Hijackthis und Malwarebytes log

Champloo · 04.08.2009, 22:54

2. Teil

======List of files/folders created in the last 1 months======

2009-08-04 23:43:30 ----D---- C:\rsit
2009-08-04 23:40:21 ----SD---- C:\ComboFix
2009-08-04 23:40:20 ----A---- C:\Windows\system32\swsc.exe
2009-08-04 23:40:20 ----A---- C:\Windows\system32\CF11863.exe
2009-08-04 21:29:03 ----D---- C:\Windows\temp
2009-08-04 21:29:02 ----A---- C:\ComboFix.txt
2009-08-04 21:28:17 ----SHD---- C:\$RECYCLE.BIN
2009-08-04 19:38:10 ----D---- C:\Program Files\Panda Security
2009-08-03 01:00:20 ----D---- C:\Users\Solced\AppData\Roaming\vlc
2009-08-03 00:59:36 ----D---- C:\Program Files\VideoLAN
2009-08-02 20:39:23 ----D---- C:\Program Files\Robster Productions
2009-08-02 20:30:18 ----D---- C:\mydecal
2009-07-30 01:42:15 ----D---- C:\Users\Solced\AppData\Roaming\JonDo
2009-07-30 01:39:55 ----D---- C:\Program Files\JAP
2009-07-29 11:28:56 ----A---- C:\Windows\system32\mshtml.dll
2009-07-29 11:28:55 ----A---- C:\Windows\system32\occache.dll
2009-07-29 11:28:54 ----A---- C:\Windows\system32\ieframe.dll
2009-07-29 11:28:52 ----A---- C:\Windows\system32\wininet.dll
2009-07-29 11:28:52 ----A---- C:\Windows\system32\urlmon.dll
2009-07-29 11:28:51 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-29 11:28:51 ----A---- C:\Windows\system32\iertutil.dll
2009-07-29 11:28:51 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-29 11:28:50 ----A---- C:\Windows\system32\mstime.dll
2009-07-29 11:28:50 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-29 11:28:50 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-29 11:28:50 ----A---- C:\Windows\system32\ieencode.dll
2009-07-29 11:28:50 ----A---- C:\Windows\system32\ieaksie.dll
2009-07-23 19:03:06 ----A---- C:\Windows\zip.exe
2009-07-23 19:03:06 ----A---- C:\Windows\SWXCACLS.exe
2009-07-23 19:03:06 ----A---- C:\Windows\SWSC.exe
2009-07-23 19:03:06 ----A---- C:\Windows\SWREG.exe
2009-07-23 19:03:06 ----A---- C:\Windows\sed.exe
2009-07-23 19:03:06 ----A---- C:\Windows\PEV.exe
2009-07-23 19:03:06 ----A---- C:\Windows\NIRCMD.exe
2009-07-23 19:03:06 ----A---- C:\Windows\grep.exe
2009-07-23 19:02:01 ----D---- C:\Windows\ERDNT
2009-07-23 19:01:47 ----D---- C:\Qoobox
2009-07-21 22:55:16 ----D---- C:\Program Files\The KMPlayer
2009-07-21 22:43:26 ----A---- C:\Windows\system32\javaws.exe
2009-07-21 22:43:26 ----A---- C:\Windows\system32\javaw.exe
2009-07-21 22:43:26 ----A---- C:\Windows\system32\java.exe
2009-07-21 22:43:26 ----A---- C:\Windows\system32\deploytk.dll
2009-07-21 22:43:14 ----D---- C:\Program Files\Java
2009-07-21 22:39:10 ----D---- C:\Program Files\FoxitReader30_enu
2009-07-21 22:27:06 ----A---- C:\Windows\system32\t2embed.dll
2009-07-21 22:27:06 ----A---- C:\Windows\system32\fontsub.dll
2009-07-21 22:27:06 ----A---- C:\Windows\system32\dciman32.dll
2009-07-21 22:27:06 ----A---- C:\Windows\system32\atmfd.dll
2009-07-21 20:05:42 ----D---- C:\Users\Solced\AppData\Roaming\Malwarebytes
2009-07-21 20:05:35 ----D---- C:\ProgramData\Malwarebytes
2009-07-21 20:05:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-21 16:49:08 ----A---- C:\Windows\wininit.ini
2009-07-21 15:16:34 ----D---- C:\Program Files\Common Files\iS3
2009-07-11 19:01:13 ----A---- C:\Windows\system32\lsasrv.dll
2009-07-11 19:01:13 ----A---- C:\Windows\system32\kernel32.dll
2009-07-11 19:01:12 ----A---- C:\Windows\system32\secur32.dll
2009-07-11 19:01:12 ----A---- C:\Windows\system32\apilogen.dll
2009-07-11 19:01:12 ----A---- C:\Windows\system32\amxread.dll
2009-07-11 19:00:50 ----A---- C:\Windows\system32\localspl.dll
2009-07-11 19:00:44 ----A---- C:\Windows\system32\rpcss.dll
2009-07-11 19:00:43 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-07-11 19:00:43 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-07-11 19:00:42 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-07-11 19:00:41 ----A---- C:\Windows\system32\sdohlp.dll
2009-07-11 19:00:41 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-07-11 19:00:41 ----A---- C:\Windows\system32\iasrecst.dll
2009-07-11 19:00:41 ----A---- C:\Windows\system32\iashost.exe
2009-07-11 19:00:41 ----A---- C:\Windows\system32\iasdatastore.dll
2009-07-11 19:00:41 ----A---- C:\Windows\system32\iasads.dll
2009-07-11 19:00:29 ----A---- C:\Windows\system32\psisdecd.dll
2009-07-11 19:00:29 ----A---- C:\Windows\system32\EncDec.dll
2009-07-11 18:59:51 ----A---- C:\Windows\system32\winhttp.dll
2009-07-11 18:59:47 ----A---- C:\Windows\system32\msdtcprx.dll
2009-07-11 18:59:46 ----A---- C:\Windows\system32\xolehlp.dll
2009-07-11 18:56:58 ----A---- C:\Windows\system32\rpcrt4.dll
2009-07-11 16:16:00 ----D---- C:\ProgramData\TrackMania

======List of files/folders modified in the last 1 months======

2009-08-04 23:41:07 ----D---- C:\Windows\system32\drivers
2009-08-04 23:40:21 ----D---- C:\Windows\System32
2009-08-04 23:40:20 ----D---- C:\Windows\system32\de-DE
2009-08-04 23:40:20 ----A---- C:\Windows\ntbtlog.txt
2009-08-04 23:32:39 ----D---- C:\Windows\registration
2009-08-04 21:29:03 ----D---- C:\Windows
2009-08-04 21:27:01 ----A---- C:\Windows\system.ini
2009-08-04 21:24:38 ----D---- C:\Windows\AppPatch
2009-08-04 21:24:37 ----D---- C:\Program Files\Common Files
2009-08-04 19:38:10 ----RD---- C:\Program Files
2009-08-04 18:10:20 ----D---- C:\Windows\system32\catroot2
2009-08-04 18:06:42 ----D---- C:\Program Files\Mozilla Firefox
2009-08-04 11:29:49 ----D---- C:\Windows\Prefetch
2009-08-04 01:55:51 ----D---- C:\Users\Solced\AppData\Roaming\dvdcss
2009-08-02 20:22:04 ----D---- C:\Windows\system32\Tasks
2009-08-02 14:37:59 ----AD---- C:\ProgramData\TEMP
2009-08-02 13:34:22 ----D---- C:\Program Files\SystemRequirementsLab
2009-07-30 03:01:35 ----D---- C:\Program Files\Internet Explorer
2009-07-30 03:00:47 ----D---- C:\Windows\winsxs
2009-07-29 20:08:28 ----D---- C:\TEMP
2009-07-29 11:26:47 ----D---- C:\Windows\system32\catroot
2009-07-23 21:16:25 ----SD---- C:\Users\Solced\AppData\Roaming\Microsoft
2009-07-23 20:55:40 ----HD---- C:\ProgramData
2009-07-23 19:22:53 ----SHD---- C:\Boot
2009-07-23 19:22:53 ----D---- C:\Windows\system32\config
2009-07-23 19:22:01 ----SHD---- C:\Windows\Installer
2009-07-22 23:20:30 ----A---- C:\Windows\NeroDigital.ini
2009-07-21 23:26:08 ----D---- C:\Windows\Microsoft.NET
2009-07-21 23:22:25 ----D---- C:\Windows\ehome
2009-07-21 23:22:24 ----D---- C:\Program Files\Windows Mail
2009-07-21 23:22:23 ----D---- C:\Windows\system32\wbem
2009-07-21 23:22:22 ----D---- C:\Windows\system32\manifeststore
2009-07-21 23:22:19 ----HD---- C:\Config.Msi
2009-07-21 22:58:49 ----D---- C:\Windows\Debug
2009-07-21 22:53:33 ----SD---- C:\Windows\Downloaded Program Files
2009-07-21 22:53:32 ----D---- C:\Windows\system32\Macromed
2009-07-21 22:32:14 ----D---- C:\ProgramData\Skype
2009-07-21 22:28:45 ----D---- C:\Program Files\Common Files\Adobe
2009-07-21 22:28:44 ----D---- C:\ProgramData\Adobe
2009-07-21 20:50:02 ----D---- C:\Program Files\Mozilla Sunbird
2009-07-20 21:04:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-20 21:04:40 ----D---- C:\Windows\inf
2009-07-11 11:01:18 ----D---- C:\Windows\Minidump
2009-07-07 08:10:58 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-05-23 79424]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2008-05-23 21248]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-01-20 278728]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-01-20 25416]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 avgntflt;avgntflt; \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-23 49472]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-06-12 1787816]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-11-13 7610592]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
R3 StillCam;Treiber für serielle Digitalkamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-18 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-03 199600]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2006-12-03 39056]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
S1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
S3 athr;Atheros Extensible Drahtlos-LAN-Gerätetreiber; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-18 19456]
S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 catchme;catchme; \??\C:\Users\Solced\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-07 101504]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-18 49664]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-18 8192]
S3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver; C:\Windows\System32\Drivers\tascusb2.sys [2007-12-18 360448]
S3 TASCAM_US144_MIDI;TASCAM US-144 WDM MIDI Device; C:\Windows\system32\drivers\tscusb2m.sys [2007-12-18 18944]
S3 TASCAM_US144_WDM;TASCAM US-144 WDM; C:\Windows\system32\drivers\tscusb2a.sys [2007-12-18 33792]
S3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
S3 Tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-02-22 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-02-28 41344]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe [2008-05-23 147201]
R2 AppHostSvc;Anwendungshost-Hilfsdienst; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-08-01 196608]
R2 SecureDZoneService;SecureDZone Helper Service; C:\Program Files\ArchiCrypt\Shredder 4\SecureDZoneService.exe [2008-04-08 531968]
R2 WAS;Windows-Prozessaktivierungsdienst; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe []
S3 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
S3 NetMsmqActivator;Net.Msmq-Listeneradapter; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-01-05 122880]
S3 NetPipeActivator;Net.Pipe-Listeneradapter; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-01-05 122880]
S3 NetTcpActivator;Net.Tcp-Listeneradapter; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-01-05 122880]
S3 NtmsSvc;Wechselmedien; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-03 316664]
S3 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2007-04-27 114688]
S3 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
S3 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
S3 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S4 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
S4 AntiVirScheduler;AntiVir PersonalEdition Classic Planer; C:\Program Files\AntiVir PersonalEdition Classic\sched.exe [2008-05-23 68865]
S4 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-03-13 24576]

-----------------EOF-----------------

Hijackthis und Malwarebytes log

Log-Analyse und Auswertung: Hijackthis und Malwarebytes log

Hijackthis und Malwarebytes log

Ähnliche Themen: Hijackthis und Malwarebytes log