http://s1139.photobucket.com/user/To...tml?sort=3&o=0
Na geil .. :D
Ist übrigends ein Acer Upgrade Kit.
EDIT: Combofix hat nochmal was gefunden ...
Combofix Logfile: Code:
ComboFix 14-01-16.03 - highend-outlets 20.01.2014 20:32:12.1.1 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.49.1031.18.3003.1760 [GMT 1:00]
ausgeführt von:: C:\Users\Public\Roaming\Intel\Wireless\sessions\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
C:\Users\highend-outlets\AppData\Roaming\fnmod_32.exe
C:\Users\highend-outlets\AppData\Roaming\Gayklu
C:\Users\highend-outlets\AppData\Roaming\Gayklu\ossak.exe
C:\Windows\system32\drivers\ec55e6b546b6bca3.sys . . . . Nicht in der Lage zu löschen
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ec55e6b546b6bca3
-------\Service_ec55e6b546b6bca3
((((((((((((((((((((((( Dateien erstellt von 2013-12-20 bis 2014-01-20 ))))))))))))))))))))))))))))))
2014-01-20 19:43:32 . 2014-01-20 19:52:08 -------- d-----w- C:\Users\highend-outlets\AppData\Local\temp
2014-01-20 19:43:32 . 2014-01-20 19:43:32 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-01-20 19:17:10 . 2014-01-20 19:17:18 -------- d-----w- C:\MGADiagToolOutput
2014-01-20 19:14:24 . 2014-01-20 19:14:24 -------- d-----w- C:\ProgramData\Office Genuine Advantage
2014-01-19 01:02:33 . 2014-01-20 19:44:09 -------- d-----w- C:\Windows\system32\catroot2
2014-01-19 00:56:05 . 2014-01-20 19:46:19 -------- d-----w- C:\Windows\system32\wbem\repository
2014-01-18 19:35:27 . 2014-01-20 17:22:27 -------- d-----w- C:\Users\highend-outlets\AppData\Roaming\Suuzn
2014-01-18 18:57:55 . 2014-01-18 18:57:55 -------- d-----w- C:\Windows\acerTemp
2014-01-18 18:55:33 . 2014-01-18 18:55:33 -------- d-----w- C:\ProgramData\InstallShield
2014-01-18 18:55:14 . 2014-01-18 18:55:14 -------- d-----w- C:\OEM
2014-01-18 18:55:14 . 2007-04-27 23:12:44 78784 ----a-w- C:\Windows\system32\ISUSPM.cpl
2014-01-18 18:55:14 . 2006-09-11 10:56:24 218032 ----a-w- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
2014-01-18 18:55:12 . 2007-04-27 23:12:48 394184 ----a-w- C:\Program Files\Common Files\InstallShield\UpdateService\_isusres.dll
2014-01-18 18:55:12 . 2007-04-27 23:12:46 29640 ----a-w- C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll
2014-01-18 18:19:20 . 2014-01-18 18:19:20 -------- d-----w- C:\Users\highend-outlets\Stuff i wanna keep
2014-01-16 15:46:19 . 2013-12-18 20:10:01 94632 ----a-w- C:\Windows\system32\WindowsAccessBridge.dll
2014-01-11 14:38:37 . 2014-01-19 01:02:06 181064 ----a-w- C:\Windows\PSEXESVC.EXE
2014-01-09 21:46:39 . 2014-01-09 21:46:39 -------- d-----w- C:\Users\highend-outlets\AppData\Local\ElevatedDiagnostics
2014-01-09 11:55:31 . 2014-01-09 11:55:31 -------- d-----w- C:\Users\highend-outlets\AppData\Roaming\Avira
2014-01-09 11:54:55 . 2013-12-09 10:37:18 90400 ----a-w- C:\Windows\system32\drivers\avgntflt.sys
2014-01-09 11:54:54 . 2014-01-09 11:54:54 -------- d-----w- C:\Program Files\Avira
2014-01-09 11:44:23 . 2014-01-09 11:44:23 410528 ----a-w- C:\Windows\system32\drivers\wyytnkxo.sys
2014-01-09 11:41:23 . 2014-01-09 11:41:23 -------- d-----w- C:\Program Files\Common Files\Adobe AIR
2014-01-08 12:50:34 . 2014-01-08 12:50:34 410528 ----a-w- C:\Windows\system32\drivers\xfkeassb.sys
2014-01-08 12:49:24 . 2014-01-08 12:49:24 410528 ----a-w- C:\Windows\system32\drivers\hiwgsrwb.sys
2014-01-07 15:53:56 . 2014-01-07 15:53:56 -------- d-----w- C:\Program Files\ESET
2014-01-06 20:45:28 . 2014-01-06 20:45:28 410528 ----a-w- C:\Windows\system32\drivers\czdmwyqx.sys
2014-01-06 20:45:20 . 2014-01-06 20:45:20 410528 ----a-w- C:\Windows\system32\drivers\tarvowla.sys
2014-01-06 20:45:01 . 2014-01-06 20:45:01 410528 ----a-w- C:\Windows\system32\drivers\vxqrmluf.sys
2014-01-06 20:43:49 . 2014-01-06 20:43:49 410528 ----a-w- C:\Windows\system32\drivers\edhiwysm.sys
2014-01-06 20:29:59 . 2014-01-06 20:29:59 410528 ----a-w- C:\Windows\system32\drivers\bcvzxmte.sys
2014-01-06 14:38:04 . 2014-01-06 14:38:04 410528 ----a-w- C:\Windows\system32\drivers\knikxjfp.sys
2014-01-06 14:35:04 . 2014-01-06 14:35:04 410528 ----a-w- C:\Windows\system32\drivers\rwuxdyqw.sys
2014-01-06 12:59:34 . 2014-01-06 12:59:34 410528 ----a-w- C:\Windows\system32\drivers\dnotgmyj.sys
2014-01-06 12:57:28 . 2014-01-06 12:57:28 410528 ----a-w- C:\Windows\system32\drivers\kpawwwrb.sys
2014-01-06 12:33:09 . 2014-01-06 12:33:09 410528 ----a-w- C:\Windows\system32\drivers\uykbixwg.sys
2014-01-06 12:33:07 . 2014-01-06 12:33:07 -------- d-----w- C:\ProgramData\AVAST Software
2014-01-06 11:13:08 . 2014-01-06 11:13:08 -------- d-----w- C:\Windows\ERUNT
2014-01-06 10:49:16 . 2014-01-10 13:25:33 -------- d-----w- C:\AdwCleaner
2014-01-03 17:01:45 . 2014-01-03 17:01:45 -------- d-----w- C:\Users\highend-outlets\AppData\Roaming\Malwarebytes
2014-01-03 17:01:23 . 2014-01-03 17:01:23 -------- d-----w- C:\ProgramData\Malwarebytes
2014-01-03 17:01:21 . 2014-01-03 17:01:26 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2014-01-03 17:01:21 . 2013-04-04 13:50:32 22856 ----a-w- C:\Windows\system32\drivers\mbam.sys
2014-01-03 10:19:54 . 2014-01-10 13:06:11 -------- d-----w- C:\FRST
2014-01-01 18:51:13 . 2014-01-03 17:31:34 -------- d-----w- C:\Users\highend-outlets\AppData\Local\ATworks
2014-01-01 01:03:23 . 2013-12-04 02:57:47 7760024 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7174A49D-C7F8-4593-B64E-EA7BA7D093E6}\mpengine.dll
2013-12-31 19:20:55 . 2014-01-03 17:28:08 -------- d-----w- C:\SIERRA
2013-12-30 12:29:33 . 2014-01-19 12:03:36 -------- d-----w- C:\Program Files\Tales of Pirates II
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
2014-01-09 11:39:55 . 2012-04-13 09:51:35 692616 ----a-w- C:\Windows\system32\FlashPlayerApp.exe
2014-01-09 11:39:55 . 2011-05-26 13:26:24 71048 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-18 09:01:00 . 2012-12-09 11:17:20 135648 ----a-w- C:\Windows\system32\drivers\avipbb.sys
2013-11-25 13:29:24 . 2012-12-09 11:17:20 37352 ----a-w- C:\Windows\system32\drivers\avkmgr.sys
2013-11-19 02:33:38 . 2009-12-12 08:15:11 230048 ----a-w- C:\Windows\system32\MpSigStub.exe
2013-07-19 18:50:27 . 2013-07-19 18:41:48 671261856 ----a-w- C:\Program Files\S4_League.exe
2013-05-25 14:53:34 . 2013-05-25 14:51:22 529007518 ----a-w- C:\Program Files\top2_setup_1.0.63.exe
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-05-14 21:02:48 120104 ----a-w- C:\Program Files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 02:25:11 125952]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-08-23 12:48:09 39408]
"Spotify Web Helper"="C:\Users\highend-outlets\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-10 15:47:44 1171968]
"ATworks"="C:\Users\highend-outlets\AppData\Local\ATworks\CompatObjclass16.dll" [2014-01-01 18:51:24 25600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-12 00:38:38 186904]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-04-11 04:11:16 7399968]
"PLFSetI"="C:\Windows\PLFSetI.exe" [2008-07-29 17:29:26 200704]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 18:32:16 1430824]
"LManager"="C:\Program Files\Launch Manager\LManager.exe" [2009-04-09 00:56:14 1071624]
"BackupManagerTray"="C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-05-26 13:26:34 253696]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2009-03-30 19:59:36 62760]
"Acer ePower Management"="C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-05-15 20:39:48 440864]
"ODDPwr"="C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe" [2009-04-29 17:56:28 176128]
"EgisTecLiveUpdate"="C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe" [2009-05-13 17:39:42 199464]
"mwlDaemon"="C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-05-14 21:03:18 345384]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 17:36:46 30040]
"FUFAXSTM"="C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-12-02 23:00:00 847872]
"EEventManager"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 09:12:12 976320]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2010-08-25 18:45:44 136216]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2010-08-25 18:45:36 171032]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2010-08-25 18:45:40 170520]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 10:55:28 937920]
"Eraser"="C:\PROGRA~1\Eraser\Eraser.exe" [2012-05-22 06:13:12 980920]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 07:16:26 254336]
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2013-12-09 10:37:18 684600]
"OEM Upgrade DVD"="C:\OEM\Upgrade Kit\DVDMainStart.Launcher.exe" [2009-09-24 13:11:36 410968]
C:\Users\highend-outlets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe [2009-7-15 565248]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^highend-outlets^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk]
path=C:\Users\highend-outlets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
backup=C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-09-02 11:26:08 138096 ----atw- C:\Users\highend-outlets\AppData\Local\Facebook\Update\FacebookUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:12:28 3872080 ----a-w- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2009-11-06 14:00:34 2090272 ----a-w- C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-05-02 10:25:56 724536 ----a-w- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-11-14 15:42:42 20584608 ----a-r- C:\Program Files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2014-01-10 15:47:46 6118400 ----a-w- C:\Users\highend-outlets\AppData\Roaming\Spotify\spotify.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2014-01-10 15:47:44 1171968 ----a-w- C:\Users\highend-outlets\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
--- Andere Dienste/Treiber im Speicher ---
*NewlyCreated* - EC55E6B546B6BCA3
*Deregistered* - ec55e6b546b6bca3
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-20 18:50:17 1211672 ----a-w- C:\Program Files\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe
Inhalt des "geplante Tasks" Ordners
2014-01-09 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 09:51:35 . 2014-01-09 11:39:55]
2014-01-05 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-76954294-2760295059-2378521770-1000Core.job
- C:\Users\highend-outlets\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-02 11:26:16 . 2012-09-02 11:26:08]
2014-01-05 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-76954294-2760295059-2378521770-1000UA.job
- C:\Users\highend-outlets\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-02 11:26:16 . 2012-09-02 11:26:08]
2014-01-20 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-17 19:24:55 . 2012-06-17 19:24:53]
2014-01-06 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-17 19:24:55 . 2012-06-17 19:24:53]
2014-01-05 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-76954294-2760295059-2378521770-1000Core.job
- C:\Users\highend-outlets\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-06 16:05:13 . 2011-05-06 16:05:07]
2011-05-06 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-76954294-2760295059-2378521770-1000UA.job
- C:\Users\highend-outlets\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-06 16:05:13 . 2011-05-06 16:05:07]
2012-05-14 C:\Windows\Tasks\User_Feed_Synchronization-{96A8A4AD-CD8F-4D37-8F51-72C50F28B58B}.job
- C:\Windows\system32\msfeedssync.exe [2011-06-15 05:11:53 . 2011-05-28 04:32:15]
------- Zusätzlicher Suchlauf -------
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_5810t
mStart Page = hxxp://www.yahoo.com
uSearchURL,(Default) = hxxp://go.1und1.de/suchbox/1und1suche?su=%s
IE: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{1270B9F4-11CF-4ED7-8A0C-36D3CED1DD4C}: NameServer = 8.8.8.8,8.8.4.4
- - - - Entfernte verwaiste Registrierungseinträge - - - -
HKCU-Run-ossak.exe - C:\Users\highend-outlets\AppData\Roaming\Gayklu\ossak.exe
HKCU-Run-FNModuleUpdater - C:\Users\highend-outlets\AppData\Roaming\fnmod_32.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-01-20 20:52:49
Windows 6.0.6001 Service Pack 1 NTFS
Scanne versteckte Prozesse...
Scanne versteckte Autostarteinträge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\serviceIEConfig]
"ImagePath"="C:\Windows\System32\ieconfig_1und1_svc.exe /startedbyscm:016FE01B-40E31F2D-serviceIEConfig"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="C:\Windows\system32\GameMon.des -service"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ec55e6b546b6bca3]
"ImagePath"="\SystemRoot\System32\Drivers\ec55e6b546b6bca3.sys"
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5b,d0,52,6f,e6,98,2b,4b,b3,8e,53,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5b,d0,52,6f,e6,98,2b,4b,b3,8e,53,\
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
- - - - - - - > 'Explorer.exe'(3208)
C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll
C:\Program Files\EgisTec\MyWinLocker 3\x86\sysenv.dll
------------------------ Weitere laufende Prozesse ------------------------
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\Windows\System32\ieconfig_1und1_svc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Windows\system32\conime.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\wbem\unsecapp.exe
**************************************************************************
Zeit der Fertigstellung: 2014-01-20 20:56:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-01-20 19:56:50
ComboFix2.txt 2014-01-04 17:48:13
Vor Suchlauf: 26 Verzeichnis(se), 104.930.566.144 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 104.772.403.200 Bytes frei
- - End Of File - - 955A7A6C80A18A1E38A68EC8D24336E5
--- --- ---
BEEDF9B7F43A72A91456F7131AFC11B2
[/CODE] |
