Submit Your Article Forum Rules FAQ About Us
Search the forums:

Tech Support Team

Join Now!Nav Seperator FAQNav Seperator GalleryNav Seperator TutorialsNav Seperator BlogNav Seperator SearchNav Seperator Today's PostsNav Seperator Mark Forums ReadNav Seperator Navigation Right

Hello and Welcome to Tech Support Team! Before you can start posting and answering questions, you'll have to register. Registration is fast, simple and absolutely free! Feel free to browse through existing questions by choosing the forum you want to visit below.


Tech Support Team » Malware Removal & Security » Malware Removal » Removing TR/Crypt.ZPACK.Gen

Notices
Before creating a new thread, we ask that you please read our Removal guide first: Malware Removal Guide - Read Before Posting. We also advise you reading this thread before continuing: P2P programs - please remove before posting for help

NOTE: NEVER follow someone elses fix. Just because the symptoms may appear to be the same, it does NOT mean your system has the same malware infection. ALWAYS start a new thread so that a member of our Security Team can take you through the steps of cleaning your computer.

Reply
Thread Tools
 
  #1 (permalink)   Top
Old 25th December 2009, 03:17 PM
kelseyma1's Avatar
Newcomer
  
Join Date: Dec 2009, 0 posts.
Reputation: kelseyma1 is on a distinguished road
Removing TR/Crypt.ZPACK.Gen
I've done Avira Antivir scans and malware bytes...neither one will remove it, Avira can find it but won't quarantine or delete it. Here is my Avira Antivir log...


Avira AntiVir Personal
Report file date: Friday, December 25, 2009 09:43

Scanning for 1473402 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : LENOVO-0304B52A

Version information:
BUILD.DAT : 9.0.0.418 21723 Bytes 12/2/2009 16:28:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 12/9/2009 03:49:06
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 18:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 19:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 18:58:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 22:44:40
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 22:44:58
VBASE002.VDF : 7.10.1.1 2048 Bytes 11/19/2009 22:44:59
VBASE003.VDF : 7.10.1.2 2048 Bytes 11/19/2009 22:44:59
VBASE004.VDF : 7.10.1.3 2048 Bytes 11/19/2009 22:44:59
VBASE005.VDF : 7.10.1.4 2048 Bytes 11/19/2009 22:44:59
VBASE006.VDF : 7.10.1.5 2048 Bytes 11/19/2009 22:44:59
VBASE007.VDF : 7.10.1.6 2048 Bytes 11/19/2009 22:44:59
VBASE008.VDF : 7.10.1.7 2048 Bytes 11/19/2009 22:44:59
VBASE009.VDF : 7.10.1.8 2048 Bytes 11/19/2009 22:44:59
VBASE010.VDF : 7.10.1.9 2048 Bytes 11/19/2009 22:45:00
VBASE011.VDF : 7.10.1.10 2048 Bytes 11/19/2009 22:45:00
VBASE012.VDF : 7.10.1.11 2048 Bytes 11/19/2009 22:45:00
VBASE013.VDF : 7.10.1.79 209920 Bytes 11/25/2009 02:36:37
VBASE014.VDF : 7.10.1.128 197632 Bytes 11/30/2009 03:42:41
VBASE015.VDF : 7.10.1.178 195584 Bytes 12/7/2009 03:48:46
VBASE016.VDF : 7.10.1.224 183296 Bytes 12/14/2009 03:56:44
VBASE017.VDF : 7.10.1.247 182272 Bytes 12/15/2009 03:56:45
VBASE018.VDF : 7.10.2.30 198144 Bytes 12/21/2009 03:56:52
VBASE019.VDF : 7.10.2.31 2048 Bytes 12/21/2009 03:56:52
VBASE020.VDF : 7.10.2.32 2048 Bytes 12/21/2009 03:56:53
VBASE021.VDF : 7.10.2.33 2048 Bytes 12/21/2009 03:56:53
VBASE022.VDF : 7.10.2.34 2048 Bytes 12/21/2009 03:56:53
VBASE023.VDF : 7.10.2.35 2048 Bytes 12/21/2009 03:56:53
VBASE024.VDF : 7.10.2.36 2048 Bytes 12/21/2009 03:56:54
VBASE025.VDF : 7.10.2.37 2048 Bytes 12/21/2009 03:56:54
VBASE026.VDF : 7.10.2.38 2048 Bytes 12/21/2009 03:56:54
VBASE027.VDF : 7.10.2.39 2048 Bytes 12/21/2009 03:56:54
VBASE028.VDF : 7.10.2.40 2048 Bytes 12/21/2009 03:56:54
VBASE029.VDF : 7.10.2.41 2048 Bytes 12/21/2009 03:56:55
VBASE030.VDF : 7.10.2.42 2048 Bytes 12/21/2009 03:56:55
VBASE031.VDF : 7.10.2.60 187392 Bytes 12/24/2009 04:07:56
Engineversion : 8.2.1.122
AEVDF.DLL : 8.1.1.2 106867 Bytes 10/8/2009 03:48:08
AESCRIPT.DLL : 8.1.3.4 586105 Bytes 12/22/2009 03:57:24
AESCN.DLL : 8.1.3.0 127348 Bytes 12/11/2009 03:48:52
AESBX.DLL : 8.1.1.1 246132 Bytes 11/24/2009 22:45:13
AERDL.DLL : 8.1.3.4 479605 Bytes 12/1/2009 03:42:59
AEPACK.DLL : 8.2.0.3 422261 Bytes 11/5/2009 23:39:23
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 7/23/2009 17:59:39
AEHEUR.DLL : 8.1.0.189 2195833 Bytes 12/22/2009 03:57:20
AEHELP.DLL : 8.1.9.0 237943 Bytes 12/17/2009 03:56:50
AEGEN.DLL : 8.1.1.82 369014 Bytes 12/22/2009 03:57:01
AEEMU.DLL : 8.1.1.0 393587 Bytes 10/8/2009 03:47:25
AECORE.DLL : 8.1.9.1 180598 Bytes 12/11/2009 03:48:51
AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 22:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 16:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 12/9/2009 03:49:06
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 22:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 18:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 23:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 18:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 23:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 16:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 18:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 5/15/2009 23:39:58
RCTEXT.DLL : 9.0.73.0 86785 Bytes 12/9/2009 03:49:06

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Friday, December 25, 2009 09:43

Starting search for hidden objects.
'38682' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'UpdateMonitor.exe' - '1' Module(s) have been scanned
Scan process 'tvtsched.exe' - '1' Module(s) have been scanned
Scan process 'rrservice.exe' - '1' Module(s) have been scanned
Scan process 'rrpservice.exe' - '1' Module(s) have been scanned
Scan process 'tvt_reg_monitor_svc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PMSveH.exe' - '1' Module(s) have been scanned
Scan process 'iviRegMgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'FnF5svc.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'ApntEx.exe' - '1' Module(s) have been scanned
Scan process 'ApMsgFwd.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'aim.exe' - '1' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'Amsg.exe' - '1' Module(s) have been scanned
Scan process 'LPMGR.EXE' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'scheduler_proxy.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process 'SmAudio.exe' - '1' Module(s) have been scanned
Scan process 'TpWAudAp.exe' - '1' Module(s) have been scanned
Scan process 'tpfnf7sp.exe' - '1' Module(s) have been scanned
Scan process 'Apoint.exe' - '1' Module(s) have been scanned
Scan process 'PMHandler.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
51 processes with 51 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '58' files ).


Starting the file scan:

Begin scan in 'C:\' <Preload>
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\WINDOWS\Temp\smnw.tmp\svchost.VIR
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan

Beginning disinfection:
C:\WINDOWS\Temp\smnw.tmp\svchost.VIR
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE] The file was moved to '4b97d7da.qua'!


End of the scan: Friday, December 25, 2009 10:16
Used time: 32:57 Minute(s)

The scan has been done completely.

6425 Scanned directories
259514 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
259511 Files not concerned
8609 Archives were scanned
2 Warnings
3 Notes
38682 Objects were scanned with rootkit scan
0 Hidden objects were found
Reply With Quote
Reply

Only registered members can participate in forum threads. You must register or log in to contribute.


« Previous Thread | Next Thread »
Thread Tools

Forum Jump


All times are GMT. The time now is 09:21 AM.

Contact Us - Tech Support Team - Terms of Service - Top


Member Login
Forgot Password?



Post A Question!
Useful Links
Main Menu
Home
Forum Rules
FAQ
About Us
Welcome Pack
Search the forums
TST Mobile
Contact Us
Send Message

These are the 18 most used thread tags
Tag Cloud
32-bit cat drivers geforce hardware intel gfxui mobile 4 chipset driers modem monitor network no ring response no signal nvidia soft modem software wifi win7 windows 7
Copyright © Tech Support Team, Inc. All rights reserved.
TechSupportTeam.org is an Privacy Policy and Legal Powered by vBulletin® Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 ©2008, Crawlability, Inc.