Hi.
Puh.. Irgendwas ist komisch gelaufen... Defogger findet sich nicht mehr und COmbofix ist anstatt sich zu deinstallieren nochmal durchgelaufen.. Sorry. Irgendwas hab ich falsch gemacht. Ich poste mal den Combofix Log.
Boah. Vielleicht mach ich auch ne Windows-Neuinstallation..........:-(
Ich geh jetzt mal nen Steak essen.

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 15-05-13.01 - shaka 20/05/2015  14:42:56.2.2 - x86
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.54.3082.18.3495.2358 [GMT -3:00]
Running from: c:\users\shaka\Desktop\ComboFix.exe
Command switches used :: / Uninstall
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\pt
c:\windows\system32\pt\AuthFWSnapIn.Resources.dll
c:\windows\system32\pt\AuthFWWizFwk.Resources.dll
c:\windows\system32\pt\Narrator.resources.dll
.
.
(((((((((((((((((((((((((   Files Created from 2015-04-20 to 2015-05-20  )))))))))))))))))))))))))))))))
.
.
2015-05-20 17:50 . 2015-05-20 17:50	--------	d-----w-	c:\users\shaka\AppData\Local\temp
2015-05-20 17:50 . 2015-05-20 17:50	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-05-20 16:33 . 2015-05-20 16:33	--------	d-s---w-	c:\windows\system32\CompatTel
2015-05-20 16:33 . 2015-05-20 16:33	--------	d-----w-	c:\windows\system32\appraiser
2015-05-20 16:31 . 2012-08-23 14:44	14848	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2015-05-20 16:31 . 2012-08-23 13:52	12800	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2015-05-20 16:31 . 2012-08-23 14:48	221184	----a-w-	c:\windows\system32\rdpudd.dll
2015-05-20 16:31 . 2012-08-23 11:12	192000	----a-w-	c:\windows\system32\rdpendp_winip.dll
2015-05-20 16:31 . 2012-08-23 10:08	2739712	----a-w-	c:\windows\system32\rdpcorets.dll
2015-05-20 16:27 . 2013-10-01 23:45	32256	----a-w-	c:\windows\system32\TsUsbGDCoInstaller.dll
2015-05-20 16:27 . 2013-10-02 00:42	49152	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2015-05-20 16:27 . 2013-10-02 00:32	12800	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-05-20 16:27 . 2013-10-02 00:30	14336	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-05-20 16:27 . 2013-10-02 00:14	50176	----a-w-	c:\windows\system32\MsRdpWebAccess.dll
2015-05-20 16:27 . 2013-10-02 00:14	17920	----a-w-	c:\windows\system32\wksprtPS.dll
2015-05-20 16:27 . 2013-10-01 23:58	53248	----a-w-	c:\windows\system32\tsgqec.dll
2015-05-20 16:27 . 2013-10-01 23:08	855552	----a-w-	c:\windows\system32\rdvidcrl.dll
2015-05-20 16:27 . 2013-10-01 23:00	76288	----a-w-	c:\windows\system32\TSWbPrxy.exe
2015-05-20 16:27 . 2013-10-01 22:53	350208	----a-w-	c:\windows\system32\wksprt.exe
2015-05-20 16:27 . 2013-10-01 22:34	1068544	----a-w-	c:\windows\system32\mstsc.exe
2015-05-20 16:27 . 2013-10-01 20:55	5698048	----a-w-	c:\windows\system32\mstscax.dll
2015-05-20 16:18 . 2015-04-11 03:07	54656	----a-w-	c:\windows\system32\drivers\stream.sys
2015-05-20 16:18 . 2012-02-11 05:37	317440	----a-w-	c:\windows\system32\spoolsv.exe
2015-05-20 16:16 . 2014-11-08 02:45	2048	----a-w-	c:\windows\system32\tzres.dll
2015-05-20 16:16 . 2013-05-10 03:20	24576	----a-w-	c:\windows\system32\cryptdlg.dll
2015-05-20 16:16 . 2014-02-04 02:07	149440	----a-w-	c:\windows\system32\drivers\storport.sys
2015-05-20 16:16 . 2014-02-04 02:07	234432	----a-w-	c:\windows\system32\drivers\msiscsi.sys
2015-05-20 16:16 . 2014-02-04 02:07	27072	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2015-05-20 16:16 . 2014-02-04 02:00	2048	----a-w-	c:\windows\system32\iologmsg.dll
2015-05-20 16:16 . 2012-10-03 16:42	18944	----a-w-	c:\windows\system32\netevent.dll
2015-05-20 16:16 . 2012-10-03 16:42	175104	----a-w-	c:\windows\system32\netcorehc.dll
2015-05-20 16:16 . 2012-10-03 16:40	499712	----a-w-	c:\windows\system32\iphlpsvc.dll
2015-05-20 16:16 . 2012-10-03 15:21	35328	----a-w-	c:\windows\system32\drivers\tcpipreg.sys
2015-05-20 16:16 . 2011-02-25 05:30	2616320	----a-w-	c:\windows\explorer.exe
2015-05-19 17:02 . 2015-05-19 17:02	144	----a-w-	c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-05-19 16:54 . 2015-05-19 16:54	--------	d-sh--w-	c:\users\shaka\IntelGraphicsProfiles
2015-05-19 16:54 . 2015-05-19 16:54	451	----a-w-	c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-05-19 16:43 . 2015-05-19 16:43	--------	d-----w-	c:\windows\it-IT
2015-05-19 16:43 . 2015-05-20 16:33	--------	d-----w-	c:\windows\system32\drivers\it-IT
2015-05-19 16:43 . 2015-05-19 16:43	--------	d-----w-	c:\windows\system32\drivers\UMDF\it-IT
2015-05-19 16:43 . 2015-05-19 16:43	--------	d-----w-	c:\windows\system32\0410
2015-05-19 16:43 . 2015-05-20 16:33	--------	d-----w-	c:\windows\system32\wbem\it-IT
2015-05-19 16:43 . 2015-05-19 16:43	--------	d-----w-	c:\windows\system32\it
2015-05-19 16:42 . 2015-05-19 16:42	--------	d-----w-	c:\windows\fr-FR
2015-05-19 16:42 . 2015-05-19 16:42	--------	d-----w-	c:\windows\system32\040C
2015-05-19 16:42 . 2015-05-20 16:33	--------	d-----w-	c:\windows\system32\drivers\fr-FR
2015-05-19 16:42 . 2015-05-19 16:42	--------	d-----w-	c:\windows\system32\fr
2015-05-19 16:42 . 2015-05-19 16:42	--------	d-----w-	c:\windows\system32\drivers\UMDF\fr-FR
2015-05-19 16:41 . 2015-05-20 16:33	--------	d-----w-	c:\windows\system32\wbem\fr-FR
2015-05-19 16:41 . 2015-05-19 16:41	--------	d-----w-	c:\windows\pt-PT
2015-05-19 16:41 . 2015-05-20 16:32	--------	d-----w-	c:\windows\system32\drivers\pt-PT
2015-05-19 16:41 . 2015-05-19 16:41	--------	d-----w-	c:\windows\system32\drivers\UMDF\pt-PT
2015-05-19 16:40 . 2015-05-19 16:40	--------	d-----w-	c:\windows\system32\wbem\pt-PT
2015-05-19 16:40 . 2015-05-19 16:40	--------	d-----w-	c:\windows\pt-BR
2015-05-19 16:40 . 2015-05-20 16:33	--------	d-----w-	c:\windows\system32\drivers\pt-BR
2015-05-19 16:40 . 2015-05-19 16:40	--------	d-----w-	c:\windows\system32\drivers\UMDF\pt-BR
2015-05-19 16:40 . 2015-05-19 16:40	--------	d-----w-	c:\windows\system32\wbem\pt-BR
2015-05-19 16:39 . 2015-05-19 16:39	--------	d-----w-	c:\windows\en-US
2015-05-19 16:39 . 2015-05-19 16:39	--------	d-----w-	c:\windows\system32\en
2015-05-19 16:39 . 2015-05-19 16:39	--------	d-----w-	c:\windows\system32\0409
2015-05-19 16:39 . 2015-05-20 16:33	--------	d-----w-	c:\windows\system32\drivers\en-US
2015-05-19 16:39 . 2015-05-19 16:39	--------	d-----w-	c:\windows\system32\drivers\UMDF\en-US
2015-05-19 16:38 . 2015-05-19 16:38	--------	d-----w-	c:\windows\de-DE
2015-05-19 16:38 . 2015-05-19 16:38	--------	d-----w-	c:\windows\system32\0407
2015-05-19 16:38 . 2015-05-20 16:33	--------	d-----w-	c:\windows\system32\drivers\de-DE
2015-05-19 16:38 . 2015-05-19 16:38	--------	d-----w-	c:\windows\system32\drivers\UMDF\de-DE
2015-05-19 16:37 . 2015-05-19 16:37	--------	d-----w-	c:\windows\system32\de
2015-05-19 16:37 . 2015-05-20 16:33	--------	d-----w-	c:\windows\system32\wbem\de-DE
2015-05-19 16:07 . 2009-07-13 21:44	3584	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\it-IT\LXKPTPRC.DLL.mui
2015-05-19 15:54 . 2014-06-27 01:45	2285056	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2015-05-19 15:36 . 2009-07-13 21:38	3584	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\fr-FR\LXKPTPRC.DLL.mui
2015-05-19 15:28 . 2009-07-13 21:38	4096	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\pt-PT\LXKPTPRC.DLL.mui
2015-05-19 15:23 . 2012-07-26 02:33	66560	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2015-05-19 15:23 . 2012-07-26 02:32	155136	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2015-05-19 15:23 . 2012-07-26 03:21	196608	----a-w-	c:\windows\system32\WUDFHost.exe
2015-05-19 15:23 . 2012-07-26 03:20	73216	----a-w-	c:\windows\system32\WUDFSvc.dll
2015-05-19 15:23 . 2012-07-26 03:20	613888	----a-w-	c:\windows\system32\WUDFx.dll
2015-05-19 15:23 . 2012-07-26 03:20	38912	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2015-05-19 15:23 . 2012-07-26 03:20	172032	----a-w-	c:\windows\system32\WUDFPlatform.dll
2015-05-19 15:13 . 2009-07-13 21:48	3584	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\pt-BR\LXKPTPRC.DLL.mui
2015-05-19 15:09 . 2009-07-13 21:03	3584	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\en-US\LXKPTPRC.DLL.mui
2015-05-19 15:04 . 2009-07-13 21:45	3584	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\de-DE\LXKPTPRC.DLL.mui
2015-05-19 15:02 . 2015-05-19 15:02	--------	d-----w-	c:\windows\Migration
2015-05-19 14:01 . 2015-05-18 07:57	9265072	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{8ED33EB1-BF1B-40BC-8E31-1552EBD97264}\mpengine.dll
2015-05-19 14:01 . 2015-02-24 07:23	246920	------w-	c:\windows\system32\MpSigStub.exe
2015-05-19 13:54 . 2015-05-19 13:54	--------	d-----w-	c:\program files\ESET
2015-05-19 13:23 . 2015-03-23 03:06	576000	----a-w-	c:\windows\system32\generaltel.dll
2015-05-19 13:23 . 2015-03-23 03:06	630784	----a-w-	c:\windows\system32\invagent.dll
2015-05-19 13:23 . 2015-03-23 03:06	26112	----a-w-	c:\windows\system32\acmigration.dll
2015-05-19 13:23 . 2015-03-23 03:06	159744	----a-w-	c:\windows\system32\aepic.dll
2015-05-19 13:23 . 2015-03-23 02:59	896000	----a-w-	c:\windows\system32\aeinv.dll
2015-05-19 13:23 . 2015-01-27 23:36	1167520	----a-w-	c:\windows\system32\aitstatic.exe
2015-05-19 13:23 . 2015-03-23 03:06	202752	----a-w-	c:\windows\system32\aepdu.dll
2015-05-19 13:15 . 2013-10-04 01:58	152576	----a-w-	c:\windows\system32\SmartcardCredentialProvider.dll
2015-05-19 13:15 . 2013-10-04 01:56	168960	----a-w-	c:\windows\system32\credui.dll
2015-05-19 13:14 . 2011-02-18 05:39	31232	----a-w-	c:\windows\system32\prevhost.exe
2015-05-19 13:14 . 2015-03-04 04:11	5120	----a-w-	c:\windows\system32\shimeng.dll
2015-05-19 13:14 . 2015-03-04 04:10	295936	----a-w-	c:\windows\system32\apphelp.dll
2015-05-19 13:14 . 2015-03-04 04:10	62464	----a-w-	c:\windows\system32\aelupsvc.dll
2015-05-19 13:14 . 2015-03-04 04:10	20992	----a-w-	c:\windows\system32\sdbinst.exe
2015-05-19 13:14 . 2015-01-09 02:48	27136	----a-w-	c:\windows\system32\powertracker.dll
2015-05-19 13:14 . 2015-01-09 02:48	76800	----a-w-	c:\windows\system32\wdi.dll
2015-05-19 13:14 . 2015-01-09 02:48	635904	----a-w-	c:\windows\system32\perftrack.dll
2015-05-19 13:14 . 2014-11-11 01:32	74752	----a-w-	c:\windows\system32\drivers\tdx.sys
2015-05-19 13:14 . 2012-08-22 17:16	712048	----a-w-	c:\windows\system32\drivers\ndis.sys
2015-05-19 13:14 . 2012-07-04 19:45	33280	----a-w-	c:\windows\system32\drivers\RNDISMP.sys
2015-05-19 13:14 . 2011-12-30 05:27	478720	----a-w-	c:\windows\system32\timedate.cpl
2015-05-19 13:13 . 2015-01-29 03:02	844288	----a-w-	c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2015-05-19 13:13 . 2015-01-29 03:02	2311168	----a-w-	c:\windows\system32\wpdshext.dll
2015-05-19 13:13 . 2013-10-30 02:19	301568	----a-w-	c:\windows\system32\msieftp.dll
2015-05-19 13:13 . 2013-01-24 04:47	196328	----a-w-	c:\windows\system32\drivers\fvevol.sys
2015-05-19 13:12 . 2011-05-04 04:34	1549312	----a-w-	c:\windows\system32\tquery.dll
2015-05-19 13:12 . 2011-05-04 04:32	666624	----a-w-	c:\windows\system32\mssvp.dll
2015-05-19 13:12 . 2011-05-04 04:32	337408	----a-w-	c:\windows\system32\mssph.dll
2015-05-19 13:12 . 2011-05-04 04:32	197120	----a-w-	c:\windows\system32\mssphtb.dll
2015-05-19 13:12 . 2011-05-04 04:32	1401344	----a-w-	c:\windows\system32\mssrch.dll
2015-05-19 13:12 . 2011-05-04 04:32	59392	----a-w-	c:\windows\system32\msscntrs.dll
2015-05-19 13:12 . 2011-05-04 04:28	86528	----a-w-	c:\windows\system32\SearchFilterHost.exe
2015-05-19 13:12 . 2011-05-04 04:28	427520	----a-w-	c:\windows\system32\SearchIndexer.exe
2015-05-19 13:12 . 2011-05-04 04:28	164352	----a-w-	c:\windows\system32\SearchProtocolHost.exe
2015-05-19 13:11 . 2014-10-14 01:50	2363904	----a-w-	c:\windows\system32\msi.dll
2015-05-19 13:11 . 2014-10-30 01:45	155136	----a-w-	c:\windows\system32\charmap.exe
2015-05-19 13:10 . 2014-01-28 02:07	185344	----a-w-	c:\windows\system32\wwansvc.dll
2015-05-19 13:10 . 2013-03-19 03:33	40960	----a-w-	c:\windows\system32\wwanprotdim.dll
2015-05-19 13:10 . 2012-10-09 17:40	44032	----a-w-	c:\windows\system32\dhcpcsvc6.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 16:05 . 2015-04-15 16:05	206816	----a-w-	c:\windows\system32\drivers\avgldx86.sys
2015-04-09 17:12 . 2015-04-09 17:12	226784	----a-w-	c:\windows\system32\drivers\avgidsdriverx.sys
2015-04-07 15:45 . 2015-04-07 15:45	213984	----a-w-	c:\windows\system32\drivers\avgtdix.sys
2015-04-03 12:37 . 2015-04-03 12:37	110048	----a-w-	c:\windows\system32\drivers\avgmfx86.sys
2015-03-20 15:18 . 2015-03-20 15:18	35808	----a-w-	c:\windows\system32\drivers\avgrkx86.sys
2015-03-11 15:13 . 2015-03-11 15:13	269792	----a-w-	c:\windows\system32\drivers\avglogx.sys
2015-03-11 15:13 . 2015-03-11 15:13	166880	----a-w-	c:\windows\system32\drivers\avgidshx.sys
2015-03-11 15:13 . 2015-03-11 15:13	132576	----a-w-	c:\windows\system32\drivers\avgdiskx.sys
2015-03-11 15:08 . 2015-03-11 15:08	29664	----a-w-	c:\windows\system32\drivers\avgidsshimx.sys
2015-03-04 04:10 . 2015-05-19 13:14	470528	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-19 13:14	2178560	----a-w-	c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-19 13:14	2560	----a-w-	c:\windows\apppatch\AcRes.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files\AVG\AVG2015\avgui.exe" [2015-04-15 3745232]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-04-15 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^Users^shaka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_DECRYPT.HTML]
path=c:\users\shaka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML
backup=c:\windows\pss\HELP_DECRYPT.HTML.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^shaka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_DECRYPT.PNG]
path=c:\users\shaka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG
backup=c:\windows\pss\HELP_DECRYPT.PNG.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^shaka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_DECRYPT.TXT]
path=c:\users\shaka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT
backup=c:\windows\pss\HELP_DECRYPT.TXT.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^shaka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_DECRYPT.URL]
path=c:\users\shaka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL
backup=c:\windows\pss\HELP_DECRYPT.URL.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 17:54	91520	----a-w-	c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-10-28 15:18	49208	----a-w-	c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-08-20 13:54	150016	----a-w-	c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
2011-11-29 23:04	284440	----a-w-	c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
2011-12-05 10:12	11487848	------w-	c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2015-04-17 17:49	31282304	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files\Avira\Antivirus\avmailc7.exe [x]
R2 AntiVirSchedulerService;Avira Programador;c:\program files\Avira\Antivirus\sched.exe [x]
R2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\Antivirus\avwebg7.exe [x]
R2 MBAMService;MBAMService;c:\program files\ Malwarebytes Anti-Malware \mbamservice.exe [2015-04-14 1080120]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-04-21 102912]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-04-14 51928]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R4 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R4 KMService;KMService;c:\windows\system32\srvany.exe [2013-04-13 8192]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-02-18 315488]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2015-03-11 166880]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2015-03-11 269792]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2015-03-20 35808]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2015-03-11 132576]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2015-04-09 226784]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2015-03-11 29664]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2015-04-15 206816]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2015-04-07 213984]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2015-03-27 37352]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [2015-04-15 3438032]
S2 avgwd;WatchDog de AVG;c:\program files\AVG\AVG2015\avgwdsvc.exe [2015-04-15 311792]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys [2015-03-27 37896]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe [2014-10-01 281488]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 458464]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-15 162648]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-15 362840]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-04-14 23256]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [2011-11-09 46080]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08
utcsvc	REG_MULTI_SZ   	DiagTrack
.
Contents of the 'Scheduled Tasks' folder
.
2015-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-27 17:13]
.
2015-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-27 17:13]
.
.
------- Supplementary Scan -------
.
IE: &Enviar a OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 200.49.130.47 200.42.4.210
FF - ProfilePath - c:\users\shaka\AppData\Roaming\Mozilla\Firefox\Profiles\3UZSzQhi.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.ar/
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-05-20  14:52:11
ComboFix-quarantined-files.txt  2015-05-20 17:52
ComboFix2.txt  2015-05-14 21:17
.
Pre-Run: 452.136.370.176 bytes libres
Post-Run: 452.205.355.008 bytes libres
.
- - End Of File - - 094F3437707AE90BCE6187B2E0207E95
A36C5E4F47E84449FF07ED3517B43A31
         

Als ich IPConfig aus Dos gestartet hab gings. Habe ein Teredo Tunneling Pseudo Interface als zusaetzlichen Adapter dabei. Anscheinend ist das aber ok.

Ja das passt.

Windows Taste + R, schreibe:

"%userprofile%\desktop\Combofix.exe" /Uninstall

yeaahh.
Allet wech so wie's aussieht. Gerade nochmal MWB und Eset durchlaufen lassen.
Clean Maschine. Gracias!!
C

Gern Geschehen

Moin Schrauber.
Habe ein Problem mit der Dropbox, bzw mit den Dateien darin. Jetzt kann ich naemlich keine datei mehr oeffnen, obwohl das vor ein paar Tagen noch ging (mittlerweile sind alle verschluesselt!!!). Habe gerade nen Blog gelesen, wo das selbe Problem besteht. Alle dateien und auch die Fotos sind jetzt verschluesselt, nachdem ich kurz in Dropbox war (aber nur online). Gibts schon etwas zum entschluesseln???
Gruss
C

Kommt drauf an mit was die verschlüsselt sind. Welche Dateiendung haben die Files?

Hi.
Die Endungen sind die gleichen wie vorher. Sind nicht veraendert worden, aber beim Oeffnen mit Exel/Word oder Bildprogramm sind die Dateinen Verschluesselt. Bisher nur die Dateien aus dem Dropboxordner.

Dann kannst Du nur die Standard-Tools zum Entschlüsseln benutzen, findest Du hier am Forum.