| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: hotfix.exe und dgfdgsdf.bat - Suchanfragen umgeleitetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
17.12.2010, 10:02
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  hotfix.exe und dgfdgsdf.bat - Suchanfragen umgeleitet Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.12.2010, 12:52
| #2 |
| | hotfix.exe und dgfdgsdf.bat - Suchanfragen umgeleitet So, anbei die CF-Log-Datei.
__________________Code:
ATTFilter ComboFix 10-12-16.04 - xxxxxx 17.12.2010 12:26:55.1.2 - x86
Microsoft Windows 7 Enterprise 6.1.7600.0.1252.49.1031.18.1791.1226 [GMT 1:00]
ausgeführt von:: c:\users\xxxxxx\Desktop\cofi.exe
AV: Kaspersky Internet Security *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((( Dateien erstellt von 2010-11-17 bis 2010-12-17 ))))))))))))))))))))))))))))))
.
2010-12-17 11:31 . 2010-12-17 11:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-17 11:14 . 2010-12-17 11:14 -------- d-----w- c:\program files\CCleaner
2010-12-16 20:34 . 2010-12-16 20:34 -------- d-----w- C:\_OTL
2010-12-15 15:34 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-15 15:34 . 2010-12-15 15:34 -------- d-----w- c:\program files\Anti-Malware
2010-12-15 15:34 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-14 13:55 . 2010-12-14 13:55 -------- d-----w- c:\programdata\Malwarebytes
2010-12-14 12:17 . 2010-12-14 12:22 97859 ----a-w- c:\windows\system32\drivers\klick.dat
2010-12-14 12:17 . 2010-12-14 12:22 114243 ----a-w- c:\windows\system32\drivers\klin.dat
2010-12-14 12:16 . 2010-12-14 12:17 -------- d-----w- c:\program files\Kaspersky Internet Security
2010-12-14 12:16 . 2010-12-17 10:36 -------- d-----w- c:\programdata\Kaspersky Lab
2010-12-14 12:12 . 2010-12-14 12:12 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2010-12-13 14:41 . 2010-12-13 14:52 -------- d-----w- c:\program files\VueScan
2010-12-13 14:03 . 2003-09-17 16:35 339968 ----a-w- c:\windows\system32\N067UFW.DLL
2010-12-13 14:03 . 2002-09-12 00:07 36864 ----a-w- c:\windows\system32\CNQU70.DLL
2010-12-13 13:21 . 2002-05-24 02:04 389180 ----a-w- c:\windows\system32\UCS32P.DLL
2010-12-12 11:36 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{30852E55-5E12-45EF-9CCA-13D855A88D97}\mpengine.dll
2010-12-09 12:01 . 2010-12-09 12:01 -------- d-----w- c:\programdata\Ableton
2010-12-09 12:00 . 2010-10-08 16:57 368640 ----a-w- c:\windows\system32\ReWire.dll
2010-12-09 12:00 . 2010-10-08 16:57 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-12-09 11:58 . 2010-12-09 11:58 -------- d-----w- c:\program files\Ableton
2010-12-09 11:31 . 2010-12-09 11:31 -------- d-----w- c:\windows\it-IT
2010-12-09 11:31 . 2010-12-09 11:31 -------- d-----w- c:\windows\system32\drivers\UMDF\it-IT
2010-12-09 11:31 . 2010-12-09 11:31 -------- d-----w- c:\windows\system32\drivers\it-IT
2010-12-09 11:31 . 2010-12-09 11:31 -------- d-----w- c:\windows\system32\0410
2010-12-09 11:31 . 2010-12-09 11:31 -------- d-----w- c:\windows\system32\wbem\it-IT
2010-12-09 11:31 . 2010-12-09 11:31 -------- d-----w- c:\windows\system32\it
2010-12-09 11:29 . 2009-07-13 17:44 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\it-IT\LXKPTPRC.DLL.mui
2010-12-09 11:27 . 2010-12-09 11:27 -------- d-----w- c:\windows\fr-FR
2010-12-09 11:27 . 2010-12-09 11:27 -------- d-----w- c:\windows\system32\fr
2010-12-09 11:27 . 2010-12-09 11:27 -------- d-----w- c:\windows\system32\drivers\UMDF\fr-FR
2010-12-09 11:27 . 2010-12-09 11:27 -------- d-----w- c:\windows\system32\drivers\fr-FR
2010-12-09 11:27 . 2010-12-09 11:27 -------- d-----w- c:\windows\system32\040C
2010-12-09 11:27 . 2010-12-09 11:27 -------- d-----w- c:\windows\system32\wbem\fr-FR
2010-12-09 11:24 . 2009-07-13 17:38 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\fr-FR\LXKPTPRC.DLL.mui
2010-12-09 11:23 . 2010-12-09 11:23 -------- d-----w- c:\windows\en-US
2010-12-09 11:23 . 2010-12-09 11:23 -------- d-----w- c:\windows\system32\en
2010-12-09 11:23 . 2010-12-09 11:23 -------- d-----w- c:\windows\system32\drivers\UMDF\en-US
2010-12-09 11:23 . 2010-12-09 11:23 -------- d-----w- c:\windows\system32\drivers\en-US
2010-12-09 11:23 . 2010-12-09 11:23 -------- d-----w- c:\windows\system32\0409
2010-12-09 11:23 . 2010-12-09 11:23 -------- d-----w- c:\windows\system32\wbem\en-US
2010-12-09 11:20 . 2009-07-13 17:03 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\en-US\LXKPTPRC.DLL.mui
2010-12-08 12:08 . 2010-12-08 12:47 -------- d-----w- c:\program files\Nvidia
2010-12-08 12:04 . 2010-12-08 12:04 -------- d-----w- c:\program files\SystemRequirementsLab
2010-12-08 10:04 . 2010-12-08 10:04 -------- d-----w- c:\program files\Kerio
2010-12-08 10:03 . 2010-12-08 10:03 -------- d-----w- c:\program files\My Company Name
2010-12-07 16:38 . 2010-12-08 12:48 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-12-07 16:37 . 2010-08-04 06:18 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-12-07 16:37 . 2010-08-04 06:17 417792 ----a-w- c:\windows\system32\msdri.dll
2010-12-07 16:37 . 2010-08-04 06:15 204288 ----a-w- c:\windows\system32\MSNP.ax
2010-12-07 16:37 . 2010-08-04 06:15 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2010-12-07 16:37 . 2010-10-19 08:10 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-12-07 16:37 . 2009-10-24 04:00 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2010-12-07 16:37 . 2009-10-24 03:58 41984 ----a-w- c:\windows\system32\drivers\usbehci.sys
2010-12-07 16:37 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2010-12-07 16:24 . 2010-12-16 13:10 -------- d-----w- c:\program files\TeamViewer
2010-12-07 16:22 . 2010-12-07 16:22 -------- d-----w- c:\program files\CDBurnerXP
2010-12-07 16:20 . 2010-05-12 13:42 57800 ----a-w- c:\windows\system32\drivers\CBDisk.sys
2010-12-07 16:20 . 2010-12-07 16:20 -------- d-----w- c:\program files\Common Files\Mediafour
2010-12-07 16:20 . 2010-12-07 16:20 -------- d-----w- c:\programdata\Mediafour
2010-12-07 16:20 . 2010-12-07 16:20 -------- d-----w- c:\program files\Mediafour
2010-12-07 16:20 . 2010-12-07 16:20 -------- d-----w- c:\programdata\Nike
2010-12-07 16:20 . 2010-12-07 16:20 -------- d-----w- c:\program files\Nike
2010-12-07 15:56 . 2010-12-07 15:56 -------- d-----w- c:\program files\Adobe Media Player
2010-12-07 15:54 . 2010-12-07 15:54 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-12-07 15:46 . 2010-12-07 15:46 -------- d-----w- c:\programdata\ALM
2010-12-07 15:45 . 2010-12-07 15:45 -------- d-----w- c:\program files\VLC
2010-12-07 15:41 . 2010-12-07 15:41 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-12-07 11:05 . 2010-12-07 11:05 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-12-07 11:05 . 2010-12-07 11:05 -------- d-----w- c:\windows\PCHEALTH
2010-12-07 11:05 . 2010-12-07 11:05 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-12-07 11:05 . 2010-12-07 11:05 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-12-07 11:04 . 2010-12-07 11:04 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-12-07 11:03 . 2010-12-07 11:03 -------- d-----w- c:\program files\Microsoft Analysis Services
2010-12-07 11:03 . 2010-12-07 11:08 -------- d-----w- c:\programdata\Microsoft Help
2010-12-07 11:03 . 2010-12-07 11:03 -------- d-----r- C:\MSOCache
2010-12-07 10:45 . 2010-12-07 16:01 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2010-12-07 10:42 . 2010-12-07 15:57 -------- d-----w- c:\program files\Common Files\Adobe
2010-12-07 01:30 . 2010-12-07 01:30 -------- d-----w- c:\program files\3RVX
2010-12-07 01:24 . 2010-12-07 01:24 -------- dc----w- c:\windows\system32\DRVSTORE
2010-12-07 01:24 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-12-07 01:24 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-12-07 01:22 . 2010-12-07 01:22 -------- d-----w- c:\program files\Bonjour
2010-12-07 01:22 . 2010-12-07 17:27 -------- d-----w- c:\programdata\Apple
2010-12-07 01:22 . 2010-12-07 01:23 -------- d-----w- c:\program files\Common Files\Apple
2010-12-07 01:21 . 2010-12-07 01:21 -------- d-----w- c:\program files\VirtualCloneDrive
2010-12-07 01:15 . 2010-12-07 01:15 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-12-07 01:14 . 2010-12-07 01:15 -------- d-----w- c:\programdata\Logishrd
2010-12-07 01:14 . 2010-12-07 01:14 -------- d-----w- c:\program files\Logitech
2010-12-07 01:13 . 2010-12-07 01:15 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-12-07 00:49 . 2010-12-07 00:49 -------- d-----w- c:\windows\system32\Macromed
2010-12-07 00:02 . 2010-12-07 00:02 -------- d-----w- c:\program files\InstallShield Installation Information
2010-12-07 00:01 . 2010-12-07 00:01 -------- d-----w- c:\program files\Common Files\InstallShield
2010-12-07 00:00 . 2010-12-08 12:48 -------- d-----w- c:\program files\NVIDIA Corporation
2010-12-07 00:00 . 2010-12-08 12:48 -------- d-----w- c:\programdata\NVIDIA
2010-12-06 23:59 . 2009-07-14 03:54 151552 ----a-w- c:\windows\system32\nvcod157.dll
2010-12-06 23:59 . 2009-07-14 03:54 795104 ----a-w- c:\windows\system32\dpinst.exe
2010-12-06 23:58 . 2009-04-30 04:46 704512 ----a-r- c:\windows\system32\cohelper.dll
2010-12-06 23:58 . 2009-04-28 21:27 5940 ----a-r- c:\windows\system32\drivers\nvphy.bin
2010-12-06 23:58 . 2010-08-12 09:14 240232 ----a-w- c:\windows\system32\nvconrm.dll
2010-12-06 23:58 . 2009-04-30 04:46 898048 ----a-w- c:\windows\system32\fdco1.dll
2010-12-06 23:58 . 2009-04-28 16:45 457248 ----a-w- c:\windows\system32\nvunrm.exe
2010-12-06 23:44 . 2010-12-06 23:44 -------- d-----w- c:\program files\foobar
2010-12-06 23:13 . 2010-12-06 23:13 -------- d-----w- C:\Boot
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-25 14:13 . 2010-10-25 14:13 66968 ----a-w- c:\windows\system32\MFC71ITA.DLL
2010-10-25 14:13 . 2010-10-25 14:13 66968 ----a-w- c:\windows\system32\MFC71ESP.DLL
2010-10-25 14:13 . 2010-10-25 14:13 54680 ----a-w- c:\windows\system32\MFC71KOR.DLL
2010-10-25 14:13 . 2010-10-25 14:13 94608 ----a-w- c:\windows\system32\atl71.dll
2010-10-25 14:13 . 2010-10-25 14:13 66968 ----a-w- c:\windows\system32\MFC71FRA.DLL
2010-10-25 14:13 . 2010-10-25 14:13 62872 ----a-w- c:\windows\system32\MFC71ENU.DLL
2010-10-25 14:13 . 2010-10-25 14:13 50584 ----a-w- c:\windows\system32\MFC71CHT.DLL
2010-10-25 14:13 . 2010-10-25 14:13 353680 ----a-w- c:\windows\system32\msvcr71.dll
2010-10-25 14:13 . 2010-10-25 14:13 22936 ----a-w- c:\windows\system32\AdobePDFUI.dll
2010-10-25 14:13 . 2010-10-25 14:13 1066384 ----a-w- c:\windows\system32\mfc71.dll
2010-10-25 14:13 . 2010-10-25 14:13 1053072 ----a-w- c:\windows\system32\mfc71u.dll
2010-10-25 14:13 . 2010-10-25 14:13 71064 ----a-w- c:\windows\system32\MFC71DEU.DLL
2010-10-25 14:13 . 2010-10-25 14:13 54680 ----a-w- c:\windows\system32\MFC71JPN.DLL
2010-10-25 14:13 . 2010-10-25 14:13 505232 ----a-w- c:\windows\system32\msvcp71.dll
2010-10-25 14:13 . 2010-10-25 14:13 47512 ----a-w- c:\windows\system32\AdobePDF.dll
2010-10-25 14:13 . 2010-10-25 14:13 46488 ----a-w- c:\windows\system32\MFC71CHS.DLL
2010-10-19 09:41 . 2010-10-12 12:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-07 14:36 . 2010-10-07 14:36 234160 ----a-w- c:\windows\system32\drivers\MDFSYSNT.SYS
2010-10-07 11:23 . 2010-10-07 11:23 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 11:23 . 2010-10-07 11:23 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-10-07 11:23 . 2010-10-07 11:23 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 11:23 . 2010-10-07 11:23 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-10-05 19:27 . 2010-10-05 19:27 228024 ----a-w- c:\windows\system32\klogon.dll
2010-09-28 14:44 . 2010-09-28 14:44 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-09-28 14:44 . 2010-09-28 14:44 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"3RVX"="c:\program files\3RVX\3RVX.exe" [2008-10-13 159232]
"Adobe Acrobat Synchronizer"="c:\program files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2010-10-25 1216416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-12-04 1728512]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]
"VirtualCloneDrive"="c:\program files\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-17 421160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-10-25 932288]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Nike+ Connect"="c:\program files\Nike\Nike+ Connect\Nike+ Connect daemon.exe" [2010-10-01 299008]
"MacDrive 8 application"="c:\program files\Mediafour\MacDrive 8\MacDrive.exe" [2010-10-08 167936]
"Getting started with MacDrive 8"="c:\program files\Mediafour\MacDrive 8\MDGetStarted.exe" [2010-10-08 130560]
"AVP"="c:\program files\Kaspersky Internet Security\avp.exe" [2010-11-02 365336]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Anti-Malware\mbam.exe" [2010-11-29 963976]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S0 MDFSYSNT;MacDrive file system driver; [x]
S0 MDPMGRNT;MacDrive partition driver; [x]
S1 CBDisk;CBDisk;c:\windows\system32\drivers\CBDisk.sys [2010-05-12 57800]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-22 22104]
S2 MacDrive8Service;MacDrive 8 service;c:\program files\Mediafour\MacDrive 8\MacDrive8Service.exe [2010-10-08 131584]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\TeamViewer_Service.exe [2010-11-30 2222376]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-11-25 1108480]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\xxxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\jsza9e5k.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.spiegel.de/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
FF - Ext: Modul zur Link-Untersuchung: linkfilter@kaspersky.ru - c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Foxdie for Firefox: foxdie_ext_ocelot@foxdie.us - %profile%\extensions\foxdie_ext_ocelot@foxdie.us
FF - Ext: Foxdie: Foxdie@tanjihay.com - %profile%\extensions\Foxdie@tanjihay.com
FF - Ext: Password Exporter: {B17C1C5A-04B1-11DB-9804-B622A1EF5492} - %profile%\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
FF - Ext: feedly: feedly@devhd - %profile%\extensions\feedly@devhd
FF - Ext: Echofon: twitternotifier@naan.net - %profile%\extensions\twitternotifier@naan.net
FF - Ext: Linkification: {35106bca-6c78-48c7-ac28-56df30b51d2a} - %profile%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
FF - Ext: Leo Search: {c666c018-6409-4479-afa3-68e4129e7eff} - %profile%\extensions\{c666c018-6409-4479-afa3-68e4129e7eff}
FF - Ext: German Dictionary: de-DE@dictionaries.addons.mozilla.org - %profile%\extensions\de-DE@dictionaries.addons.mozilla.org
FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - c:\program files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
ShellIconOverlayIdentifiers-MacDrive volume icons - (no file)
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
- - - - - - - > 'Explorer.exe'(3980)
c:\program files\Mediafour\MacDrive 8\MDVolumeIcons.dll
c:\program files\Mediafour\MacDrive 8\MACDRAPI.DLL
.
Zeit der Fertigstellung: 2010-12-17 12:33:20
ComboFix-quarantined-files.txt 2010-12-17 11:33
Vor Suchlauf: 7 Verzeichnis(se), 122.980.139.008 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 122.895.785.984 Bytes frei
- - End Of File - - 8129C32EFD855CAF8CC30B9036977D72
|
|
| Themen zu hotfix.exe und dgfdgsdf.bat - Suchanfragen umgeleitet |
| analysis, antivir, audiodg.exe, avp.exe, bho, bonjour, canon, corp./icp, dgfdgsdf.bat, document, error, excel.exe, firefox, firefox.exe, flash player, fontcache, format, frage, gruppe, helper, hotfix.exe, hängen, install.exe, installation, kaspersky, location, maleware, media center, microsoft office word, mozilla, nvlddmkm.sys, nvmf6232.sys, nvstor.sys, oldtimer, otl.exe, programdata, registry, richtlinie, rundll, saver, scan, searchplugins, security, senden, shell32.dll, software, studio, taskhost.exe, tastatur, url-umleitungen, usb, vdeck.exe, virus, visual studio, vlc media player, warnung, webcheck, windows |
Hybrid-Darstellung
