Traditional)) 2007
"{90120000-0019-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0408-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Greek) 2007
"{90120000-0019-0408-0000-0000000FF1CE}_PROHYBRIDR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040D-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hebrew) 2007
"{90120000-0019-040D-0000-0000000FF1CE}_PROHYBRIDR_{A5B40B57-F7E1-4C88-A3A4-D1E1C07F023F}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0816-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007
"{90120000-0019-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0404-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Traditional)) 2007
"{90120000-001A-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0408-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Greek) 2007
"{90120000-001A-0408-0000-0000000FF1CE}_PROHYBRIDR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040D-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hebrew) 2007
"{90120000-001A-040D-0000-0000000FF1CE}_PROHYBRIDR_{A5B40B57-F7E1-4C88-A3A4-D1E1C07F023F}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0816-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007
"{90120000-001A-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0404-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007
"{90120000-001B-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0408-0000-0000000FF1CE}" = Microsoft Office Word MUI (Greek) 2007
"{90120000-001B-0408-0000-0000000FF1CE}_PROHYBRIDR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040D-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hebrew) 2007
"{90120000-001B-040D-0000-0000000FF1CE}_PROHYBRIDR_{A5B40B57-F7E1-4C88-A3A4-D1E1C07F023F}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007
"{90120000-001B-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_PROHYBRIDR_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007
"{90120000-001F-0404-0000-0000000FF1CE}_PROHYBRIDR_{33FA7680-10ED-444E-BC72-214064317283}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0408-0000-0000000FF1CE}" = Microsoft Office Proof (Greek) 2007
"{90120000-001F-0408-0000-0000000FF1CE}_PROHYBRIDR_{3C7DCB2F-8EA1-4558-B8F5-1107C4055A0B}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040D-0000-0000000FF1CE}" = Microsoft Office Proof (Hebrew) 2007
"{90120000-001F-040D-0000-0000000FF1CE}_PROHYBRIDR_{D51DB996-6D46-4195-B495-5E96F61A3CB9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_PROHYBRIDR_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0419-0000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2007
"{90120000-001F-0419-0000-0000000FF1CE}_PROHYBRIDR_{57A92C5E-E76A-49CC-9EC2-A7B6CE1255EA}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007
"{90120000-001F-0816-0000-0000000FF1CE}_PROHYBRIDR_{C312E1CD-EC19-4270-A072-F36F634DFF79}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0404-0000-0000000FF1CE}_PROHYBRIDR_{5E6C6E79-40BE-491B-9ABF-C665667E1B07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-1000-0000000FF1CE}_PROHYBRIDR_{1252D255-DB26-4F85-9F0F-D59B9DFE339E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0404-1000-0000000FF1CE}_PROHYBRIDR_{3F96DD0A-F509-4CBD-8130-B3B3194A9C3D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0408-1000-0000000FF1CE}_PROHYBRIDR_{E3B92295-785F-4FF7-8BE1-67E86F5F8140}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-040C-1000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-040D-1000-0000000FF1CE}_PROHYBRIDR_{C4FDF834-B4AF-4B5E-8901-5146204B58CC}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0410-1000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0413-1000-0000000FF1CE}_PROHYBRIDR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0816-1000-0000000FF1CE}_PROHYBRIDR_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0C0A-1000-0000000FF1CE}_PROHYBRIDR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0404-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0408-0000-0000000FF1CE}" = Microsoft Office Proofing (Greek) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-040D-0000-0000000FF1CE}" = Microsoft Office Proofing (Hebrew) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0404-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007
"{90120000-006E-0404-0000-0000000FF1CE}_PROHYBRIDR_{3F96DD0A-F509-4CBD-8130-B3B3194A9C3D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0408-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Greek) 2007
"{90120000-006E-0408-0000-0000000FF1CE}_PROHYBRIDR_{E3B92295-785F-4FF7-8BE1-67E86F5F8140}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040D-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hebrew) 2007
"{90120000-006E-040D-0000-0000000FF1CE}_PROHYBRIDR_{C4FDF834-B4AF-4B5E-8901-5146204B58CC}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007
"{90120000-006E-0816-0000-0000000FF1CE}_PROHYBRIDR_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-0120-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{ADC7E65C-63C5-34EA-E1A9-A6F85D094CC9}" = Catalyst Control Center Graphics Previews Vista
"{AE5553AA-1429-5618-2B44-82C7B3DA6ACC}" = CCC Help Danish
"{B20B3F6C-F56A-EFED-F806-BCBAECF4D3A9}" = CCC Help German
"{B7D7704F-7B56-54D4-1E4F-165EC7ABC5A2}" = CCC Help Norwegian
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C306FB81-7859-C9BB-7C63-5DCC53AD0706}" = CCC Help Russian
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C67AFDF7-9A23-2D8D-6CE1-4F13796118C9}" = CCC Help Czech
"{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1" = Game Park Console
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E2364C90-B2EB-0B43-2462-07F6D4EA3BE0}" = CCC Help Chinese Traditional
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EB4BB51C-88D4-5022-5CE9-47DF2A626F75}" = Catalyst Control Center Core Implementation
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.50.52
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F9FDA329-6CDA-BDBB-5B81-F5AF757BE969}" = Catalyst Control Center Localization All
"{FA9DA7C9-6CF8-25EB-87DE-E0411067E14C}" = CCC Help Dutch
"{FB74EE62-8513-682F-A55D-31B7A2205D2F}" = Catalyst Control Center Graphics Light
"{FCFEB590-8CCD-8171-69F4-EA19AEDD8A3A}" = CCC Help Spanish
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASUS AP Bank_is1" = ASUS AP Bank
"ASUS_Screensaver" = ASUS_Screensaver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"EADM" = EA Download Manager
"Google Chrome" = Google Chrome
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"PROHYBRIDR" = 2007 Microsoft Office system
"RollerCoaster Tycoon 3_is1" = RollerCoaster Tycoon 3
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 20.09.2010 17:55:43 | Computer Name = Steffi-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search helper\searchhelper.dll" in Zeile 2.  Ungültige XML-Syntax.
 
Error - 20.09.2010 18:06:11 | Computer Name = Steffi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: lpksetup.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc9cd  Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7600.16385,
 Zeitstempel: 0x4a5bdfbe  Ausnahmecode: 0x40000015  Fehleroffset: 0x000000000002aa8e
ID
 des fehlerhaften Prozesses: 0x165c  Startzeit der fehlerhaften Anwendung: 0x01cb590ec1952934
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\lpksetup.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\system32\msvcrt.dll  Berichtskennung: 46bf8ee8-c503-11df-ba8c-485b3924b66e
 
Error - 22.09.2010 15:33:09 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 22.09.2010 15:33:09 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1358
 
Error - 22.09.2010 15:33:09 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1358
 
Error - 22.09.2010 15:33:10 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 22.09.2010 15:33:10 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2528
 
Error - 22.09.2010 15:33:10 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2528
 
Error - 22.09.2010 16:38:30 | Computer Name = Steffi-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 22.09.2010 16:41:43 | Computer Name = Steffi-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search helper\searchhelper.dll" in Zeile 2.  Ungültige XML-Syntax.
 
[ System Events ]
Error - 21.09.2010 04:32:51 | Computer Name = Steffi-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "OS" den Befehl "chkdsk" aus.
 
Error - 21.09.2010 04:32:51 | Computer Name = Steffi-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "C:" den Befehl "chkdsk" aus.
 
Error - 22.09.2010 09:12:34 | Computer Name = Steffi-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 23.09.2010 06:33:11 | Computer Name = Steffi-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 23.09.2010 06:33:11 | Computer Name = Steffi-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005
 
Error - 24.09.2010 15:34:15 | Computer Name = Steffi-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows Live ID Sign-in Assistant erreicht.
 
Error - 24.09.2010 15:34:15 | Computer Name = Steffi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 30.09.2010 06:07:39 | Computer Name = Steffi-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b
 
Error - 03.10.2010 07:25:19 | Computer Name = Steffi-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows Media Player-Netzwerkfreigabedienst erreicht.
 
Error - 03.10.2010 07:25:19 | Computer Name = Steffi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund
 folgenden Fehlers nicht gestartet:   %%1053
 
 
< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.10.2010 11:22:10 - Run 1
OTL by OldTimer - Version 3.2.15.0     Folder = C:\Users\Steffi\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 29,12 Gb Free Space | 39,08% Space Free | Partition Type: NTFS
Drive D: | 208,92 Gb Total Space | 208,88 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
 
Computer Name: STEFFI-PC | User Name: Steffi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Steffi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe ()
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Steffi\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TMBMServer) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe (Trend Micro Inc.)
SRV:64bit: - (TmProxy) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe (Trend Micro Inc.)
SRV:64bit: - (SfCtlCom) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe (Trend Micro Inc.)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV:64bit: - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (fsssvc) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (tmxpflt) -- C:\Windows\SysNative\drivers\tmxpflt.sys (Trend Micro Inc.)
DRV:64bit: - (tmpreflt) -- C:\Windows\SysNative\drivers\tmpreflt.sys (Trend Micro Inc.)
DRV:64bit: - (vsapint) -- C:\Windows\SysNative\drivers\vsapint.sys (Trend Micro Inc.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (lullaby) -- C:\Windows\SysNative\drivers\lullaby.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (s1018mdm) -- C:\Windows\SysNative\drivers\s1018mdm.sys (MCCI Corporation)
DRV:64bit: - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\SysNative\drivers\s1018unic.sys (MCCI Corporation)
DRV:64bit: - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\drivers\s1018mgmt.sys (MCCI Corporation)
DRV:64bit: - (s1018obex) -- C:\Windows\SysNative\drivers\s1018obex.sys (MCCI Corporation)
DRV:64bit: - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\SysNative\drivers\s1018bus.sys (MCCI Corporation)
DRV:64bit: - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\SysNative\drivers\s1018nd5.sys (MCCI Corporation)
DRV:64bit: - (s1018mdfl) -- C:\Windows\SysNative\drivers\s1018mdfl.sys (MCCI Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (ASMMAP64) -- C:\Program Files\ATKGFNEX\ASMMAP64.sys ()
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.20 20:01:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.20 20:01:55 | 000,000,000 | ---D | M]
 
[2010.06.22 19:40:11 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\mozilla\Extensions
[2010.10.10 11:29:40 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\7gyyq5x0.default\extensions
[2010.06.22 19:58:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\7gyyq5x0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.10.10 22:55:15 | 000,000,950 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin-1.xml
[2010.07.22 12:53:43 | 000,000,950 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin-2.xml
[2010.07.24 21:20:49 | 000,000,950 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin-3.xml
[2010.07.30 03:26:52 | 000,000,950 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin-4.xml
[2010.06.22 19:58:05 | 000,000,168 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin.gif
[2010.06.22 19:58:05 | 000,000,618 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin.src
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin.xml
[2010.06.22 20:24:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.06.22 20:24:24 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.09.20 20:01:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.09.20 20:01:49 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.09.20 20:01:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.09.20 20:01:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.09.20 20:01:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a5d8a7ce-9e39-11df-9e39-485b3924b66e}\Shell - "" = AutoRun
O33 - MountPoints2\{a5d8a7ce-9e39-11df-9e39-485b3924b66e}\Shell\AutoRun\command - "" = F:\Startme.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.11 11:21:21 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Users\Steffi\Desktop\OTL.exe
[2010.10.07 21:27:06 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\Malwarebytes
[2010.10.07 21:26:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.10.07 21:26:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.07 21:26:51 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.10.07 21:26:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.23 23:25:13 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\Avira
[2010.09.14 19:04:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log
[2010.09.12 12:46:53 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\CyberLink
[2010.09.11 11:36:49 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Local\Sony Ericsson
[2010.09.11 11:34:02 | 000,153,128 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1018mdm.sys
[2010.09.11 11:34:02 | 000,146,472 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1018unic.sys
[2010.09.11 11:34:02 | 000,133,160 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1018mgmt.sys
[2010.09.11 11:34:02 | 000,128,552 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1018obex.sys
[2010.09.11 11:34:02 | 000,034,856 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1018nd5.sys
[2010.09.11 11:34:02 | 000,019,496 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1018mdfl.sys
[2010.09.11 11:34:02 | 000,015,912 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1018whnt.sys
[2010.09.11 11:34:02 | 000,015,912 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1018wh.sys
[2010.09.11 11:34:02 | 000,014,888 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1018cmnt.sys
[2010.09.11 11:34:02 | 000,014,888 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1018cm.sys
[2010.09.11 11:34:02 | 000,013,864 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1018cr.sys
[2010.09.11 11:34:01 | 000,113,704 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1018bus.sys
[2010.09.11 11:33:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2010.09.11 11:33:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
[2008.08.12 06:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.11 11:25:30 | 001,572,864 | -HS- | M] () -- C:\Users\Steffi\ntuser.dat
[2010.10.11 11:25:27 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2010.10.11 11:25:24 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2010.10.11 11:21:25 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\Steffi\Desktop\OTL.exe
[2010.10.11 11:12:02 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.11 10:54:57 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.11 10:54:57 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.11 10:47:36 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2010.10.11 10:47:24 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.11 10:47:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.10.11 10:47:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.11 10:47:06 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.11 00:50:59 | 003,315,985 | -H-- | M] () -- C:\Users\Steffi\AppData\Local\IconCache.db
[2010.10.07 21:26:59 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.24 18:14:08 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.09.23 23:23:43 | 000,684,954 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2010.09.23 23:23:43 | 000,684,000 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2010.09.23 23:23:43 | 000,681,356 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2010.09.23 23:23:43 | 000,680,010 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2010.09.23 23:23:43 | 000,670,084 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2010.09.23 23:23:43 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.09.23 23:23:43 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.23 23:23:43 | 000,541,152 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat
[2010.09.23 23:23:43 | 000,346,674 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2010.09.23 23:23:43 | 000,133,704 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2010.09.23 23:23:43 | 000,130,586 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2010.09.23 23:23:43 | 000,129,608 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2010.09.23 23:23:43 | 000,127,070 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2010.09.23 23:23:43 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.09.23 23:23:43 | 000,124,006 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2010.09.23 23:23:43 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.23 23:23:43 | 000,085,920 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat
[2010.09.23 23:23:43 | 000,066,274 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2010.09.23 23:23:42 | 006,543,560 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.11 16:15:04 | 000,001,762 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2010.09.11 11:35:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.09.11 11:34:04 | 000,002,270 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.5.lnk
 
========== Files Created - No Company Name ==========
 
[2010.10.07 21:26:59 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.11 20:38:57 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe
[2010.09.11 11:35:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.09.11 11:34:04 | 000,002,270 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.5.lnk
[2010.07.21 20:08:19 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.06.22 20:26:51 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.16 09:19:27 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010.03.16 09:00:13 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.03.16 08:46:25 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010.03.16 08:45:52 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2009.08.19 10:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009.07.29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.08 19:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2007.06.12 18:34:50 | 000,035,822 | ---- | C] () -- C:\Program Files (x86)\Common Files\ASPG_icon.ico
[2006.05.19 05:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:2F370DA6
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:A724744F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:115CEE00

< End of report >
         
--- --- ---


Alt 11.10.2010, 10:48   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
ATTFilter
:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a5d8a7ce-9e39-11df-9e39-485b3924b66e}\Shell - "" = AutoRun
O33 - MountPoints2\{a5d8a7ce-9e39-11df-9e39-485b3924b66e}\Shell\AutoRun\command - "" = F:\Startme.exe -- File not found
[2010.10.11 11:25:27 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2010.10.11 11:25:24 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2010.10.11 10:47:36 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2010.03.16 09:00:13 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.03.16 08:46:25 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010.03.16 08:45:52 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:2F370DA6
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:A724744F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:115CEE00
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
--> TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?

Alt 11.10.2010, 11:16   #7
Stern1710
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Ich hoffe, es ist das richtige Logfile.
PC wurde neu gestartet.OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.10.2010 12:02:14 - Run 2
OTL by OldTimer - Version 3.2.15.0     Folder = C:\Users\Steffi\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 70,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 29,88 Gb Free Space | 40,10% Space Free | Partition Type: NTFS
Drive D: | 208,92 Gb Total Space | 208,88 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
 
Computer Name: STEFFI-PC | User Name: Steffi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Steffi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe ()
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Windows\SysWOW64\runonce.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Steffi\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TMBMServer) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe (Trend Micro Inc.)
SRV:64bit: - (TmProxy) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe (Trend Micro Inc.)
SRV:64bit: - (SfCtlCom) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe (Trend Micro Inc.)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV:64bit: - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (fsssvc) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (tmxpflt) -- C:\Windows\SysNative\drivers\tmxpflt.sys (Trend Micro Inc.)
DRV:64bit: - (tmpreflt) -- C:\Windows\SysNative\drivers\tmpreflt.sys (Trend Micro Inc.)
DRV:64bit: - (vsapint) -- C:\Windows\SysNative\drivers\vsapint.sys (Trend Micro Inc.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (lullaby) -- C:\Windows\SysNative\drivers\lullaby.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (s1018mdm) -- C:\Windows\SysNative\drivers\s1018mdm.sys (MCCI Corporation)
DRV:64bit: - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\SysNative\drivers\s1018unic.sys (MCCI Corporation)
DRV:64bit: - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\drivers\s1018mgmt.sys (MCCI Corporation)
DRV:64bit: - (s1018obex) -- C:\Windows\SysNative\drivers\s1018obex.sys (MCCI Corporation)
DRV:64bit: - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\SysNative\drivers\s1018bus.sys (MCCI Corporation)
DRV:64bit: - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\SysNative\drivers\s1018nd5.sys (MCCI Corporation)
DRV:64bit: - (s1018mdfl) -- C:\Windows\SysNative\drivers\s1018mdfl.sys (MCCI Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (ASMMAP64) -- C:\Program Files\ATKGFNEX\ASMMAP64.sys ()
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.20 20:01:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.20 20:01:55 | 000,000,000 | ---D | M]
 
[2010.06.22 19:40:11 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\mozilla\Extensions
[2010.10.11 11:45:35 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\7gyyq5x0.default\extensions
[2010.06.22 19:58:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\7gyyq5x0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.10.10 22:55:15 | 000,000,950 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin-1.xml
[2010.07.22 12:53:43 | 000,000,950 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin-2.xml
[2010.07.24 21:20:49 | 000,000,950 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin-3.xml
[2010.07.30 03:26:52 | 000,000,950 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin-4.xml
[2010.06.22 19:58:05 | 000,000,168 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin.gif
[2010.06.22 19:58:05 | 000,000,618 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin.src
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Steffi\AppData\Roaming\Mozilla\FireFox\Profiles\7gyyq5x0.default\searchplugins\icqplugin.xml
[2010.06.22 20:24:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.06.22 20:24:24 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.09.20 20:01:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.09.20 20:01:49 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.09.20 20:01:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.09.20 20:01:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.09.20 20:01:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.10.11 11:53:12 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.11 11:53:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.10.11 11:21:21 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Users\Steffi\Desktop\OTL.exe
[2010.10.07 21:27:06 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\Malwarebytes
[2010.10.07 21:26:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.10.07 21:26:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.07 21:26:51 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.10.07 21:26:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.23 23:25:13 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\Avira
[2010.09.14 19:04:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log
[2010.09.12 12:46:53 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\CyberLink
[2008.08.12 06:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.11 12:05:34 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.11 12:05:34 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.11 12:00:24 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2010.10.11 12:00:22 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.11 12:00:15 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2010.10.11 11:58:49 | 001,572,864 | -HS- | M] () -- C:\Users\Steffi\ntuser.dat
[2010.10.11 11:58:05 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.10.11 11:57:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.11 11:57:49 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.11 11:57:03 | 003,317,201 | -H-- | M] () -- C:\Users\Steffi\AppData\Local\IconCache.db
[2010.10.11 11:53:12 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010.10.11 11:21:25 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\Steffi\Desktop\OTL.exe
[2010.10.11 11:12:02 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.07 21:26:59 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.24 18:14:08 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.09.23 23:23:43 | 000,684,954 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2010.09.23 23:23:43 | 000,684,000 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2010.09.23 23:23:43 | 000,681,356 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2010.09.23 23:23:43 | 000,680,010 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2010.09.23 23:23:43 | 000,670,084 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2010.09.23 23:23:43 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.09.23 23:23:43 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.23 23:23:43 | 000,541,152 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat
[2010.09.23 23:23:43 | 000,346,674 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2010.09.23 23:23:43 | 000,133,704 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2010.09.23 23:23:43 | 000,130,586 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2010.09.23 23:23:43 | 000,129,608 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2010.09.23 23:23:43 | 000,127,070 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2010.09.23 23:23:43 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.09.23 23:23:43 | 000,124,006 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2010.09.23 23:23:43 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.23 23:23:43 | 000,085,920 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat
[2010.09.23 23:23:43 | 000,066,274 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2010.09.23 23:23:42 | 006,543,560 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.11 16:15:04 | 000,001,762 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
 
========== Files Created - No Company Name ==========
 
[2010.10.07 21:26:59 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.21 20:08:19 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.06.22 20:26:51 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.16 09:19:27 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009.08.19 10:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009.07.29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.08 19:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2007.06.12 18:34:50 | 000,035,822 | ---- | C] () -- C:\Program Files (x86)\Common Files\ASPG_icon.ico
[2006.05.19 05:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

< End of report >
         
--- --- ---

Alt 11.10.2010, 19:21   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur eine Sekunde.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.10.2010, 19:56   #9
Stern1710
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: ASUSTeK Computer INC.
System Product Name: K50AF
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 175):
0x02A1C000 \SystemRoot\system32\ntoskrnl.exe
0x02FF8000 \SystemRoot\system32\hal.dll
0x00BBE000 \SystemRoot\system32\kdcom.dll
0x00CB9000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x00CC6000 \SystemRoot\system32\PSHED.dll
0x00CDA000 \SystemRoot\system32\CLFS.SYS
0x00D38000 \SystemRoot\system32\CI.dll
0x00C00000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00CA4000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00E25000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00E7C000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00E85000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00E8F000 \SystemRoot\system32\DRIVERS\pci.sys
0x00EC2000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00ECF000 \SystemRoot\System32\drivers\partmgr.sys
0x00EE4000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00EED000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00EF9000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00F0E000 \SystemRoot\System32\drivers\volmgrx.sys
0x00F6A000 \SystemRoot\system32\drivers\pciide.sys
0x00F71000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00F81000 \SystemRoot\System32\drivers\mountmgr.sys
0x00F9B000 \SystemRoot\system32\DRIVERS\atapi.sys
0x00FA4000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x00FCE000 \SystemRoot\system32\DRIVERS\msahci.sys
0x00FD9000 \SystemRoot\system32\DRIVERS\amdsata.sys
0x01018000 \SystemRoot\system32\DRIVERS\storport.sys
0x0107A000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01085000 \SystemRoot\system32\drivers\fltmgr.sys
0x010D1000 \SystemRoot\system32\drivers\fileinfo.sys
0x010E5000 \SystemRoot\system32\DRIVERS\lullaby.sys
0x0124D000 \SystemRoot\System32\Drivers\Ntfs.sys
0x010EE000 \SystemRoot\System32\Drivers\msrpc.sys
0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0114C000 \SystemRoot\System32\Drivers\cng.sys
0x0121A000 \SystemRoot\System32\drivers\pcw.sys
0x0122B000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x014B4000 \SystemRoot\system32\drivers\ndis.sys
0x01400000 \SystemRoot\system32\drivers\NETIO.SYS
0x01460000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01601000 \SystemRoot\System32\drivers\tcpip.sys
0x015A6000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01876000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x018C2000 \SystemRoot\System32\Drivers\spldr.sys
0x018CA000 \SystemRoot\System32\drivers\rdyboost.sys
0x01904000 \SystemRoot\System32\Drivers\mup.sys
0x01916000 \SystemRoot\System32\drivers\hwpolicy.sys
0x0191F000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01959000 \SystemRoot\system32\DRIVERS\disk.sys
0x0196F000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x0199F000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x01800000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x0182A000 \SystemRoot\System32\Drivers\Null.SYS
0x01833000 \SystemRoot\System32\Drivers\Beep.SYS
0x0183A000 \SystemRoot\System32\drivers\vga.sys
0x01848000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x019E6000 \SystemRoot\System32\drivers\watchdog.sys
0x019F6000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x0186D000 \SystemRoot\system32\drivers\rdpencdd.sys
0x015F0000 \SystemRoot\system32\drivers\rdprefmp.sys
0x0148B000 \SystemRoot\System32\Drivers\Msfs.SYS
0x01496000 \SystemRoot\System32\Drivers\Npfs.SYS
0x011BF000 \SystemRoot\system32\DRIVERS\tdx.sys
0x014A7000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02CAE000 \SystemRoot\system32\drivers\afd.sys
0x02D38000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02D7D000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x02D86000 \SystemRoot\system32\DRIVERS\pacer.sys
0x02DAC000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x02DC2000 \SystemRoot\system32\DRIVERS\netbios.sys
0x02DD1000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02C00000 \SystemRoot\system32\DRIVERS\tmtdi.sys
0x02C1D000 \SystemRoot\system32\DRIVERS\termdd.sys
0x02C31000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x02C82000 \SystemRoot\system32\drivers\nsiproxy.sys
0x02C8E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x02C99000 \SystemRoot\System32\drivers\discache.sys
0x011DD000 \SystemRoot\System32\Drivers\dfsc.sys
0x02DEC000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x00E00000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x03A2B000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x03A51000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x03C16000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x04252000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04346000 \SystemRoot\System32\drivers\dxgmms1.sys
0x0438C000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x03A66000 \SystemRoot\system32\DRIVERS\athrx.sys
0x043C5000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x043D2000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x043DF000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x04471000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x044C7000 \SystemRoot\system32\DRIVERS\usbfilter.sys
0x044D3000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x044E4000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04508000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x04526000 \SystemRoot\system32\DRIVERS\kbfiltr.sys
0x0452E000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x0453D000 \SystemRoot\system32\DRIVERS\ETD.sys
0x0455F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x0456E000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x04573000 \SystemRoot\system32\DRIVERS\ATK64AMD.sys
0x0457B000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x0458B000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x045A1000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x045C5000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x045D1000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04400000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0441B000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x0443C000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04456000 \SystemRoot\system32\DRIVERS\swenum.sys
0x048FF000 \SystemRoot\system32\DRIVERS\ks.sys
0x04942000 \SystemRoot\system32\DRIVERS\umbus.sys
0x04954000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x049AE000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0580B000 \SystemRoot\system32\drivers\viahduaa.sys
0x0599F000 \SystemRoot\system32\drivers\portcls.sys
0x059DC000 \SystemRoot\system32\drivers\drmk.sys
0x05800000 \SystemRoot\system32\drivers\ksthunk.sys
0x049C3000 \SystemRoot\System32\Drivers\crashdmp.sys
0x049D1000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x049DB000 \SystemRoot\System32\Drivers\dump_amdsata.sys
0x04800000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x04813000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x05806000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x00060000 \SystemRoot\System32\win32k.sys
0x04830000 \SystemRoot\System32\drivers\Dxapi.sys
0x05A42000 \SystemRoot\system32\DRIVERS\snp2uvc.sys
0x05A00000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x05A11000 \SystemRoot\system32\DRIVERS\sncduvc.SYS
0x05A1A000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00530000 \SystemRoot\System32\TSDDD.dll
0x00770000 \SystemRoot\System32\cdd.dll
0x0483C000 \SystemRoot\system32\drivers\luafv.sys
0x0485F000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x05A28000 \SystemRoot\system32\DRIVERS\tmpreflt.sys
0x02609000 \SystemRoot\system32\DRIVERS\vsapint.sys
0x0487C000 \SystemRoot\system32\DRIVERS\tmxpflt.sys
0x048D3000 \SystemRoot\system32\drivers\WudfPf.sys
0x04458000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x034F4000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x03547000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x0355A000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03572000 \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys
0x03400000 \SystemRoot\system32\drivers\HTTP.sys
0x034C8000 \SystemRoot\system32\DRIVERS\bowser.sys
0x03579000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03591000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x05C2E000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x05C7C000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x05C9F000 \SystemRoot\system32\drivers\peauth.sys
0x05D45000 \SystemRoot\System32\Drivers\secdrv.SYS
0x05D50000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x05D7D000 \SystemRoot\System32\drivers\tcpipreg.sys
0x05D8F000 \SystemRoot\System32\DRIVERS\srv2.sys
0x064AB000 \SystemRoot\System32\DRIVERS\srv.sys
0x06541000 \SystemRoot\System32\Drivers\fastfat.SYS
0x06577000 \SystemRoot\system32\drivers\spsys.sys
0x76EB0000 \Windows\System32\ntdll.dll
0x47DD0000 \Windows\System32\smss.exe
0xFF1D0000 \Windows\System32\apisetschema.dll
0xFF970000 \Windows\System32\autochk.exe
0xFEFE0000 \Windows\System32\setupapi.dll
0xFEEB0000 \Windows\System32\rpcrt4.dll
0xFEDE0000 \Windows\System32\usp10.dll
0xFED60000 \Windows\System32\shlwapi.dll
0xFEC50000 \Windows\System32\msctf.dll
0x76DB0000 \Windows\System32\user32.dll
0xFEBB0000 \Windows\System32\msvcrt.dll
0xFEB60000 \Windows\System32\ws2_32.dll
0x76C90000 \Windows\System32\kernel32.dll
0xFEA30000 \Windows\System32\wininet.dll
0xFEA10000 \Windows\System32\imagehlp.dll
0xFE890000 \Windows\System32\urlmon.dll
0xFE860000 \Windows\System32\imm32.dll
0x77080000 \Windows\System32\normaliz.dll

Processes (total 88):
0 System Idle Process
4 System

Alt 11.10.2010, 20:26   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Log ist unvollständig
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.10.2010, 20:30   #11
Stern1710
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Sorry, war zu voreilig.

Hier nochmal:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: ASUSTeK Computer INC.
System Product Name: K50AF
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 175):
0x02A1C000 \SystemRoot\system32\ntoskrnl.exe
0x02FF8000 \SystemRoot\system32\hal.dll
0x00BBE000 \SystemRoot\system32\kdcom.dll
0x00CB9000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x00CC6000 \SystemRoot\system32\PSHED.dll
0x00CDA000 \SystemRoot\system32\CLFS.SYS
0x00D38000 \SystemRoot\system32\CI.dll
0x00C00000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00CA4000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00E25000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00E7C000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00E85000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00E8F000 \SystemRoot\system32\DRIVERS\pci.sys
0x00EC2000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00ECF000 \SystemRoot\System32\drivers\partmgr.sys
0x00EE4000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00EED000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00EF9000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00F0E000 \SystemRoot\System32\drivers\volmgrx.sys
0x00F6A000 \SystemRoot\system32\drivers\pciide.sys
0x00F71000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00F81000 \SystemRoot\System32\drivers\mountmgr.sys
0x00F9B000 \SystemRoot\system32\DRIVERS\atapi.sys
0x00FA4000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x00FCE000 \SystemRoot\system32\DRIVERS\msahci.sys
0x00FD9000 \SystemRoot\system32\DRIVERS\amdsata.sys
0x01018000 \SystemRoot\system32\DRIVERS\storport.sys
0x0107A000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01085000 \SystemRoot\system32\drivers\fltmgr.sys
0x010D1000 \SystemRoot\system32\drivers\fileinfo.sys
0x010E5000 \SystemRoot\system32\DRIVERS\lullaby.sys
0x0124D000 \SystemRoot\System32\Drivers\Ntfs.sys
0x010EE000 \SystemRoot\System32\Drivers\msrpc.sys
0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0114C000 \SystemRoot\System32\Drivers\cng.sys
0x0121A000 \SystemRoot\System32\drivers\pcw.sys
0x0122B000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x014B4000 \SystemRoot\system32\drivers\ndis.sys
0x01400000 \SystemRoot\system32\drivers\NETIO.SYS
0x01460000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01601000 \SystemRoot\System32\drivers\tcpip.sys
0x015A6000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01876000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x018C2000 \SystemRoot\System32\Drivers\spldr.sys
0x018CA000 \SystemRoot\System32\drivers\rdyboost.sys
0x01904000 \SystemRoot\System32\Drivers\mup.sys
0x01916000 \SystemRoot\System32\drivers\hwpolicy.sys
0x0191F000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01959000 \SystemRoot\system32\DRIVERS\disk.sys
0x0196F000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x0199F000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x01800000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x0182A000 \SystemRoot\System32\Drivers\Null.SYS
0x01833000 \SystemRoot\System32\Drivers\Beep.SYS
0x0183A000 \SystemRoot\System32\drivers\vga.sys
0x01848000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x019E6000 \SystemRoot\System32\drivers\watchdog.sys
0x019F6000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x0186D000 \SystemRoot\system32\drivers\rdpencdd.sys
0x015F0000 \SystemRoot\system32\drivers\rdprefmp.sys
0x0148B000 \SystemRoot\System32\Drivers\Msfs.SYS
0x01496000 \SystemRoot\System32\Drivers\Npfs.SYS
0x011BF000 \SystemRoot\system32\DRIVERS\tdx.sys
0x014A7000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02CAE000 \SystemRoot\system32\drivers\afd.sys
0x02D38000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02D7D000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x02D86000 \SystemRoot\system32\DRIVERS\pacer.sys
0x02DAC000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x02DC2000 \SystemRoot\system32\DRIVERS\netbios.sys
0x02DD1000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02C00000 \SystemRoot\system32\DRIVERS\tmtdi.sys
0x02C1D000 \SystemRoot\system32\DRIVERS\termdd.sys
0x02C31000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x02C82000 \SystemRoot\system32\drivers\nsiproxy.sys
0x02C8E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x02C99000 \SystemRoot\System32\drivers\discache.sys
0x011DD000 \SystemRoot\System32\Drivers\dfsc.sys
0x02DEC000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x00E00000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x03A2B000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x03A51000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x03C16000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x04252000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04346000 \SystemRoot\System32\drivers\dxgmms1.sys
0x0438C000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x03A66000 \SystemRoot\system32\DRIVERS\athrx.sys
0x043C5000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x043D2000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x043DF000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x04471000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x044C7000 \SystemRoot\system32\DRIVERS\usbfilter.sys
0x044D3000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x044E4000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04508000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x04526000 \SystemRoot\system32\DRIVERS\kbfiltr.sys
0x0452E000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x0453D000 \SystemRoot\system32\DRIVERS\ETD.sys
0x0455F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x0456E000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x04573000 \SystemRoot\system32\DRIVERS\ATK64AMD.sys
0x0457B000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x0458B000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x045A1000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x045C5000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x045D1000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04400000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0441B000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x0443C000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04456000 \SystemRoot\system32\DRIVERS\swenum.sys
0x048FF000 \SystemRoot\system32\DRIVERS\ks.sys
0x04942000 \SystemRoot\system32\DRIVERS\umbus.sys
0x04954000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x049AE000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0580B000 \SystemRoot\system32\drivers\viahduaa.sys
0x0599F000 \SystemRoot\system32\drivers\portcls.sys
0x059DC000 \SystemRoot\system32\drivers\drmk.sys
0x05800000 \SystemRoot\system32\drivers\ksthunk.sys
0x049C3000 \SystemRoot\System32\Drivers\crashdmp.sys
0x049D1000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x049DB000 \SystemRoot\System32\Drivers\dump_amdsata.sys
0x04800000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x04813000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x05806000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x00060000 \SystemRoot\System32\win32k.sys
0x04830000 \SystemRoot\System32\drivers\Dxapi.sys
0x05A42000 \SystemRoot\system32\DRIVERS\snp2uvc.sys
0x05A00000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x05A11000 \SystemRoot\system32\DRIVERS\sncduvc.SYS
0x05A1A000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00530000 \SystemRoot\System32\TSDDD.dll
0x00770000 \SystemRoot\System32\cdd.dll
0x0483C000 \SystemRoot\system32\drivers\luafv.sys
0x0485F000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x05A28000 \SystemRoot\system32\DRIVERS\tmpreflt.sys
0x02609000 \SystemRoot\system32\DRIVERS\vsapint.sys
0x0487C000 \SystemRoot\system32\DRIVERS\tmxpflt.sys
0x048D3000 \SystemRoot\system32\drivers\WudfPf.sys
0x04458000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x034F4000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x03547000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x0355A000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03572000 \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys
0x03400000 \SystemRoot\system32\drivers\HTTP.sys
0x034C8000 \SystemRoot\system32\DRIVERS\bowser.sys
0x03579000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03591000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x05C2E000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x05C7C000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x05C9F000 \SystemRoot\system32\drivers\peauth.sys
0x05D45000 \SystemRoot\System32\Drivers\secdrv.SYS
0x05D50000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x05D7D000 \SystemRoot\System32\drivers\tcpipreg.sys
0x05D8F000 \SystemRoot\System32\DRIVERS\srv2.sys
0x064AB000 \SystemRoot\System32\DRIVERS\srv.sys
0x06541000 \SystemRoot\System32\Drivers\fastfat.SYS
0x065F0000 \SystemRoot\system32\drivers\MSPQM.sys
0x76EB0000 \Windows\System32\ntdll.dll
0x47DD0000 \Windows\System32\smss.exe
0xFF1D0000 \Windows\System32\apisetschema.dll
0xFF970000 \Windows\System32\autochk.exe
0xFEFE0000 \Windows\System32\setupapi.dll
0xFEEB0000 \Windows\System32\rpcrt4.dll
0xFEDE0000 \Windows\System32\usp10.dll
0xFED60000 \Windows\System32\shlwapi.dll
0xFEC50000 \Windows\System32\msctf.dll
0x76DB0000 \Windows\System32\user32.dll
0xFEBB0000 \Windows\System32\msvcrt.dll
0xFEB60000 \Windows\System32\ws2_32.dll
0x76C90000 \Windows\System32\kernel32.dll
0xFEA30000 \Windows\System32\wininet.dll
0xFEA10000 \Windows\System32\imagehlp.dll
0xFE890000 \Windows\System32\urlmon.dll
0xFE860000 \Windows\System32\imm32.dll
0x77080000 \Windows\System32\normaliz.dll

Processes (total 82):
0 System Idle Process
4 System
268 C:\Windows\System32\smss.exe
348 csrss.exe
412 C:\Windows\System32\wininit.exe
424 csrss.exe
472 C:\Windows\System32\winlogon.exe
520 C:\Windows\System32\services.exe
528 C:\Windows\System32\lsass.exe
536 C:\Windows\System32\lsm.exe
636 C:\Windows\System32\svchost.exe
760 C:\Windows\System32\svchost.exe
808 C:\Windows\System32\atiesrxx.exe
880 C:\Windows\System32\svchost.exe
940 C:\Windows\System32\svchost.exe
968 C:\Windows\System32\svchost.exe
296 C:\Windows\System32\svchost.exe
1112 C:\Windows\System32\svchost.exe
1160 C:\Windows\System32\atieclxx.exe
1292 C:\Windows\System32\FBAgent.exe
1332 C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
1364 C:\Program Files\ATKGFNEX\GFNEXSrv.exe
1432 C:\Windows\System32\spoolsv.exe
1460 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1508 C:\Windows\System32\svchost.exe
1780 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1808 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1828 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
1880 C:\Windows\System32\svchost.exe
1956 C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
1972 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
1988 C:\Windows\System32\conhost.exe
1680 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2000 C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
2032 C:\Windows\System32\svchost.exe
2060 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2436 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2548 C:\Windows\System32\taskhost.exe
2604 C:\Windows\System32\dwm.exe
2624 C:\Windows\explorer.exe
2660 C:\Windows\System32\taskeng.exe
2736 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
2756 C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2816 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2864 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
2884 C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
2932 C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2952 C:\Program Files\P4G\BatteryLife.exe
2076 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2104 C:\Program Files\Elantech\ETDCtrl.exe
284 C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
2212 C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
2460 C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
2780 C:\Windows\SysWOW64\ACEngSvr.exe
3056 C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
3216 C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
3424 C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
3432 C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
3440 C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
3452 C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
3460 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
3484 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3492 C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
3508 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
3532 C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
3548 C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
3788 C:\Windows\System32\SearchIndexer.exe
3892 C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
4196 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
4324 C:\Program Files\iPod\bin\iPodService.exe
4616 C:\Program Files\Windows Media Player\wmpnetwk.exe
4188 C:\Windows\AsScrPro.exe
196 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
420 C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
5052 C:\Program Files\Trend Micro\BM\TMBMSRV.exe
1556 C:\Windows\System32\svchost.exe
2536 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
3360 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
3760 C:\Windows\System32\audiodg.exe
2404 C:\Users\Steffi\Desktop\MBRCheck.exe
3128 C:\Windows\System32\conhost.exe
2356 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`a962f000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000016`4aaf6e00 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS545032B9A300, Rev: PB3OC60N

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!

Alt 11.10.2010, 20:39   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.10.2010, 01:03   #13
Stern1710
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4796

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12.10.2010 01:14:01
mbam-log-2010-10-12 (01-14-01).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 369614
Laufzeit: 2 Stunde(n), 40 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)




SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 10/12/2010 at 01:59 AM

Application Version : 4.44.1000

Core Rules Database Version : 5667
Trace Rules Database Version: 3479

Scan type : Complete Scan
Total Scan Time : 03:03:10

Memory items scanned : 821
Memory threats detected : 0
Registry items scanned : 13146
Registry threats detected : 0
File items scanned : 237899
File threats detected : 15

Adware.Tracking Cookie
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@tradedoubler[2].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@content.yieldmanager[1].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@ar.atwola[2].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@ad.yieldmanager[2].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@atwola[2].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@content.yieldmanager[3].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@ad2.adfarm1.adition[1].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@eaeacom.112.2o7[1].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@adfarm1.adition[1].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@zanox[1].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@doubleclick[1].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@imrworldwide[2].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@adserver.traffictrack[2].txt
C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Cookies\steffi@webmasterplan[2].txt
imagesrv.adition.com [ C:\Users\Steffi\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\RFUKCLYS ]

Alt 12.10.2010, 11:06   #14
Stern1710
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Kann ich die 15 Dateien nun einfach aus der Quarantäne löschen?

Alt 12.10.2010, 23:49   #15
Stern1710
 
TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Standard

TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?



Neue Meldung nach Hochfahren:
Trojanisches Pferd TR/Crypt.XPACK.Gen in C:\Users\Steffi\AppData\Local\Temp\EADE1E5.exe gefunden

Antwort

Themen zu TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?
adobe, antivir, antivir guard, asus, avg, avira, bho, bonjour, desktop, excel, explorer, google, hijackthis, internet, internet explorer, microsoft, programdata, programme, proxy, scan, security, security scan, software, syswow64, tr/crypt.xpack.ge, tr/crypt.xpack.gen, trojaner, trojaner tr/crypt.xpack.gen, vdeck.exe, windows, wmp



Ähnliche Themen: TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?


  1. avira findet : tr/crypt.zpack.36522 ,tr/crypt.xpack.gen ,adware/installcore.gen
    Plagegeister aller Art und deren Bekämpfung - 06.01.2014 (4)
  2. TR/Crypt.EPACK.Gen8, TR/Crypt.XPACK.Gen, TR/Vcaredrix.A.3 und einige EXP/CVE-xx, EXP/2010-xx Viren.
    Plagegeister aller Art und deren Bekämpfung - 26.07.2012 (7)
  3. TR/Crypt.XPACK.Gen, TR/Sirefef.BV.2, TR/Crypt.XPACK.Gen3, TR/PSW.Karagany.A.73
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (2)
  4. Trojaner TR/Crypt.XPACK.Gen2 - Was ist das und wie bekomme ich ihn weg?
    Plagegeister aller Art und deren Bekämpfung - 07.02.2012 (34)
  5. W32/Induc.A, TR/Dropper.Gen, TR/Crypt.ZPACK.Gen, TR/Crypt.XPACK.Gen3 gefunden - wie entfernen
    Plagegeister aller Art und deren Bekämpfung - 01.12.2010 (5)
  6. Bin mit TR/Crypt.XPACK.Gen3 infiziert, wie bekomme ich den weg?
    Log-Analyse und Auswertung - 18.10.2010 (5)
  7. TR/Crypt.XPACK.Gen3 - nach formatierung von C: TR/Crypt.XPACK.Gen2 gefunden
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (9)
  8. TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 10.10.2010 (4)
  9. Befall mit TR/Crypt.XPACK.Gen und TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 21.09.2010 (23)
  10. TR/Dropper.gen und TR/Crypt.XPACK.Gen und TR/Crypt.XPACK.Gen2 und TR/Dldr.Agent.cxyf.3
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (32)
  11. tr\crypt.xpack.gen2 und tr\crypt.xpack.gen
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (4)
  12. TR/dldr.swizzor.gen2, TR/crypt.xpack.gen, TR/crypt.zpack.gen unter Windows XP
    Plagegeister aller Art und deren Bekämpfung - 16.06.2010 (15)
  13. Heftiger Trojaner Befall Crypt.XPACK.Gen/Click.YABECTOR.B.1/ Crypt.PEPM.Gen
    Log-Analyse und Auswertung - 28.12.2009 (1)
  14. TR/Vundo.Gen und TR/crypt.xpack.gen , wie bekomme ich beides wieder los?
    Plagegeister aller Art und deren Bekämpfung - 11.08.2008 (1)
  15. TR/Vundo.Gen und TR/crypt.xpack.gen , wie bekomme ich beides wieder los?
    Mülltonne - 11.08.2008 (0)
  16. TR/Crypt.XPACK.Gen - bekomme ihn nicht von meinem System
    Plagegeister aller Art und deren Bekämpfung - 20.03.2008 (22)
  17. Trojanisches Pferd TR/Crypt.XPACK.Gen , bekomme diesen Trojaner nicht gelöscht
    Plagegeister aller Art und deren Bekämpfung - 04.10.2007 (4)

Zum Thema TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? - Hallo, ich habe vor etwa 3 Tagen von Antivir beim Hochfahren meines Laptops angezeigt bekommen, dass sich der Trojaner TR/Crypt.XPACK.Gen eingenistet hat. Habe ihn zuerst in die Quarantäne bei Antivir - TR/Crypt.XPack.Gen - wie bekomme ich ihn weg?...
Archiv
Du betrachtest: TR/Crypt.XPack.Gen - wie bekomme ich ihn weg? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.