herzlichen Dank für die Hilfe so weit...
das wäre jetzt log.txt
Combofix Logfile: Code:
ComboFix 12-03-04.01 - ambros 04.03.2012 22:06:09.1.2 - x86
ausgeführt von:: c:\users\ambros\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Norton Internet Security *Enabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ambros\AppData\Local\vorbis.dll
c:\users\ambros\AppData\Local\vorbisenc.dll
c:\users\ambros\AppData\Local\vorbisfile.dll
c:\users\ambros\Civilization3.exe
c:\users\ambros\Favorites\Documents\~WRL0003.tmp
c:\users\ambros\Favorites\Documents\~WRL0004.tmp
c:\users\ambros\Favorites\Documents\~WRL0012.tmp
c:\users\ambros\Favorites\Documents\~WRL0055.tmp
c:\users\ambros\Favorites\Documents\~WRL0094.tmp
c:\users\ambros\Favorites\Documents\~WRL0409.tmp
c:\users\ambros\Favorites\Documents\~WRL0499.tmp
c:\users\ambros\Favorites\Documents\~WRL0961.tmp
c:\users\ambros\Favorites\Documents\~WRL1776.tmp
c:\users\ambros\Favorites\Documents\~WRL2072.tmp
c:\users\ambros\Favorites\Documents\~WRL2606.tmp
c:\users\ambros\Favorites\Documents\~WRL3269.tmp
c:\users\ambros\Favorites\Documents\~WRL3325.tmp
c:\users\ambros\Favorites\Documents\~WRL3417.tmp
c:\users\ambros\Favorites\Documents\~WRL3634.tmp
c:\users\ambros\Favorites\Documents\~WRL3684.tmp
c:\users\ambros\Favorites\Documents\~WRL3707.tmp
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\unin0407.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_usnjsvc
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-02-04 bis 2012-03-04 ))))))))))))))))))))))))))))))
.
.
2012-03-04 21:22 . 2012-03-04 21:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-04 21:22 . 2012-03-04 21:22 -------- d-----w- c:\users\rx\AppData\Local\temp
2012-03-04 19:52 . 2009-09-10 13:55 102912 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-03-04 19:52 . 2009-07-24 14:51 101248 ----a-w- c:\windows\system32\drivers\ewusbdev.sys
2012-03-04 19:52 . 2009-06-22 19:01 112128 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-03-04 19:52 . 2007-08-09 03:06 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-03-03 20:40 . 2009-10-29 18:28 9216 ----a-w- c:\windows\system32\drivers\massfilter.sys
2012-03-03 20:40 . 2009-10-29 18:28 105088 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys
2012-03-03 20:40 . 2009-10-29 18:28 105088 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys
2012-03-03 20:40 . 2009-10-29 18:28 105088 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys
2012-03-03 20:39 . 2012-03-03 20:39 -------- d-----w- c:\windows\system32\SupportAppCB
2012-03-03 20:39 . 2012-03-03 20:39 -------- d-----w- c:\program files\Join Air
2012-03-02 22:28 . 2012-03-02 22:28 -------- d-----w- c:\programdata\Avira
2012-03-02 22:28 . 2012-03-02 22:28 -------- d-----w- c:\program files\Avira
2012-03-02 21:44 . 2012-03-02 21:45 -------- d-----w- c:\users\SatorArepo
2012-03-01 18:49 . 2012-03-01 18:49 -------- d-----w- c:\users\Ovid
2012-03-01 17:34 . 2012-03-01 17:34 -------- d-----w- c:\users\rx\AppData\Local\Google
2012-03-01 17:34 . 2012-03-01 17:34 -------- d-----w- c:\users\rx\AppData\Local\AOL
2012-02-21 22:54 . 2011-12-14 02:50 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-21 18:44 . 2012-02-21 18:44 -------- d-----w- c:\program files\Skispringen 2006 Demo
2012-02-21 18:06 . 2012-02-21 18:06 -------- d-----w- c:\program files\Deluxe Ski Jump 4
2012-02-16 18:36 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 18:36 . 2012-01-12 19:52 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-16 18:33 . 2011-12-20 10:56 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-02-16 08:29 . 2007-04-30 19:00 69632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP92.DLL
2012-02-16 08:29 . 2007-04-30 19:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD92.DLL
2012-02-16 08:27 . 2007-04-30 19:00 215040 ----a-w- c:\windows\system32\CNMLM92.DLL
2012-02-04 15:04 . 2012-03-03 18:26 -------- d-----r- c:\users\ambros\Dropbox
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-04 20:53 . 2008-06-13 02:55 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-01-29 04:10 . 2009-10-02 20:51 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-06 04:19 . 2012-03-03 18:47 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A002DDFE-D8F9-46E6-9579-8BC4E23D18A4}\mpengine.dll
2011-12-20 10:37 . 2011-12-20 10:37 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 08:32 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\ambros\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\ambros\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\ambros\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-03-19 2363392]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 507904]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-22 39408]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-21 192000]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-09-03 3342336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-14 468264]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"lxdpmon.exe"="c:\program files\Lexmark Z2300 Series\lxdpmon.exe" [2008-03-27 656040]
"EzPrint"="c:\program files\Lexmark Z2300 Series\ezprint.exe" [2008-03-27 107176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]
.
c:\users\ambros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\ambros\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
FIFA 09-Registrierung.lnk - c:\program files\EA SPORTS\FIFA 09\Support\EAregister.exe [2008-8-13 4369408]
FIFA 11-Registrierung.lnk - c:\program files\EA SPORTS\FIFA 11\Support\EAregister.exe [2010-9-10 4407808]
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]
Registration Assassin's Creed.LNK - d:\assassin's creed\Register\RegistrationReminder.exe [2012-1-20 967304]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [2009-03-02 81920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - COMHOST
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-03-19 09:15 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-22 21:01]
.
2012-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-14 09:14]
.
2012-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-14 09:14]
.
2012-02-23 c:\windows\Tasks\HPCeeScheduleForambros.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-06-13 13:14]
.
2010-12-18 c:\windows\Tasks\User_Feed_Synchronization-{D25907D5-CBA6-4AFE-B903-A4A2E18B8E63}.job
- c:\windows\system32\msfeedssync.exe [2012-02-21 07:35]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.stift-kremsmuenster.at/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=83&bd=Pavilion&pf=cnnb
IE: &AOL Toolbar-Suche - c:\programdata\AOL\ieToolbar\resources\de-AT\local\search.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\ambros\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\ambros\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\ambros\AppData\Roaming\Mozilla\Firefox\Profiles\hiyebr87.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.stift-kremsmuenster.at/
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
HKLM-Run-Lexmark X1100 Series - c:\program files\Lexmark X1100 Series\lxbkbmgr.exe
AddRemove-AVerMedia A309 (MiniCard, DVB-T) - c:\program files\AVerMedia\AVerMedia A309 (MiniCard
AddRemove-Direktfotosystem2_is1 - h:\hartlauerfotoservice3\unins000.exe
AddRemove-GameCenter - c:\program files\Cyanide\GameCenter\uninstall.exe
AddRemove-Pro Cycling Manager - c:\program files\Cyanide\Radsportmanager Pro 2005-2006\uninstall.exe
AddRemove-Savoluca German 2006 DB v2.0 - c:\program files\Cyanide\Radsportmanager Pro 2005-2006\Uninstal.exe
AddRemove-SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D} - c:\program files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_5_0_23\Setup.exe
.
.
.
**************************************************************************
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien:
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-320825625-2981028103-1688675666-1000\Software\SecuROM\License information*]
"datasecu"=hex:e7,e5,3e,fb,c0,82,03,bb,1f,1a,03,5d,ab,3b,53,eb,3f,57,89,b4,e2,
7d,ec,df,e6,db,f9,d1,ac,a3,87,b7,2d,96,70,5f,87,47,02,80,e8,6a,ee,a9,0b,87,\
"rkeysecu"=hex:7f,1d,a7,0d,3e,2d,c9,ed,08,d4,07,d8,98,6c,a4,13
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4088)
c:\users\ambros\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\btncopy.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
c:\windows\system32\Hpservice.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\WLANExt.exe
c:\windows\System32\LEXBCES.EXE
c:\windows\System32\LEXPPS.EXE
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\lxdpcoms.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\windows\SMINST\BLService.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wermgr.exe
c:\windows\System32\vdsldr.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-03-04 22:39:49 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-03-04 21:38
.
Vor Suchlauf: 9.944.678.400 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 24.766.148.608 Bytes frei
.
- - End Of File - - C7CD0DBFE90EBD25BB020E99E537E7C1
--- --- --- |
