Combofix Logfile: Code:
ComboFix 11-04-26.05 - Stoni 27.04.2011 18:42:11.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.2046.1182 [GMT 2:00]
ausgeführt von:: c:\users\Stoni\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\cleansweep.exe
c:\cleansweep.exe\cleansweep.exe
c:\cleansweep.exe\config.bin
C:\Install.exe
c:\users\Stoni\AppData\Roaming\Ilgece\ulwyy.exe
c:\users\Stoni\Pictures\desktop_2.ini
c:\windows\system32\midas.dll
.
Infizierte Kopie von c:\windows\system32\drivers\volsnap.sys wurde gefunden und desinfiziert
Kopie von - Kitty had a snack :p wurde wiederhergestellt
.
((((((((((((((((((((((( Dateien erstellt von 2011-03-27 bis 2011-04-27 ))))))))))))))))))))))))))))))
.
.
2011-04-27 17:00 . 2011-04-27 17:05 -------- d-----w- c:\users\Stoni\AppData\Local\temp
2011-04-27 17:00 . 2011-04-27 17:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-27 15:08 . 2011-04-27 15:08 -------- d-----w- C:\_OTL
2011-04-27 12:20 . 2011-04-27 12:20 -------- d-----w- c:\users\Stoni\AppData\Roaming\Malwarebytes
2011-04-27 12:20 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-27 12:20 . 2011-04-27 12:20 -------- d-----w- c:\programdata\Malwarebytes
2011-04-27 12:20 . 2011-04-27 12:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-27 10:24 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D0F74CC4-DAC1-479E-B1C4-DEFAE6E27066}\mpengine.dll
2011-04-25 12:13 . 2011-04-25 12:13 -------- d-----w- c:\users\Stoni\AppData\Roaming\Avira
2011-04-15 22:54 . 2011-04-15 22:54 -------- d-----w- c:\program files\iPod
2011-04-14 07:46 . 2011-02-18 14:03 305152 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-14 07:46 . 2011-02-18 14:03 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-14 07:46 . 2011-02-18 14:03 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-14 07:46 . 2011-02-16 16:16 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-04-14 07:46 . 2011-02-16 14:02 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-04-14 07:46 . 2011-02-22 13:24 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-14 07:46 . 2011-02-22 13:24 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-14 07:46 . 2011-02-22 13:23 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-14 07:46 . 2011-02-22 13:23 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-05 14:11 . 2011-04-05 14:11 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-04-05 14:11 . 2011-04-05 14:11 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-04-05 14:11 . 2011-04-05 14:11 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-04-05 14:11 . 2011-04-05 14:11 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-04-05 14:11 . 2011-04-05 14:11 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-04-05 14:11 . 2011-04-05 14:11 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-04-05 14:11 . 2011-04-05 14:11 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-04-05 14:11 . 2011-04-05 14:11 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-03-30 09:26 . 2011-03-30 09:29 -------- d-----w- c:\users\Stoni\ElsterFormular
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-16 15:18 . 2010-11-23 14:27 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-02-22 14:13 . 2011-03-23 08:08 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 13:33 . 2011-03-23 08:08 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-02-22 13:33 . 2011-03-23 08:08 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-02-18 15:36 . 2011-02-18 15:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 15:36 . 2011-02-18 15:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-02 20:40 . 2010-04-20 09:56 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 16:11 . 2009-10-03 16:02 222080 ------w- c:\windows\system32\MpSigStub.exe
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2011-04-05 14:11 . 2011-04-05 14:11 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2010-03-09 2355224]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-03-25 2355296]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-03-25 11:31 2355296 ----a-w- c:\program files\DVDVideoSoftTB\tbDVDV.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2010-03-09 09:06 2355224 ----a-w- c:\program files\DVDVideoSoft\tbDVDV.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2010-03-09 2355224]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-03-25 2355296]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2010-03-09 2355224]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-03-25 2355296]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"="c:\program files\Samsung\Kies\" [X]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-04-06 26102056]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-01 4702208]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-09 1025320]
"UpdatePPShortCut"="c:\program files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]
"TVBroadcast"="c:\program files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe" [2007-08-07 797696]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-10-23 220160]
"toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Skytel"="Skytel.exe" [2007-08-03 1826816]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-09 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-09 8433664]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-09 81920]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-24 281768]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-10-09 102400]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
backup=c:\windows\pss\Audible Download Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-19 133104]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
R3 PDNMp50;PDNMp50 NDIS Protocol Driver;c:\windows\system32\drivers\PDNMp50.sys [2006-11-28 28224]
R3 PDNSp50;PDNSp50 NDIS Protocol Driver;c:\windows\system32\drivers\PDNSp50.sys [2006-11-28 27072]
R3 PhilCap;NXP service;c:\windows\system32\DRIVERS\PhilCap.sys [2007-07-31 908896]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
S2 gearsec;gearsec;c:\windows\system32\gearsec.exe [2003-12-02 53248]
S2 GnabService;GnabService;c:\program files\common files\gnab\service\servicecontroller.exe [2007-04-13 36864]
S2 srvcPVR;Sceneo PVR Service;c:\program files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [2007-08-16 1681408]
S3 DCamUSBGene;GenesysLogic USB2.0 PC Camera;c:\windows\system32\DRIVERS\usbgene.sys [2007-06-26 131584]
S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2006-11-17 13976]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2011-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-19 23:56]
.
2011-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-19 23:56]
.
2011-04-26 c:\windows\Tasks\User_Feed_Synchronization-{3BC906B6-DBF1-4D93-BFD3-20BEBE5F3A0C}.job
- c:\windows\system32\msfeedssync.exe [2008-07-05 07:33]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to Mp3 Converter - c:\users\Stoni\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites
TCP: {230E5809-FD3B-4D5B-903D-C6C0EF0E8EB7} = 62.109.123.7 213.191.92.86
FF - ProfilePath - c:\users\Stoni\AppData\Roaming\Mozilla\Firefox\Profiles\ag8h20us.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
HKCU-Run-msnmsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe
HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
HKCU-Run-{8AE076C7-B185-5964-8D3D-ADCC7D0030C5} - c:\users\Stoni\AppData\Roaming\Ilgece\ulwyy.exe
HKCU-Run-4E3E0230AEBB4E96 - c:\recycle.bin\Recycle.Bin.exe
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
MSConfigStartUp-ICQ - c:\program files\ICQ6.5\ICQ.exe
MSConfigStartUp-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe
MSConfigStartUp-RemoteControl - c:\program files\HomeCinema\PowerDVD\PDVDServ.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-04-27 19:02
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2015449509-1598251346-3632004687-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:65,8d,f5,5c,34,aa,84,f9,53,6f,0b,2c,6b,dc,d7,44,3c,21,2a,9f,5e,df,fd,
8f,fe,08,25,2b,c8,0c,9e,8e,e9,ba,9a,56,e6,a0,8f,4e,72,e5,0b,cb,79,62,5e,68,\
"??"=hex:41,e0,42,8c,cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b
.
[HKEY_USERS\S-1-5-21-2015449509-1598251346-3632004687-1003\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:f2,f8,4c,f7,65,94,52,f9,5b,46,8e,ad,e0,36,cd,e8,8d,cb,b4,68,bf,
3c,a3,6d,bb,6b,5d,89,8c,1c,00,6b,d3,6e,c8,7e,2d,d5,15,aa,18,47,27,bf,59,80,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\agrsmsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Medion\MEDIONbox\Program\GCS.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\progra~1\COMMON~1\X10\Common\x10nets.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\windows\ehome\ehsched.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
c:\windows\ehome\ehRecvr.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\sdclt.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-04-27 19:14:00 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-04-27 17:13
.
Vor Suchlauf: 14 Verzeichnis(se), 79.250.001.920 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 78.648.131.584 Bytes frei
.
- - End Of File - - F9993C2AA6513F6D116FE8CA83CBE268
--- --- --- |
