Nun aber
Code:
Alles auswählen Aufklappen ATTFilter
ComboFix 12-03-01.02 - duN 02.03.2012 14:44:08.2.3 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3071.2097 [GMT 1:00]
ausgeführt von:: c:\users\duN\Desktop\ComboFix.exe
AV: G Data AntiVirus 2012 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
SP: G Data AntiVirus 2012 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\WireHelpSvc.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WireHelpSvc
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-02-02 bis 2012-03-02 ))))))))))))))))))))))))))))))
.
.
2012-03-02 13:49 . 2012-03-02 13:52 -------- d-----w- c:\users\duN\AppData\Local\temp
2012-03-01 20:16 . 2012-03-01 20:16 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-02-27 21:08 . 2012-02-27 21:08 -------- d-----w- c:\program files\ESET
2012-02-27 18:46 . 2012-02-27 18:46 -------- d-----w- c:\users\miniduN\AppData\Roaming\OpenOffice.org
2012-02-27 18:44 . 2012-02-27 18:44 -------- d-----w- c:\program files\Common Files\Java
2012-02-27 18:44 . 2012-02-27 18:44 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2012-02-27 18:44 . 2012-02-27 18:44 -------- d-----w- c:\program files\Java
2012-02-27 18:41 . 2012-02-27 18:41 -------- d-----w- c:\program files\OpenOffice
2012-02-25 12:26 . 2012-02-25 12:26 -------- d-----w- c:\programdata\ATI
2012-02-25 12:26 . 2012-02-25 12:26 -------- d-----w- c:\program files\AMD APP
2012-02-25 12:19 . 2012-02-25 12:19 -------- d-----w- C:\AMD
2012-02-23 11:18 . 2012-03-01 14:39 -------- d-----w- c:\users\miniduN\AppData\Roaming\uTorrent
2012-02-16 22:42 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
2012-02-16 22:42 . 2011-12-16 07:52 690688 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 22:42 . 2012-01-04 08:58 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-16 22:42 . 2012-01-14 03:35 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-02-08 17:53 . 2012-02-08 17:53 -------- d-----w- c:\users\miniduN\AppData\Roaming\Miranda
2012-02-06 15:31 . 2012-02-06 15:31 -------- d-----w- c:\users\duN\AppData\Roaming\Miranda
2012-02-06 15:30 . 2012-02-06 15:30 -------- d-----w- c:\program files\Miranda IM
2012-02-02 19:25 . 2012-02-02 19:25 -------- d-----w- c:\users\duN\AppData\Roaming\OpenCandy
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-01 21:29 . 2011-11-07 01:20 30256 ----a-w- c:\windows\system32\drivers\GRD.sys
2012-02-27 18:44 . 2011-11-07 02:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-17 03:40 . 2011-11-07 02:20 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-29 04:10 . 2011-11-07 00:51 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-24 12:50 . 2011-11-19 15:02 836496 ----a-w- c:\windows\system32\drivers\ESLWireACD.sys
2011-12-29 19:19 . 2011-11-07 03:03 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-12-10 14:24 . 2011-11-07 02:32 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-06 03:44 . 2011-12-06 03:44 9067008 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-12-06 03:17 . 2011-12-06 03:17 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-12-06 03:17 . 2011-11-10 03:16 778752 ----a-w- c:\windows\system32\aticfx32.dll
2011-12-06 03:12 . 2011-12-06 03:12 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-12-06 03:12 . 2011-12-06 03:12 404992 ----a-w- c:\windows\system32\atieclxx.exe
2011-12-06 03:11 . 2011-12-06 03:11 163328 ----a-w- c:\windows\system32\atiesrxx.exe
2011-12-06 03:10 . 2011-12-06 03:10 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2011-12-06 03:10 . 2011-12-06 03:10 360448 ----a-w- c:\windows\system32\atipdlxx.dll
2011-12-06 03:10 . 2011-12-06 03:10 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-12-06 03:09 . 2011-12-06 03:09 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-12-06 03:09 . 2011-12-06 03:09 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-12-06 03:06 . 2011-11-10 03:06 6159872 ----a-w- c:\windows\system32\atidxx32.dll
2011-12-06 02:56 . 2011-12-06 02:56 19125760 ----a-w- c:\windows\system32\atioglxx.dll
2011-12-06 02:39 . 2011-12-06 02:39 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-12-06 02:34 . 2011-12-06 02:34 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-12-06 02:34 . 2011-12-06 02:34 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-12-06 02:33 . 2011-11-10 02:33 5919232 ----a-w- c:\windows\system32\atiumdag.dll
2011-12-06 02:29 . 2011-12-06 02:29 11484672 ----a-w- c:\windows\system32\aticaldd.dll
2011-12-06 02:28 . 2011-11-10 02:29 4206592 ----a-w- c:\windows\system32\atiumdva.dll
2011-12-06 02:18 . 2011-11-10 02:18 51200 ----a-w- c:\windows\system32\coinst.dll
2011-12-06 02:12 . 2011-12-06 02:12 356352 ----a-w- c:\windows\system32\atiadlxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 33280 ----a-w- c:\windows\system32\atigktxx.dll
2011-12-06 02:11 . 2011-12-06 02:11 264192 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-12-06 02:11 . 2011-11-10 02:11 33280 ----a-w- c:\windows\system32\atiuxpag.dll
2011-12-06 02:11 . 2011-11-10 02:11 29696 ----a-w- c:\windows\system32\atiu9pag.dll
2011-12-06 02:10 . 2011-12-06 02:10 53760 ----a-w- c:\windows\system32\atimpc32.dll
2011-12-06 02:10 . 2011-12-06 02:10 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2011-12-06 02:10 . 2011-12-06 02:10 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-12-05 21:04 . 2011-12-05 21:04 59904 ----a-w- c:\windows\system32\OpenVideo.dll
2011-12-05 21:03 . 2011-12-05 21:03 54784 ----a-w- c:\windows\system32\OVDecode.dll
2011-12-05 21:03 . 2011-12-05 21:03 14499328 ----a-w- c:\windows\system32\amdocl.dll
2012-01-31 20:25 . 2012-01-07 16:20 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1387288]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-11 450667]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-12-05 343168]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
"G Data AntiVirus Tray Application"="c:\program files\G Data\AntiVirus\AVKTray\AVKTray.exe" [2011-05-11 923144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-09-27 19:03 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ESL Wire]
2012-02-14 13:34 2717696 ----a-w- c:\program files\EslWire\wire.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2012-02-28 16:38 1987976 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 GdNetMon;G Data Network Monitor;c:\windows\system32\drivers\GdNetMon32.sys [2012-03-01 29400]
R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2011-11-07 49016]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2012-03-01 40440]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2012-03-01 79992]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd32.sys [2012-03-01 54648]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2012-03-01 30256]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2012-03-01 41336]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-12-06 163328]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-05 291840]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2011-06-24 39424]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-10-28 1506824]
S2 AVKService;G Data Scheduler;c:\program files\G Data\AntiVirus\AVK\AVKService.exe [2011-04-01 409608]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files\G Data\AntiVirus\AVK\AVKWCtl.exe [2011-10-28 1554184]
S2 ESLWireAC;ESLWireAC;c:\windows\system32\drivers\ESLWireACD.sys [2012-01-24 836496]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-12-06 9067008]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-12-06 264192]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-10-17 85520]
S3 ESLvnic1;ESLvnic Virtual Network 32 Bit;c:\windows\system32\DRIVERS\ESLvnic.sys [2011-08-03 24504]
S3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [2011-10-28 457536]
.
.
.
------- Zusätzlicher Suchlauf -------
.
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\duN\AppData\Roaming\Mozilla\Firefox\Profiles\9orqflen.default\
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-03-02 14:54:30 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-03-02 13:54
.
Vor Suchlauf: 10 Verzeichnis(se), 68.924.407.808 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 68.924.837.888 Bytes frei
.
- - End Of File - - F9CC180AFC8E5527BBA55C050FA9C0E6
02.03.2012, 14:56
Baum-Darstellung