Sie sind hier: Home | Forum | Software | Sicherheit (Viren, Trojaner, Spyware, usw.) | Recycler\S-3-4...

Recycler\S-3-4...


Alt 28.04.2009, 18:09   # 1
Crazy-Devil
Gastposter
 
Hi, ich habe das gleiche Problem wie viele andere hier und habe auch Combofix durchlaufen lassen. Ich würde mich freuen wenn sich jemand von euch mal den Log anschauen und mir die weitere vorgehensweise beschreiben könnte.
Vielen dank schonmal im vorraus.

LOG:

ComboFix 09-04-27.04 - CrazyDevil 28.04.2009 17:02.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2047.1655 [GMT 2:00]
ausgeführt von:: d:\eigene dateien\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated)
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\beep.sys
.
---- Vorheriger Suchlauf -------
.
C:\Autorun.inf
c:\dokume~1\CRAZYD~1\LOKALE~1\Temp\tmp1.tmp
c:\dokume~1\CRAZYD~1\LOKALE~1\Temp\tmp2.tmp
c:\windows\system32\2499343.dll
c:\windows\system32\drivers\beep.sys
c:\windows\system32\drivers\gxvxcnkdktfoakyabuhtpj ynalxdoythmemkd.sys
c:\windows\system32\drivers\gxvxcovrbnmttavnxtuwfh xdulkvxgvdiemen.sys
c:\windows\system32\drivers\gxvxcvmprnmwrtetnmhxxt kbejxtlwxwbwucb.sys
c:\windows\system32\gxvxccounter
c:\windows\system32\gxvxchsibqtsbeixikaewcxiwesvbn sflnwpw.dll
c:\windows\system32\kr_done1
D:\Autorun.inf
d:\recycler\S-5-6-49-100001270-100000570-100024255-7212.com
d:\recycler\S-9-1-26-100010049-100004654-100001938-8022.com
J:\Autorun.inf
J:\install.exe
j:\recycler\S-5-6-49-100001270-100000570-100024255-7212.com
j:\recycler\S-9-1-26-100010049-100004654-100001938-8022.com
J:\resycled

.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_GXVXCSERV.SYS


((((((((((((((((((((((( Dateien erstellt von 2009-05-28 bis 2009-4-28 ))))))))))))))))))))))))))))))
.

2009-12-27 19:14 . 2009-12-27 19:14 10251 ----a-w c:\windows\58128zroj5bd9.bin
2009-12-27 16:57 . 2009-12-27 16:57 13173 ----a-w c:\windows\system32\4d79zdd5are201.bin
2009-12-24 19:22 . 2009-12-24 19:22 3003 ----a-w c:\windows\5z72sp9rse32315.exe
2009-12-22 01:37 . 2009-12-22 01:37 9017 ----a-w c:\windows\system32\5fbzba5k9oor1610.bin
2009-12-21 22:41 . 2009-12-21 22:41 17380 ----a-w c:\windows\system32\1d8zsteal9513.exe
2009-12-21 13:03 . 2009-12-21 13:03 7783 ----a-w c:\windows\system32\11738sp5mb9t2z.dll
2009-12-21 07:47 . 2009-12-21 07:47 11855 ----a-w c:\windows\530z9spy9bf.exe
2009-12-18 19:45 . 2009-12-18 19:45 8828 ----a-w c:\windows\system32\18292sp5712z.dll
2009-12-17 18:28 . 2009-12-17 18:28 17032 ----a-w c:\windows\system32\31250v9zus6d2.exe
2009-12-13 04:24 . 2009-12-13 04:24 11383 ----a-w c:\windows\system32\5997addwaze25795.exe
2009-12-09 14:40 . 2009-12-09 14:40 9224 ----a-w c:\windows\system32\15256hzck5oo93dd.dll
2009-12-08 15:34 . 2009-12-08 15:34 6520 ----a-w c:\windows\48695parse760z.exe
2009-12-07 04:26 . 2009-12-07 04:26 9298 ----a-w c:\windows\27660viruz3659.bin
2009-12-07 03:27 . 2009-12-07 03:27 5466 ----a-w c:\windows\system32\7549h9ckz5ol71b.dll
2009-12-06 01:33 . 2009-12-06 01:33 16631 ----a-w c:\windows\3faste9l4z05.bin
2009-12-04 21:03 . 2009-12-04 21:03 4154 ----a-w c:\windows\12582hacz5o9l781.exe
2009-12-04 14:37 . 2009-12-04 14:37 11185 ----a-w c:\windows\69e9downloadez2558.bin
2009-12-04 12:31 . 2009-12-04 12:31 12500 ----a-w c:\windows\1d30zpyw9r51918.exe
2009-12-04 07:54 . 2009-12-04 07:54 14457 ----a-w c:\windows\system32\3403no9-a-5irus35bz.exe
2009-12-01 21:38 . 2009-12-01 21:38 14487 ----a-w c:\windows\system32\61s5y4z89.exe
2009-12-01 15:02 . 2009-12-01 15:02 6283 ----a-w c:\windows\system32\18576s9azbot170.bin
2009-12-01 05:03 . 2009-12-01 05:03 12010 ----a-w c:\windows\34f8t5iez392.bin
2009-11-28 10:17 . 2009-11-28 10:17 2733 ----a-w c:\windows\197dba5kzoor1928.dll
2009-11-26 14:10 . 2009-11-26 14:10 17916 ----a-w c:\windows\system32\2d5fdo5nload9rz225.exe
2009-11-26 02:34 . 2009-11-26 02:34 17340 ----a-w c:\windows\system32\7966spaz5ot627.bin
2009-11-24 19:43 . 2009-11-24 19:43 5849 ----a-w c:\windows\2f05adz9are1647.dll
2009-11-23 17:29 . 2009-11-23 17:29 14972 ----a-w c:\windows\system32\5914szyware1895.exe
2009-11-23 13:42 . 2009-11-23 13:42 10036 ----a-w c:\windows\system32\b55zdd9are5949.bin
2009-11-22 22:41 . 2009-11-22 22:41 2781 ----a-w c:\windows\system32\z045thr9at35095.dll
2009-11-22 03:48 . 2009-11-22 03:48 8637 ----a-w c:\windows\system32\584doznlo9der35.bin
2009-11-14 14:15 . 2009-11-14 14:15 13520 ----a-w c:\windows\system32\54621ha9ktzol726.dll
2009-11-13 02:37 . 2009-11-13 02:37 18239 ----a-w c:\windows\system32\414z9hief3153.exe
2009-11-12 11:52 . 2009-11-12 11:52 11395 ----a-w c:\windows\7599hacktoolz93.exe
2009-11-11 06:22 . 2009-11-11 06:22 12263 ----a-w c:\windows\system32\3c56sparse93z0.bin
2009-11-06 14:59 . 2009-11-06 14:59 5683 ----a-w c:\windows\system32\53254hackto9l7bfz.dll
2009-11-06 13:42 . 2009-11-06 13:42 6245 ----a-w c:\windows\53817hazktool259.bin
2009-11-06 08:09 . 2009-11-06 08:09 9284 ----a-w c:\windows\system32\155985ot-azvirus5c1.bin
2009-11-04 14:02 . 2009-11-04 14:02 3420 ----a-w c:\windows\29c7s9ywzr526.exe
2009-10-27 04:08 . 2009-10-27 04:08 11813 ----a-w c:\windows\1e14back9ozr1935.exe
2009-10-26 23:41 . 2009-10-26 23:41 12750 ----a-w c:\windows\system32\2a645hreatz57759.bin
2009-10-26 15:28 . 2009-10-26 15:28 9009 ----a-w c:\windows\99fth5ef2z08.exe
2009-10-26 02:50 . 2009-10-26 02:50 2765 ----a-w c:\windows\system32\6c8cz9yware1125.bin
2009-10-24 22:56 . 2009-10-24 22:56 3122 ----a-w c:\windows\7408not-a-viru97z5.dll
2009-10-23 16:32 . 2009-10-23 16:32 13516 ----a-w c:\windows\system32\z8491s5y59c.exe
2009-10-22 17:41 . 2009-10-22 17:41 9153 ----a-w c:\windows\6d45zhreat20395.exe
2009-10-21 17:03 . 2009-10-21 17:03 14841 ----a-w c:\windows\system32\279a5ir930z.bin
2009-10-20 05:42 . 2009-10-20 05:42 13997 ----a-w c:\windows\system32\15911t9ojz2a.exe
2009-10-17 17:20 . 2009-10-17 17:20 18234 ----a-w c:\windows\560aback5ozr28629.dll
2009-10-16 21:56 . 2009-10-16 21:56 5616 ----a-w c:\windows\17081worz975.exe
2009-10-15 22:37 . 2009-10-15 22:37 3269 ----a-w c:\windows\system32\193999acztool59a5.exe
2009-10-11 13:45 . 2009-10-11 13:45 3334 ----a-w c:\windows\5aczs5eal9175.exe
2009-10-11 09:01 . 2009-10-11 09:01 15422 ----a-w c:\windows\9z73wo5m195.bin
2009-10-11 03:54 . 2009-10-11 03:54 18174 ----a-w c:\windows\6z675ot-a-virus7e9.bin
2009-10-08 01:29 . 2009-10-08 01:29 11086 ----a-w c:\windows\z95cdownloader6.exe
2009-10-08 01:12 . 2009-10-08 01:12 15407 ----a-w c:\windows\system32\512zthrea95294.exe
2009-10-07 19:47 . 2009-10-07 19:47 3915 ----a-w c:\windows\48589hreatz874.bin
2009-10-07 01:45 . 2009-10-07 01:45 17513 ----a-w c:\windows\9315not-a-virus47bz.exe
2009-10-05 06:47 . 2009-10-05 06:47 7602 ----a-w c:\windows\system32\z9463wo596e.exe
2009-10-03 20:41 . 2009-10-03 20:41 2943 ----a-w c:\windows\9ca5viz703.bin
2009-10-02 21:55 . 2009-10-02 21:55 11359 ----a-w c:\windows\system32\6e57tzi951341.bin
2009-09-24 09:39 . 2009-09-24 09:39 6798 ----a-w c:\windows\system32\296bazkdoor257.exe
2009-09-23 13:05 . 2009-09-23 13:05 7748 ----a-w c:\windows\24838nzt5a-virus3039.dll
2009-09-19 01:46 . 2009-09-19 01:46 14730 ----a-w c:\windows\762fste9l5z92.bin
2009-09-17 17:05 . 2009-09-17 17:05 5002 ----a-w c:\windows\system32\8516noz-a-viru945d.dll
2009-09-17 15:25 . 2009-09-17 15:25 2640 ----a-w c:\windows\1384worz598.bin
2009-09-10 21:15 . 2009-09-10 21:15 14001 ----a-w c:\windows\49e9threaz26504.dll
2009-09-10 05:43 . 2009-09-10 05:43 17921 ----a-w c:\windows\363fs9yware1z50.dll
2009-09-10 01:22 . 2009-09-10 01:22 14576 ----a-w c:\windows\55a49parse2z65.bin
2009-09-09 06:03 . 2009-09-09 06:03 13845 ----a-w c:\windows\6599bzckdoor689.exe
2009-09-08 02:00 . 2009-09-08 02:00 9283 ----a-w c:\windows\system32\5ce3thr9az98925.exe
2009-09-07 18:25 . 2009-09-07 18:25 6299 ----a-w c:\windows\13z95worm73c.bin
2009-09-06 18:52 . 2009-09-06 18:52 2657 ----a-w c:\windows\system32\z576hackt9ol13f.dll
2009-09-06 12:40 . 2009-09-06 12:40 9954 ----a-w c:\windows\system32\96949pamboz56.exe
2009-09-03 21:19 . 2009-09-03 21:19 10233 ----a-w c:\windows\system32\69159teal269z.bin
2009-09-03 13:51 . 2009-09-03 13:51 3694 ----a-w c:\windows\system32\9z609pam5ot1c7.bin
2009-09-02 14:28 . 2009-09-02 14:28 14659 ----a-w c:\windows\3z455s9y788.exe
2009-08-24 03:18 . 2009-08-24 03:18 16736 ----a-w c:\windows\27521trojz9.dll
2009-08-20 17:14 . 2009-08-20 17:14 9754 ----a-w c:\windows\system32\260bzow5loa9er659.exe
2009-08-19 09:02 . 2009-08-19 09:02 14311 ----a-w c:\windows\system32\8958wzrm3af9.dll
2009-08-18 04:42 . 2009-08-18 04:42 4794 ----a-w c:\windows\system32\9be4stzal2655.dll
2009-08-17 17:53 . 2009-08-17 17:53 13425 ----a-w c:\windows\system32\69e5tzief851.bin
2009-08-17 00:14 . 2009-08-17 00:14 17048 ----a-w c:\windows\system32\595bzir5619.dll
2009-08-16 08:38 . 2009-08-16 08:38 9229 ----a-w c:\windows\system32\9140zhacktoo5768.exe
2009-08-10 14:03 . 2009-08-10 14:03 11489 ----a-w c:\windows\8295zroja5.bin
2009-08-07 00:17 . 2009-08-07 00:17 11037 ----a-w c:\windows\233579azk5ool65.dll
2009-08-06 10:48 . 2009-08-06 10:48 2646 ----a-w c:\windows\1799not-a-viruz945.dll
2009-08-04 18:21 . 2009-08-04 18:21 5900 ----a-w c:\windows\zb0thi9f550.bin
2009-08-04 15:28 . 2009-08-04 15:28 17944 ----a-w c:\windows\3571addza5e1795.bin
2009-08-02 19:59 . 2009-08-02 19:59 4746 ----a-w c:\windows\system32\29796spy35az.dll
2009-08-02 08:04 . 2009-08-02 08:04 6137 ----a-w c:\windows\2c65th9e51z97.exe
2009-07-27 16:40 . 2009-07-27 16:40 17491 ----a-w c:\windows\system32\17339vi9zs50c.exe
2009-07-21 18:00 . 2009-07-21 18:00 8539 ----a-w c:\windows\system32\2555zir9737.dll
2009-07-20 01:27 . 2009-07-20 01:27 12273 ----a-w c:\windows\9ff1spyware1564z.dll
2009-07-19 07:16 . 2009-07-19 07:16 10829 ----a-w c:\windows\system32\17598s5y590z.exe
2009-07-18 08:38 . 2009-07-18 08:38 6032 ----a-w c:\windows\1z9095roj59e.exe
2009-07-18 06:52 . 2009-07-18 06:52 12185 ----a-w c:\windows\35abackdzo59452.bin
2009-07-17 11:31 . 2009-07-17 11:31 17244 ----a-w c:\windows\system32\455b9zr798.exe
2009-07-15 23:15 . 2009-07-15 23:15 13261 ----a-w c:\windows\3b1bspz9ar52660.dll
2009-07-15 17:37 . 2009-07-15 17:37 3427 ----a-w c:\windows\20553wzr54699.exe
2009-07-15 00:31 . 2009-07-15 00:31 8197 ----a-w c:\windows\system32\1872virus59z.bin
2009-07-11 16:15 . 2009-07-11 16:15 11412 ----a-w c:\windows\system32\32159h5cktooz41c.bin
2009-07-09 18:40 . 2009-07-09 18:40 7605 ----a-w c:\windows\29059virzs5f9.exe
2009-07-07 07:52 . 2009-07-07 07:52 5946 ----a-w c:\windows\system32\30025spam9ot3z5.dll
2009-07-06 09:03 . 2009-07-06 09:03 10685 ----a-w c:\windows\system32\569faddwar529z9.bin
2009-07-05 13:47 . 2009-07-05 13:47 7236 ----a-w c:\windows\system32\2193zpy250.bin
2009-07-05 04:59 . 2009-07-05 04:59 3077 ----a-w c:\windows\system32\96fspywa5ez515.dll
2009-07-02 23:55 . 2009-07-02 23:55 11931 ----a-w c:\windows\system32\29771no5-z-virus58a.exe
2009-07-01 20:17 . 2009-07-01 20:17 3436 ----a-w c:\windows\10968trojz59.exe
2009-06-24 21:32 . 2009-06-24 21:32 5554 ----a-w c:\windows\system32\7988downloader259z.dll
2009-06-24 21:11 . 2009-06-24 21:11 8436 ----a-w c:\windows\system32\63spa5zot690.dll
2009-06-24 11:38 . 2009-06-24 11:38 7870 ----a-w c:\windows\system32\8543not-azvirus1bf9.exe
2009-06-21 22:55 . 2009-06-21 22:55 15126 ----a-w c:\windows\system32\1495pyware1z39.dll
2009-06-18 18:44 . 2009-06-18 18:44 14727 ----a-w c:\windows\system32\19fcste5z502.exe
2009-06-15 16:42 . 2009-06-15 16:42 16034 ----a-w c:\windows\2a96threat1z0035.dll
2009-06-15 14:01 . 2009-06-15 14:01 9416 ----a-w c:\windows\544zhacktool4c9.bin
2009-06-14 20:13 . 2009-06-14 20:13 3224 ----a-w c:\windows\system32\16d3spyware59z.bin
2009-06-12 20:22 . 2009-06-12 20:22 17596 ----a-w c:\windows\system32\9853trojz15.dll
2009-06-12 07:29 . 2009-06-12 07:29 16701 ----a-w c:\windows\system32\9156addwar5z387.bin
2009-06-09 17:52 . 2009-06-09 17:52 10684 ----a-w c:\windows\system32\158z6tro9353.exe
2009-06-08 17:01 . 2009-06-08 17:01 2790 ----a-w c:\windows\system32\59z9v9r16.bin
2009-06-04 11:30 . 2009-06-04 11:30 10663 ----a-w c:\windows\24581t95jz07.exe
2009-06-02 11:04 . 2009-06-02 11:04 3729 ----a-w c:\windows\system32\7z59vir1795.dll
2009-06-02 10:57 . 2009-06-02 10:57 7126 ----a-w c:\windows\3925sp5rse108z.bin
2009-06-02 01:39 . 2009-06-02 01:39 3220 ----a-w c:\windows\71725pambo9z3d.exe
2009-05-25 02:14 . 2009-05-25 02:14 3875 ----a-w c:\windows\system32\8635t9oj6zd.exe

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))) ))))
.
2009-04-28 14:56 . 2008-04-14 12:00 70778 ----a-w c:\windows\system32\perfc007.dat
2009-04-28 14:56 . 2008-04-14 12:00 405448 ----a-w c:\windows\system32\perfh007.dat
2009-04-28 14:02 . 2009-04-28 13:52 -------- d-----w d:\programme\WiniBlueSoft
2009-04-27 16:18 . 2009-04-27 16:18 444952 ----a-w c:\windows\system32\wrap_oal.dll
2009-04-27 16:18 . 2009-04-27 16:18 109080 ----a-w c:\windows\system32\OpenAL32.dll
2009-04-27 16:18 . 2009-04-27 16:18 -------- d-----w d:\programme\OpenAL
2009-04-27 16:10 . 2009-04-26 13:08 -------- d--h--w d:\programme\InstallShield Installation Information
2009-04-27 15:55 . 2009-04-27 15:43 -------- d-----w d:\programme\Winamp
2009-04-27 12:37 . 2009-04-26 12:27 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-27 11:20 . 2009-04-26 13:08 -------- d-----w d:\programme\Gemeinsame Dateien\InstallShield
2009-04-26 13:19 . 2009-04-26 13:19 -------- d-----w d:\programme\PC Inspector File Recovery
2009-04-26 13:16 . 2009-04-26 13:16 12328 ----a-w c:\dokumente und einstellungen\CrazyDevil\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2009-04-26 13:15 . 2009-04-26 13:15 0 ----a-w c:\windows\ativpsrm.bin
2009-04-26 13:10 . 2009-04-26 13:10 -------- d-----w d:\programme\Desktop
2009-04-26 13:08 . 2009-04-26 13:08 -------- d-----w d:\programme\ATI Technologies
2009-04-26 13:08 . 2009-04-26 12:44 -------- d-----w d:\programme\ASUS
2009-04-26 13:08 . 2009-04-26 13:08 -------- d-----w d:\programme\Gemeinsame Dateien\Dienste
2009-04-26 13:08 . 2009-04-26 13:08 -------- d-----w d:\programme\Gemeinsame Dateien\ATI Technologies
2009-04-26 13:08 . 2009-04-26 13:08 -------- d-----w d:\programme\microsoft frontpage
2009-04-26 13:08 . 2009-04-26 13:08 -------- d-----w d:\programme\Intel
2009-04-26 13:08 . 2009-04-26 13:08 -------- d-----w d:\programme\Online-Dienste
2009-04-26 13:08 . 2009-04-26 13:08 -------- d-----w d:\programme\Realtek
2009-04-26 13:08 . 2009-04-26 13:08 -------- d-----w d:\programme\TuneUp Utilities 2009
2009-04-26 13:06 . 2009-04-26 13:06 -------- d-----w d:\programme\Free Download Manager
2009-04-26 13:03 . 2009-04-26 13:03 604416 ----a-w c:\windows\system32\TUProgSt.exe
2009-04-26 13:03 . 2009-04-26 13:03 360704 ----a-w c:\windows\system32\TuneUpDefragService.exe
2009-04-26 12:42 . 2009-04-26 12:42 -------- d-----w d:\programme\Marvell
2009-04-26 12:37 . 2009-04-26 12:37 315392 ----a-w c:\windows\HideWin.exe
2009-04-26 12:27 . 2008-04-14 12:00 67 --sha-w c:\windows\Fonts\desktop.ini
2009-04-26 12:25 . 2009-04-26 12:25 21740 ----a-w c:\windows\system32\emptyregdb.dat
2009-04-23 20:40 . 2009-04-23 20:40 10623 ----a-w c:\windows\25z93not-a-virus975.exe
2009-04-21 06:42 . 2009-04-21 06:42 13586 ----a-w c:\windows\system32\49c5vzr2531.dll
2009-04-20 13:04 . 2009-04-20 13:04 6568 ----a-w c:\windows\system32\12818hzck5o9l32f.bin
2009-04-18 06:24 . 2009-04-18 06:24 10994 ----a-w c:\windows\system32\59cev5rz591.dll
2009-04-15 02:59 . 2009-04-15 02:59 11089 ----a-w c:\windows\system32\25790sp5750z.bin
2009-04-14 18:18 . 2009-04-14 18:18 41808 ----a-w c:\windows\system32\xfcodec.dll
2009-04-13 03:46 . 2009-04-13 03:46 8234 ----a-w c:\windows\7z56s9eal1928.exe
2009-04-11 08:27 . 2009-04-11 08:27 3356 ----a-w c:\windows\system32\35a9addwar92z635.bin
2009-04-05 20:35 . 2009-04-05 20:35 14167 ----a-w c:\windows\system32\11541wzr96b5.exe
2009-04-04 00:49 . 2009-04-04 00:49 7542 ----a-w c:\windows\1597backdoor5084z.exe
2009-04-03 02:21 . 2009-04-03 02:21 13747 ----a-w c:\windows\system32\3f9cth9e5636z.dll
2009-03-28 09:33 . 2009-03-28 09:33 4561 ----a-w c:\windows\zd25threat479.bin
2009-03-28 08:09 . 2009-03-28 08:09 11798 ----a-w c:\windows\94406viruszd25.exe
2009-03-27 19:22 . 2009-03-27 19:22 10167 ----a-w c:\windows\system32\885spy61z9.bin
2009-03-27 11:30 . 2009-03-27 11:30 4278 ----a-w c:\windows\system32\95fftzreat15649.dll
2009-03-26 00:57 . 2009-03-26 00:57 16107 ----a-w c:\windows\system32\3z75vir9s6ee5.dll
2009-03-23 10:42 . 2009-03-23 10:42 18222 ----a-w c:\windows\system32\638aspzrs52379.bin
2009-03-21 06:20 . 2009-03-21 06:20 8338 ----a-w c:\windows\system32\6dz5spyware796.dll
2009-03-20 13:01 . 2009-04-26 13:03 28416 ----a-w c:\windows\system32\uxtuneup.dll
2009-03-17 19:41 . 2009-03-17 19:41 3668 ----a-w c:\windows\system32\6835vi9z46.exe
2009-03-17 19:05 . 2009-04-26 12:47 593920 ------w c:\windows\system32\ati2sgag.exe
2009-03-16 21:33 . 2008-06-03 06:20 3597312 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2009-03-16 20:27 . 2009-04-26 12:47 442368 ----a-w c:\windows\system32\ATIDEMGX.dll
2009-03-16 20:26 . 2008-06-03 03:21 328704 ----a-w c:\windows\system32\ati2dvag.dll
2009-03-16 20:17 . 2009-04-26 12:47 307200 ----a-w c:\windows\system32\atiiiexx.dll
2009-03-16 20:17 . 2008-06-03 03:11 204800 ----a-w c:\windows\system32\atipdlxx.dll
2009-03-16 20:16 . 2008-06-03 03:11 155648 ----a-w c:\windows\system32\Oemdspif.dll
2009-03-16 20:16 . 2008-06-03 03:11 26112 ----a-w c:\windows\system32\Ati2mdxx.exe
2009-03-16 20:16 . 2008-06-03 03:11 43520 ----a-w c:\windows\system32\ati2edxx.dll
2009-03-16 20:16 . 2008-06-03 03:11 155648 ----a-w c:\windows\system32\ati2evxx.dll
2009-03-16 20:15 . 2008-06-03 03:09 602112 ----a-w c:\windows\system32\ati2evxx.exe
2009-03-16 20:13 . 2008-06-03 03:08 53248 ----a-w c:\windows\system32\ATIDDC.DLL
2009-03-16 20:06 . 2008-06-03 02:59 3820736 ----a-w c:\windows\system32\ati3duag.dll
2009-03-16 20:04 . 2009-03-16 20:04 11563008 ----a-w c:\windows\system32\atioglxx.dll
2009-03-16 19:53 . 2008-06-03 02:48 2675328 ----a-w c:\windows\system32\ativvaxx.dll
2009-03-16 19:40 . 2009-03-16 19:40 49664 ----a-w c:\windows\system32\atimpc32.dll
2009-03-16 19:40 . 2008-06-03 02:33 49664 ----a-w c:\windows\system32\amdpcom32.dll
2009-03-16 19:36 . 2008-06-03 02:29 475136 ----a-w c:\windows\system32\atikvmag.dll
2009-03-16 19:35 . 2008-06-03 03:04 303104 ----a-w c:\windows\system32\atiok3x2.dll
2009-03-16 19:35 . 2009-03-16 19:35 45056 ----a-w c:\windows\system32\aticalrt.dll
2009-03-16 19:35 . 2008-06-03 02:28 131072 ----a-w c:\windows\system32\atiadlxx.dll
2009-03-16 19:34 . 2009-03-16 19:34 45056 ----a-w c:\windows\system32\aticalcl.dll
2009-03-16 19:34 . 2008-06-03 02:28 17408 ----a-w c:\windows\system32\atitvo32.dll
2009-03-16 19:34 . 2008-06-03 02:27 53248 ----a-w c:\windows\system32\drivers\ati2erec.dll
2009-03-16 19:33 . 2009-03-16 19:33 3264512 ----a-w c:\windows\system32\aticaldd.dll
2009-03-16 19:28 . 2008-06-03 02:21 630784 ----a-w c:\windows\system32\ati2cqag.dll
2009-03-13 04:00 . 2009-03-13 04:00 3973 ----a-w c:\windows\system32\28z59sp5310.dll
2009-03-11 00:25 . 2009-03-11 00:25 10050 ----a-w c:\windows\system32\2977spar5e1957z.bin
2009-03-10 09:12 . 2009-03-10 09:12 5211 ----a-w c:\windows\4d955hiefz16.dll
2009-03-10 08:44 . 2009-03-10 08:44 13205 ----a-w c:\windows\system32\3bd3s9ywar512z.bin
2009-03-08 16:26 . 2009-03-08 16:26 2957 ----a-w c:\windows\system32\399z95y355.bin
2009-03-07 22:36 . 2009-03-07 22:36 10719 ----a-w c:\windows\14z9459ambot435.bin
2009-03-07 15:28 . 2009-03-07 15:28 5112 ----a-w c:\windows\system32\z4942spy43f5.exe
2009-03-07 06:02 . 2009-03-07 06:02 4847 ----a-w c:\windows\12573noz-9-vi5us669.exe
2009-03-06 20:47 . 2009-03-06 20:47 7067 ----a-w c:\windows\92c4thzef3185.exe
2009-03-05 01:14 . 2009-03-05 01:14 16254 ----a-w c:\windows\8970sp5m9ot748z.bin
2009-03-04 02:03 . 2009-03-04 02:03 6345 ----a-w c:\windows\d9zspyw5re942.dll
2009-03-03 19:56 . 2009-03-03 19:56 118784 ----a-w c:\windows\system32\atibtmon.exe
2009-03-03 08:47 . 2009-03-03 08:47 7255 ----a-w c:\windows\1758wozm491.dll
2009-03-03 01:04 . 2009-03-03 01:04 7266 ----a-w c:\windows\13abba9k5zor1370.dll
2009-02-28 19:28 . 2009-02-28 19:28 11838 ----a-w c:\windows\49zasteal15589.exe
2009-02-27 16:27 . 2009-02-27 16:27 10115 ----a-w c:\windows\system32\72ezt9ief935.exe
2009-02-27 08:07 . 2009-02-27 08:07 4202 ----a-w c:\windows\system32\ed0down5o9derz944.exe
2009-02-27 06:10 . 2009-02-27 06:10 3927 ----a-w c:\windows\system32\z55d9ir2256.dll
2009-02-23 21:39 . 2009-04-26 12:47 184394 ----a-w c:\windows\system32\atiicdxx.dat
2009-02-22 15:00 . 2009-02-22 15:00 9632 ----a-w c:\windows\system32\55609tealz81.dll
2009-02-22 07:42 . 2009-02-22 07:42 9385 ----a-w c:\windows\system32\35947trojz7.dll
2009-02-19 20:03 . 2009-02-19 20:03 8974 ----a-w c:\windows\2943th5ef26z2.bin
2009-02-19 14:47 . 2009-02-19 14:47 7691 ----a-w c:\windows\7584st9az3186.dll
2009-02-18 17:55 . 2007-08-21 21:51 294912 ----a-w c:\windows\system32\ATIODE.exe
.

------- Sigcheck -------

[-] 2008-04-14 12:00 17408 D41D8CD98F00B204E9800998ECF8427E c:\windows\system32\svchost.exe

[-] 2008-04-14 12:00 516096 D41D8CD98F00B204E9800998ECF8427E c:\windows\system32\winlogon.exe

[-] 2008-04-14 12:00 1039360 D41D8CD98F00B204E9800998ECF8427E c:\windows\explorer.exe

[-] 2008-04-14 12:00 111104 D41D8CD98F00B204E9800998ECF8427E c:\windows\system32\services.exe

[-] 2008-04-14 12:00 14848 D41D8CD98F00B204E9800998ECF8427E c:\windows\system32\lsass.exe

[-] 2008-04-14 12:00 58880 D41D8CD98F00B204E9800998ECF8427E c:\windows\system32\spoolsv.exe

[-] 2008-04-14 12:00 1571840 E7EF7580241236552C7114FC71166CB6 c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Free Download Manager"="d:\programme\Free Download Manager\fdm.exe" [2009-01-31 3399727]
"DAEMON Tools Lite"="d:\programme\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"setup2.exe"="c:\windows\system32\setup2.exe" [2009-04-28 1097216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Six Engine"="d:\programme\ASUS\EPU-6 Engine\SixEngine.exe" [2008-06-02 5964800]
"avgnt"="d:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-05-16 16862720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\dokumente und einstellungen\CrazyDevil\Startmen\Programme\Auto start\
Xfire.lnk - d:\programme\Xfire\Xfire.exe [2009-4-14 3111248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad]
"dqXcZNH"= {F8A72569-520D-8FC3-23ED-8222C5E99586} - c:\windows\System32\sc.dll [2008-04-14 32768]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\beep.sys]
@="beep"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SharedAccess"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Programme\\Xfire\\Xfire.exe"=
"d:\\Games\\GRID\\GRID.exe"=

S0 mv61xx;mv61xx;c:\windows\system32\DRIVERS\mv61xx.s ys [2008-06-10 150568]
S2 AntiVirSchedulerService;Avira AntiVir Planer;d:\programme\Avira\AntiVir Desktop\sched.exe [2009-04-28 108289]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-04-26 604416]
S3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2008-05-20 93696]
S3 L1e;Miniport Driver for Atheros AR8121/AR8113 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\l1e51x86.sy s [2008-02-02 36864]


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{3d56e34d-326b-11de-bfd9-806d6172696f}]
\Shell\AutoRun\command - J:\AUTORUN.EXE
.
Inhalt des "geplante Tasks" Ordners

2009-04-28 c:\windows\Tasks\1-Klick-Wartung.job
- c:\programme\TuneUp Utilities 2009\OneClickStarter.exe [2009-03-20 13:17]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Alles mit FDM herunterladen - file://d:\programme\Free Download Manager\dlall.htm
IE: Auswahl mit FDM herunterladen - file://d:\programme\Free Download Manager\dlselected.htm
IE: Datei mit FDM herunterladen - file://d:\programme\Free Download Manager\dllink.htm
IE: Videos mit FDM herunterladen - file://d:\programme\Free Download Manager\dlfvideo.htm
FF - ProfilePath - d:\eigene dateien\Anwendungsdaten\Mozilla\Firefox\Profiles\e 2dc8bri.default\
FF - plugin: c:\programme\Windows Media Player\npdrmv2.dll
FF - plugin: c:\programme\Windows Media Player\npdsplay.dll
FF - plugin: c:\programme\Windows Media Player\npwmsdrm.dll
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-28 17:05
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

************************************************** ************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(936)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(576)
d:\programme\Xfire\xfire_toucan_36650.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
d:\programme\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
************************************************** ************************
.
Zeit der Fertigstellung: 2009-04-28 17:05 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2009-04-28 15:05

Vor Suchlauf: 4.358.938.624 Bytes frei
Nach Suchlauf: 4.356.792.320 Bytes frei

362
Werbung

  Mit Zitat antworten
Antwort


Alt 12.02.2012, 11:20 # --
News Flash
Mehr zum Thema
 
Benutzerbild von News Flash
 
 
 
Standard Mehr zum Thema
   
Themen-Optionen



Alle Zeitangaben in WEZ +2. Es ist jetzt 12:20 Uhr.

Kontakt - www.netzwelt.de - Archiv - Nach oben