Jump to content

Infection?

pepeace
 Share

Recommended Posts

pepeace

pepeace

Posted
Posted

Hey! My computer is going crazy in the last 2 weeks so i downloaded ComboFix because all other Malware-Cleaners i tried didnt do or fix anything. The thing is i dont know what all the things in the log file are so i wanted to ask if someone could help me encrypt this file :P the log says that: 

 

ComboFix 14-07-21.01 - Niko 21-Jul-14  13:57:36.1.8 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.8081.4994 [GMT 2:00]
ausgeführt von:: c:\users\Niko\Downloads\ComboFix.exe
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\2328383708
c:\windows\SysWow64\DEBUG.log
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-21 bis 2014-07-21  ))))))))))))))))))))))))))))))
.
.
2014-07-21 10:34 . 2014-07-21 10:34 -------- d-----w- c:\programdata\Gibraltar
2014-07-19 20:30 . 2014-07-19 20:30 -------- d-----w- c:\programdata\Riot Games
2014-07-18 12:48 . 2014-07-21 11:52 -------- d-----w- c:\users\Niko\AppData\Roaming\Dropbox
2014-07-18 11:34 . 2014-07-18 11:34 -------- d-----w- c:\users\Niko\AppData\Local\Facebook
2014-07-17 17:03 . 2014-07-17 17:03 -------- d-----w- c:\program files\CCleaner
2014-07-17 14:30 . 2013-09-20 08:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2014-07-17 14:30 . 2014-07-21 11:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2014-07-17 14:30 . 2014-07-17 14:31 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2014-07-16 16:12 . 2014-07-21 11:33 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-16 16:12 . 2014-07-16 16:12 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-16 16:12 . 2014-07-16 16:12 -------- d-----w- c:\programdata\Malwarebytes
2014-07-16 16:12 . 2014-05-12 05:26 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-16 16:12 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-16 16:12 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-11 11:03 . 2014-07-11 11:03 -------- d-----w- c:\users\Niko\AppData\Roaming\OpenOffice
2014-07-11 11:02 . 2014-07-11 11:02 -------- d-----w- c:\program files (x86)\OpenOffice 4
2014-07-11 10:36 . 2014-07-11 10:37 -------- d-s---w- c:\windows\system32\CompatTel
2014-07-10 20:32 . 2010-06-02 02:55 239960 ----a-w- c:\windows\SysWow64\xactengine3_7.dll
2014-07-10 20:32 . 2010-06-02 02:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2014-07-10 20:32 . 2010-05-26 09:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2014-07-10 20:32 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll
2014-07-10 20:32 . 2010-02-04 08:01 78680 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2014-07-10 20:32 . 2010-02-04 08:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2014-07-10 20:32 . 2010-02-04 08:01 530776 ----a-w- c:\windows\system32\XAudio2_6.dll
2014-07-10 20:32 . 2010-02-04 08:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2014-07-10 20:32 . 2010-02-04 08:01 238936 ----a-w- c:\windows\SysWow64\xactengine3_6.dll
2014-07-10 20:32 . 2010-02-04 08:01 176984 ----a-w- c:\windows\system32\xactengine3_6.dll
2014-07-10 20:32 . 2010-02-04 08:01 24920 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2014-07-10 20:32 . 2010-02-04 08:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2014-07-10 20:30 . 2008-03-05 13:56 1860120 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2014-07-10 19:10 . 2014-07-21 10:30 -------- d-----w- c:\program files (x86)\Steam
2014-07-10 19:05 . 2014-07-18 12:24 -------- d-----w- c:\program files (x86)\Common Files\Steam
2014-07-09 15:03 . 2014-06-30 22:42 394240 ----a-w- c:\windows\system32\devinv.dll
2014-07-09 15:03 . 2014-06-30 22:42 87552 ----a-w- c:\windows\system32\aepic.dll
2014-07-09 15:03 . 2014-06-30 22:42 702464 ----a-w- c:\windows\system32\aepdu.dll
2014-07-09 15:03 . 2014-06-28 03:35 556544 ----a-w- c:\windows\system32\aeinv.dll
2014-07-09 13:17 . 2014-05-29 23:02 1281536 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 13:17 . 2014-05-29 23:31 452608 ----a-w- c:\windows\SysWow64\SHCore.dll
2014-07-09 13:17 . 2014-05-29 23:03 588288 ----a-w- c:\windows\system32\SHCore.dll
2014-07-09 13:17 . 2014-05-29 23:02 439808 ----a-w- c:\windows\system32\lsm.dll
2014-07-09 12:28 . 2014-06-06 14:06 596480 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 12:28 . 2014-06-06 10:17 497152 ----a-w- c:\windows\SysWow64\qedit.dll
2014-07-07 20:52 . 2014-07-07 20:52 -------- d-----w- c:\users\Niko\AppData\Local\WinZip
2014-07-04 11:03 . 2014-07-04 11:03 -------- d-----w- c:\users\Niko\AppData\Roaming\RealNetworks
2014-07-04 11:03 . 2014-07-04 11:03 -------- d-----w- c:\program files (x86)\RealNetworks
2014-07-04 11:03 . 2014-07-04 11:03 -------- d-----w- c:\programdata\RealNetworks
2014-07-04 11:02 . 2014-07-04 11:02 505416 ----a-w- c:\windows\SysWow64\msvcp71.dll
2014-07-04 11:02 . 2014-07-04 11:02 353864 ----a-w- c:\windows\SysWow64\msvcr71.dll
2014-07-03 14:35 . 2014-07-11 12:00 257704 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-06-21 20:55 . 2014-06-21 20:55 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-06-21 15:32 . 2014-06-21 15:32 -------- d-----w- c:\users\Niko\AppData\Local\Adobe
2014-06-21 15:27 . 2014-06-21 15:27 -------- d-----w- c:\program files (x86)\Common Files\Adobe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-11 01:00 . 2014-04-15 16:06 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-09 21:00 . 2014-04-09 01:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-06-26 20:53 . 2014-05-14 14:29 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-26 20:53 . 2014-05-14 14:29 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-19 19:27 . 2014-06-19 19:27 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-04 15:07 . 2014-06-04 15:07 34032 ----a-w- c:\windows\system32\drivers\seehcri.sys
2014-05-20 22:33 . 2014-05-20 22:33 734208 ----a-w- c:\windows\system32\MetroIntelGenericUIFramework.dll
2014-05-20 22:33 . 2014-05-20 22:33 358912 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2014-05-20 22:33 . 2014-05-20 22:33 294912 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2014-05-20 22:33 . 2014-05-20 22:33 278344 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2014-05-20 22:33 . 2014-05-20 22:33 182784 ----a-w- c:\windows\system32\igfxCoIn_v3621.dll
2014-05-20 22:33 . 2014-05-20 22:33 5120 ----a-w- c:\windows\system32\igfxLHMLibv2_0.dll
2014-05-20 22:33 . 2014-05-20 22:33 5120 ----a-w- c:\windows\system32\igfxLHMLib.dll
2014-05-20 22:33 . 2014-05-20 22:33 443720 ----a-w- c:\windows\system32\igfxTray.exe
2014-05-20 22:33 . 2014-05-20 22:33 373248 ----a-w- c:\windows\system32\igfxOSP.dll
2014-05-20 22:33 . 2014-05-20 22:33 31408 ----a-w- c:\windows\system32\igfxexps.dll
2014-05-20 22:33 . 2014-05-20 22:33 30720 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2014-05-20 22:33 . 2014-05-20 22:33 249856 ----a-w- c:\windows\system32\igfxLHM.dll
2014-05-20 22:33 . 2014-05-20 22:33 243528 ----a-w- c:\windows\system32\igfxHK.exe
2014-05-20 22:33 . 2014-05-20 22:33 218808 ----a-w- c:\windows\system32\iglhcp64.dll
2014-05-20 22:33 . 2014-05-20 22:33 190792 ----a-w- c:\windows\system32\igfxext.exe
2014-05-20 22:33 . 2014-05-20 22:33 183800 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2014-05-20 22:33 . 2014-05-20 22:33 1137080 ----a-w- c:\windows\system32\iglhsip64.dll
2014-05-20 22:33 . 2014-05-20 22:33 1132960 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2014-05-20 22:33 . 2014-05-20 22:33 70144 ----a-w- c:\windows\system32\igfxCUIServicePS.dll
2014-05-20 22:33 . 2014-05-20 22:33 69632 ----a-w- c:\windows\system32\igfxDHLibv2_0.dll
2014-05-20 22:33 . 2014-05-20 22:33 655360 ----a-w- c:\windows\system32\igfxDH.dll
2014-05-20 22:33 . 2014-05-20 22:33 57856 ----a-w- c:\windows\system32\igfxDHLib.dll
2014-05-20 22:33 . 2014-05-20 22:33 501064 ----a-w- c:\windows\system32\igfxEM.exe
2014-05-20 22:33 . 2014-05-20 22:33 314696 ----a-w- c:\windows\system32\igfxCUIService.exe
2014-05-20 22:33 . 2014-05-20 22:33 267264 ----a-w- c:\windows\system32\igfxDI.dll
2014-05-20 22:33 . 2014-05-20 22:33 212992 ----a-w- c:\windows\system32\igfxDTCM.dll
2014-05-20 22:33 . 2014-05-20 22:33 10752 ----a-w- c:\windows\system32\igfxDILib.dll
2014-05-20 22:33 . 2014-05-20 22:33 10240 ----a-w- c:\windows\system32\igfxEMLibv2_0.dll
2014-05-20 22:33 . 2014-05-20 22:33 10240 ----a-w- c:\windows\system32\igfxEMLib.dll
2014-05-20 22:33 . 2014-05-20 22:33 10240 ----a-w- c:\windows\system32\igfxDILibv2_0.dll
2014-05-20 22:33 . 2014-05-20 22:33 254976 ----a-w- c:\windows\system32\igfxCPL.cpl
2014-05-20 22:33 . 2014-05-20 22:33 2023936 ----a-w- c:\windows\system32\igfxcmjit64.dll
2014-05-20 22:33 . 2014-05-20 22:33 187408 ----a-w- c:\windows\system32\igfxcmrt64.dll
2014-05-20 22:33 . 2014-05-20 22:33 182784 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2014-05-20 22:33 . 2014-05-20 22:33 1755648 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2014-05-20 22:33 . 2014-05-20 22:33 158032 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2014-05-20 22:33 . 2014-05-20 22:33 155136 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
2014-05-20 22:33 . 2014-01-25 00:22 4590152 ----a-w- c:\windows\system32\igdusc64.dll
2014-05-20 22:33 . 2014-01-25 00:22 3658520 ----a-w- c:\windows\SysWow64\igdusc32.dll
2014-05-20 22:33 . 2014-05-20 22:33 16586584 ----a-w- c:\windows\system32\igdumdim64.dll
2014-05-20 22:33 . 2014-05-20 22:33 433560 ----a-w- c:\windows\system32\igdmd64.dll
2014-05-20 22:33 . 2014-05-20 22:33 348088 ----a-w- c:\windows\SysWow64\igdmd32.dll
2014-05-20 22:33 . 2014-05-20 22:33 1673216 ----a-w- c:\windows\system32\igdrcl64.dll
2014-05-20 22:33 . 2014-05-20 22:33 1551872 ----a-w- c:\windows\SysWow64\igdrcl32.dll
2014-05-20 22:33 . 2014-01-25 00:22 16114320 ----a-w- c:\windows\SysWow64\igdumdim32.dll
2014-05-20 22:33 . 2014-05-20 22:33 3791872 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2014-05-20 22:33 . 2014-05-20 22:33 23048704 ----a-w- c:\windows\system32\igdfcl64.dll
2014-05-20 22:33 . 2014-05-20 22:33 18032640 ----a-w- c:\windows\SysWow64\igdfcl32.dll
2014-05-20 22:33 . 2014-05-20 22:33 330240 ----a-w- c:\windows\system32\igdbcl64.dll
2014-05-20 22:33 . 2014-05-20 22:33 291328 ----a-w- c:\windows\SysWow64\igdbcl32.dll
2014-05-20 22:33 . 2014-05-20 22:33 223744 ----a-w- c:\windows\system32\igdde64.dll
2014-05-20 22:33 . 2014-05-20 22:33 183808 ----a-w- c:\windows\SysWow64\igdde32.dll
2014-05-20 22:33 . 2014-05-20 22:33 160256 ----a-w- c:\windows\system32\igdail64.dll
2014-05-20 22:33 . 2014-05-20 22:33 142848 ----a-w- c:\windows\SysWow64\igdail32.dll
2014-05-20 22:33 . 2014-01-25 00:22 17791136 ----a-w- c:\windows\system32\igd10iumd64.dll
2014-05-20 22:33 . 2014-05-20 22:33 8120320 ----a-w- c:\windows\system32\ig7icd64.dll
2014-05-20 22:33 . 2014-05-20 22:33 6364672 ----a-w- c:\windows\SysWow64\ig7icd32.dll
2014-05-20 22:33 . 2014-05-20 22:33 17409536 ----a-w- c:\windows\SysWow64\igd10iumd32.dll
2014-05-20 22:33 . 2014-05-20 22:33 4342088 ----a-w- c:\windows\system32\Gfxv4_0.exe
2014-05-20 22:33 . 2014-05-20 22:33 4338504 ----a-w- c:\windows\system32\Gfxv2_0.exe
2014-05-20 22:33 . 2014-05-20 22:33 929608 ----a-w- c:\windows\system32\GfxUIEx.exe
2014-05-20 22:33 . 2014-05-20 22:33 543560 ----a-w- c:\windows\system32\DPTopologyApp.exe
2014-05-20 22:33 . 2014-05-20 22:33 543048 ----a-w- c:\windows\system32\DPTopologyAppv2_0.exe
2014-05-20 22:33 . 2014-05-20 22:33 392520 ----a-w- c:\windows\system32\CustomModeApp.exe
2014-05-20 22:33 . 2014-05-20 22:33 392008 ----a-w- c:\windows\system32\CustomModeAppv2_0.exe
2014-05-20 22:33 . 2014-05-20 22:33 152392 ----a-w- c:\windows\system32\difx64.exe
2014-05-20 02:44 . 2014-05-31 13:10 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-05-20 02:44 . 2014-05-31 13:10 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2014-05-20 02:44 . 2014-05-31 13:10 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2014-05-20 02:44 . 2014-05-31 13:10 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-05-20 02:44 . 2014-05-31 13:10 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-05-20 02:44 . 2014-05-31 13:10 492376 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2014-05-20 02:44 . 2014-05-31 13:10 416712 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-05-20 02:44 . 2014-05-31 13:10 382240 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2014-05-20 02:44 . 2014-05-31 13:10 354016 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-05-20 02:44 . 2014-05-31 13:10 335704 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2014-05-20 02:44 . 2014-05-31 13:10 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2014-05-20 02:44 . 2014-05-31 13:10 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2014-05-20 02:44 . 2014-05-31 13:10 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-05-20 02:44 . 2014-05-31 13:10 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-05-20 02:44 . 2014-05-31 13:10 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2014-05-31 13:10 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-05-20 02:44 . 2014-05-31 13:10 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-05-20 02:44 . 2014-05-31 13:10 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2014-05-20 02:44 . 2014-05-31 13:09 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-05-20 02:44 . 2014-05-31 13:09 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2014-05-20 02:44 . 2014-05-31 13:09 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-05-20 02:44 . 2014-05-31 13:09 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-05-20 02:44 . 2014-05-31 13:09 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2014-05-20 02:44 . 2014-05-31 13:09 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-05-20 02:44 . 2014-05-31 13:09 1889112 ----a-w- c:\windows\system32\nvdispco6433788.dll
2014-05-20 02:44 . 2014-05-31 13:09 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-05-20 02:44 . 2014-05-31 13:09 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-05-20 02:44 . 2014-05-31 13:09 1541576 ----a-w- c:\windows\system32\nvdispgenco6433788.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
"LightShot"="c:\users\Niko\AppData\Local\Skillbrains\lightshot\Lightshot.exe" [2014-03-12 226592]
"ooVoo.exe"="c:\program files (x86)\ooVoo\oovoo.exe" [2014-03-25 36247104]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2014-05-23 466656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-09-12 56128]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-05-23 502328]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-05-08 959904]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2014-07-04 296520]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
.
c:\users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Niko\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
RealPlayer Cloud Service UI.lnk - c:\program files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe [2014-7-4 1022048]
SRS PC Sound.lnk - c:\program files\SRS Labs\SRS Control Panel\SRSPanel_64.exe /h [2012-5-8 2170752]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK32.EXE [2012-7-4 603536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk *\0\0sdnclean64.exe
.
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [x]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [x]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BthLEEnum;Bluetooth Low Energy Driver;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 ipadtst;ipadtst;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys [x]
R3 LcUvcUpper;LcUvcUpper Service;c:\windows\system32\DRIVERS\LcUvcUpper.sys;c:\windows\SYSNATIVE\DRIVERS\LcUvcUpper.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\SCM\MSIService.exe;c:\program files (x86)\SCM\MSIService.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel® Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NETwNe64;@oem7.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 8 64-Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\System32\drivers\seehcri.sys;c:\windows\SYSNATIVE\drivers\seehcri.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-19 13:23 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-661680978-1436471099-98317007-1002Core.job
- c:\users\Niko\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-18 11:34]
.
2014-07-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-661680978-1436471099-98317007-1002UA.job
- c:\users\Niko\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-18 11:34]
.
2014-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-16 13:18]
.
2014-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-16 13:18]
.
2014-07-21 c:\windows\Tasks\update-S-1-5-21-661680978-1436471099-98317007-1002.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2014-04-08 16:44]
.
2014-07-20 c:\windows\Tasks\update-sys.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2014-04-08 16:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2012-08-27 11577216]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-24 13662936]
"Radio Manager"="c:\program files (x86)\SCM\Radio Manager.exe" [2013-06-28 406920]
"SCM"="c:\program files (x86)\SCM\SCM.exe" [2013-06-28 410016]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send to Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
Wow6432Node-HKCU-Run-SearchProtection - c:\users\Niko\AppData\Roaming\Search Protection\SearchProtection.EXE
Wow6432Node-HKLM-Run-LifeCam - c:\program files (x86)\Microsoft LifeCam\LifeExp.exe
Notify-SDWinLogon - SDWinLogon.dll
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2014-07-21  14:07:09
ComboFix-quarantined-files.txt  2014-07-21 12:07
.
Vor Suchlauf: 315,551,629,312 bytes free
Nach Suchlauf: 315,386,114,048 bytes free
.
- - End Of File - - 739C6EEB37D57366ABFAC740282FD2FF
Link to post
Share on other sites
pepeace

pepeace

Posted
  • Author
Posted

Hey! My computer is going crazy in the last 2 weeks so i downloaded ComboFix because all other Malware-Cleaners i tried didnt do or fix anything. The thing is i dont know what all the things in the log file are so i wanted to ask if someone could help me encrypt this file  :P the log says that: 


 


ComboFix 14-07-21.01 - Niko 21-Jul-14  13:57:36.1.8 - x64

Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.8081.4994 [GMT 2:00]

ausgeführt von:: c:\users\Niko\Downloads\ComboFix.exe

SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\2328383708

c:\windows\SysWow64\DEBUG.log

.

.

(((((((((((((((((((((((   Dateien erstellt von 2014-06-21 bis 2014-07-21  ))))))))))))))))))))))))))))))

.

.

2014-07-21 10:34 . 2014-07-21 10:34 -------- d-----w- c:\programdata\Gibraltar

2014-07-19 20:30 . 2014-07-19 20:30 -------- d-----w- c:\programdata\Riot Games

2014-07-18 12:48 . 2014-07-21 11:52 -------- d-----w- c:\users\Niko\AppData\Roaming\Dropbox

2014-07-18 11:34 . 2014-07-18 11:34 -------- d-----w- c:\users\Niko\AppData\Local\Facebook

2014-07-17 17:03 . 2014-07-17 17:03 -------- d-----w- c:\program files\CCleaner

2014-07-17 14:30 . 2013-09-20 08:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe

2014-07-17 14:30 . 2014-07-21 11:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2014-07-17 14:30 . 2014-07-17 14:31 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2

2014-07-16 16:12 . 2014-07-21 11:33 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-07-16 16:12 . 2014-07-16 16:12 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware

2014-07-16 16:12 . 2014-07-16 16:12 -------- d-----w- c:\programdata\Malwarebytes

2014-07-16 16:12 . 2014-05-12 05:26 64216 ----a-w- c:\windows\system32\drivers\mwac.sys

2014-07-16 16:12 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2014-07-16 16:12 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-07-11 11:03 . 2014-07-11 11:03 -------- d-----w- c:\users\Niko\AppData\Roaming\OpenOffice

2014-07-11 11:02 . 2014-07-11 11:02 -------- d-----w- c:\program files (x86)\OpenOffice 4

2014-07-11 10:36 . 2014-07-11 10:37 -------- d-s---w- c:\windows\system32\CompatTel

2014-07-10 20:32 . 2010-06-02 02:55 239960 ----a-w- c:\windows\SysWow64\xactengine3_7.dll

2014-07-10 20:32 . 2010-06-02 02:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll

2014-07-10 20:32 . 2010-05-26 09:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll

2014-07-10 20:32 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll

2014-07-10 20:32 . 2010-02-04 08:01 78680 ----a-w- c:\windows\system32\XAPOFX1_4.dll

2014-07-10 20:32 . 2010-02-04 08:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll

2014-07-10 20:32 . 2010-02-04 08:01 530776 ----a-w- c:\windows\system32\XAudio2_6.dll

2014-07-10 20:32 . 2010-02-04 08:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll

2014-07-10 20:32 . 2010-02-04 08:01 238936 ----a-w- c:\windows\SysWow64\xactengine3_6.dll

2014-07-10 20:32 . 2010-02-04 08:01 176984 ----a-w- c:\windows\system32\xactengine3_6.dll

2014-07-10 20:32 . 2010-02-04 08:01 24920 ----a-w- c:\windows\system32\X3DAudio1_7.dll

2014-07-10 20:32 . 2010-02-04 08:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll

2014-07-10 20:30 . 2008-03-05 13:56 1860120 ----a-w- c:\windows\system32\D3DCompiler_37.dll

2014-07-10 19:10 . 2014-07-21 10:30 -------- d-----w- c:\program files (x86)\Steam

2014-07-10 19:05 . 2014-07-18 12:24 -------- d-----w- c:\program files (x86)\Common Files\Steam

2014-07-09 15:03 . 2014-06-30 22:42 394240 ----a-w- c:\windows\system32\devinv.dll

2014-07-09 15:03 . 2014-06-30 22:42 87552 ----a-w- c:\windows\system32\aepic.dll

2014-07-09 15:03 . 2014-06-30 22:42 702464 ----a-w- c:\windows\system32\aepdu.dll

2014-07-09 15:03 . 2014-06-28 03:35 556544 ----a-w- c:\windows\system32\aeinv.dll

2014-07-09 13:17 . 2014-05-29 23:02 1281536 ----a-w- c:\windows\system32\lsasrv.dll

2014-07-09 13:17 . 2014-05-29 23:31 452608 ----a-w- c:\windows\SysWow64\SHCore.dll

2014-07-09 13:17 . 2014-05-29 23:03 588288 ----a-w- c:\windows\system32\SHCore.dll

2014-07-09 13:17 . 2014-05-29 23:02 439808 ----a-w- c:\windows\system32\lsm.dll

2014-07-09 12:28 . 2014-06-06 14:06 596480 ----a-w- c:\windows\system32\qedit.dll

2014-07-09 12:28 . 2014-06-06 10:17 497152 ----a-w- c:\windows\SysWow64\qedit.dll

2014-07-07 20:52 . 2014-07-07 20:52 -------- d-----w- c:\users\Niko\AppData\Local\WinZip

2014-07-04 11:03 . 2014-07-04 11:03 -------- d-----w- c:\users\Niko\AppData\Roaming\RealNetworks

2014-07-04 11:03 . 2014-07-04 11:03 -------- d-----w- c:\program files (x86)\RealNetworks

2014-07-04 11:03 . 2014-07-04 11:03 -------- d-----w- c:\programdata\RealNetworks

2014-07-04 11:02 . 2014-07-04 11:02 505416 ----a-w- c:\windows\SysWow64\msvcp71.dll

2014-07-04 11:02 . 2014-07-04 11:02 353864 ----a-w- c:\windows\SysWow64\msvcr71.dll

2014-07-03 14:35 . 2014-07-11 12:00 257704 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin

2014-06-21 20:55 . 2014-06-21 20:55 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2014-06-21 15:32 . 2014-06-21 15:32 -------- d-----w- c:\users\Niko\AppData\Local\Adobe

2014-06-21 15:27 . 2014-06-21 15:27 -------- d-----w- c:\program files (x86)\Common Files\Adobe

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-07-11 01:00 . 2014-04-15 16:06 96441528 ----a-w- c:\windows\system32\MRT.exe

2014-07-09 21:00 . 2014-04-09 01:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin

2014-06-26 20:53 . 2014-05-14 14:29 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2014-06-26 20:53 . 2014-05-14 14:29 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-06-19 19:27 . 2014-06-19 19:27 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

2014-06-04 15:07 . 2014-06-04 15:07 34032 ----a-w- c:\windows\system32\drivers\seehcri.sys

2014-05-20 22:33 . 2014-05-20 22:33 734208 ----a-w- c:\windows\system32\MetroIntelGenericUIFramework.dll

2014-05-20 22:33 . 2014-05-20 22:33 358912 ----a-w- c:\windows\system32\IntelOpenCL64.dll

2014-05-20 22:33 . 2014-05-20 22:33 294912 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll

2014-05-20 22:33 . 2014-05-20 22:33 278344 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe

2014-05-20 22:33 . 2014-05-20 22:33 182784 ----a-w- c:\windows\system32\igfxCoIn_v3621.dll

2014-05-20 22:33 . 2014-05-20 22:33 5120 ----a-w- c:\windows\system32\igfxLHMLibv2_0.dll

2014-05-20 22:33 . 2014-05-20 22:33 5120 ----a-w- c:\windows\system32\igfxLHMLib.dll

2014-05-20 22:33 . 2014-05-20 22:33 443720 ----a-w- c:\windows\system32\igfxTray.exe

2014-05-20 22:33 . 2014-05-20 22:33 373248 ----a-w- c:\windows\system32\igfxOSP.dll

2014-05-20 22:33 . 2014-05-20 22:33 31408 ----a-w- c:\windows\system32\igfxexps.dll

2014-05-20 22:33 . 2014-05-20 22:33 30720 ----a-w- c:\windows\SysWow64\igfxexps32.dll

2014-05-20 22:33 . 2014-05-20 22:33 249856 ----a-w- c:\windows\system32\igfxLHM.dll

2014-05-20 22:33 . 2014-05-20 22:33 243528 ----a-w- c:\windows\system32\igfxHK.exe

2014-05-20 22:33 . 2014-05-20 22:33 218808 ----a-w- c:\windows\system32\iglhcp64.dll

2014-05-20 22:33 . 2014-05-20 22:33 190792 ----a-w- c:\windows\system32\igfxext.exe

2014-05-20 22:33 . 2014-05-20 22:33 183800 ----a-w- c:\windows\SysWow64\iglhcp32.dll

2014-05-20 22:33 . 2014-05-20 22:33 1137080 ----a-w- c:\windows\system32\iglhsip64.dll

2014-05-20 22:33 . 2014-05-20 22:33 1132960 ----a-w- c:\windows\SysWow64\iglhsip32.dll

2014-05-20 22:33 . 2014-05-20 22:33 70144 ----a-w- c:\windows\system32\igfxCUIServicePS.dll

2014-05-20 22:33 . 2014-05-20 22:33 69632 ----a-w- c:\windows\system32\igfxDHLibv2_0.dll

2014-05-20 22:33 . 2014-05-20 22:33 655360 ----a-w- c:\windows\system32\igfxDH.dll

2014-05-20 22:33 . 2014-05-20 22:33 57856 ----a-w- c:\windows\system32\igfxDHLib.dll

2014-05-20 22:33 . 2014-05-20 22:33 501064 ----a-w- c:\windows\system32\igfxEM.exe

2014-05-20 22:33 . 2014-05-20 22:33 314696 ----a-w- c:\windows\system32\igfxCUIService.exe

2014-05-20 22:33 . 2014-05-20 22:33 267264 ----a-w- c:\windows\system32\igfxDI.dll

2014-05-20 22:33 . 2014-05-20 22:33 212992 ----a-w- c:\windows\system32\igfxDTCM.dll

2014-05-20 22:33 . 2014-05-20 22:33 10752 ----a-w- c:\windows\system32\igfxDILib.dll

2014-05-20 22:33 . 2014-05-20 22:33 10240 ----a-w- c:\windows\system32\igfxEMLibv2_0.dll

2014-05-20 22:33 . 2014-05-20 22:33 10240 ----a-w- c:\windows\system32\igfxEMLib.dll

2014-05-20 22:33 . 2014-05-20 22:33 10240 ----a-w- c:\windows\system32\igfxDILibv2_0.dll

2014-05-20 22:33 . 2014-05-20 22:33 254976 ----a-w- c:\windows\system32\igfxCPL.cpl

2014-05-20 22:33 . 2014-05-20 22:33 2023936 ----a-w- c:\windows\system32\igfxcmjit64.dll

2014-05-20 22:33 . 2014-05-20 22:33 187408 ----a-w- c:\windows\system32\igfxcmrt64.dll

2014-05-20 22:33 . 2014-05-20 22:33 182784 ----a-w- c:\windows\system32\igfx11cmrt64.dll

2014-05-20 22:33 . 2014-05-20 22:33 1755648 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll

2014-05-20 22:33 . 2014-05-20 22:33 158032 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll

2014-05-20 22:33 . 2014-05-20 22:33 155136 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll

2014-05-20 22:33 . 2014-01-25 00:22 4590152 ----a-w- c:\windows\system32\igdusc64.dll

2014-05-20 22:33 . 2014-01-25 00:22 3658520 ----a-w- c:\windows\SysWow64\igdusc32.dll

2014-05-20 22:33 . 2014-05-20 22:33 16586584 ----a-w- c:\windows\system32\igdumdim64.dll

2014-05-20 22:33 . 2014-05-20 22:33 433560 ----a-w- c:\windows\system32\igdmd64.dll

2014-05-20 22:33 . 2014-05-20 22:33 348088 ----a-w- c:\windows\SysWow64\igdmd32.dll

2014-05-20 22:33 . 2014-05-20 22:33 1673216 ----a-w- c:\windows\system32\igdrcl64.dll

2014-05-20 22:33 . 2014-05-20 22:33 1551872 ----a-w- c:\windows\SysWow64\igdrcl32.dll

2014-05-20 22:33 . 2014-01-25 00:22 16114320 ----a-w- c:\windows\SysWow64\igdumdim32.dll

2014-05-20 22:33 . 2014-05-20 22:33 3791872 ----a-w- c:\windows\system32\drivers\igdkmd64.sys

2014-05-20 22:33 . 2014-05-20 22:33 23048704 ----a-w- c:\windows\system32\igdfcl64.dll

2014-05-20 22:33 . 2014-05-20 22:33 18032640 ----a-w- c:\windows\SysWow64\igdfcl32.dll

2014-05-20 22:33 . 2014-05-20 22:33 330240 ----a-w- c:\windows\system32\igdbcl64.dll

2014-05-20 22:33 . 2014-05-20 22:33 291328 ----a-w- c:\windows\SysWow64\igdbcl32.dll

2014-05-20 22:33 . 2014-05-20 22:33 223744 ----a-w- c:\windows\system32\igdde64.dll

2014-05-20 22:33 . 2014-05-20 22:33 183808 ----a-w- c:\windows\SysWow64\igdde32.dll

2014-05-20 22:33 . 2014-05-20 22:33 160256 ----a-w- c:\windows\system32\igdail64.dll

2014-05-20 22:33 . 2014-05-20 22:33 142848 ----a-w- c:\windows\SysWow64\igdail32.dll

2014-05-20 22:33 . 2014-01-25 00:22 17791136 ----a-w- c:\windows\system32\igd10iumd64.dll

2014-05-20 22:33 . 2014-05-20 22:33 8120320 ----a-w- c:\windows\system32\ig7icd64.dll

2014-05-20 22:33 . 2014-05-20 22:33 6364672 ----a-w- c:\windows\SysWow64\ig7icd32.dll

2014-05-20 22:33 . 2014-05-20 22:33 17409536 ----a-w- c:\windows\SysWow64\igd10iumd32.dll

2014-05-20 22:33 . 2014-05-20 22:33 4342088 ----a-w- c:\windows\system32\Gfxv4_0.exe

2014-05-20 22:33 . 2014-05-20 22:33 4338504 ----a-w- c:\windows\system32\Gfxv2_0.exe

2014-05-20 22:33 . 2014-05-20 22:33 929608 ----a-w- c:\windows\system32\GfxUIEx.exe

2014-05-20 22:33 . 2014-05-20 22:33 543560 ----a-w- c:\windows\system32\DPTopologyApp.exe

2014-05-20 22:33 . 2014-05-20 22:33 543048 ----a-w- c:\windows\system32\DPTopologyAppv2_0.exe

2014-05-20 22:33 . 2014-05-20 22:33 392520 ----a-w- c:\windows\system32\CustomModeApp.exe

2014-05-20 22:33 . 2014-05-20 22:33 392008 ----a-w- c:\windows\system32\CustomModeAppv2_0.exe

2014-05-20 22:33 . 2014-05-20 22:33 152392 ----a-w- c:\windows\system32\difx64.exe

2014-05-20 02:44 . 2014-05-31 13:10 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll

2014-05-20 02:44 . 2014-05-31 13:10 895776 ----a-w- c:\windows\system32\NvIFR64.dll

2014-05-20 02:44 . 2014-05-31 13:10 892704 ----a-w- c:\windows\system32\NvFBC64.dll

2014-05-20 02:44 . 2014-05-31 13:10 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll

2014-05-20 02:44 . 2014-05-31 13:10 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll

2014-05-20 02:44 . 2014-05-31 13:10 492376 ----a-w- c:\windows\system32\nvEncodeAPI64.dll

2014-05-20 02:44 . 2014-05-31 13:10 416712 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll

2014-05-20 02:44 . 2014-05-31 13:10 382240 ----a-w- c:\windows\system32\NvIFROpenGL.dll

2014-05-20 02:44 . 2014-05-31 13:10 354016 ----a-w- c:\windows\system32\nvoglshim64.dll

2014-05-20 02:44 . 2014-05-31 13:10 335704 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll

2014-05-20 02:44 . 2014-05-31 13:10 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys

2014-05-20 02:44 . 2014-05-31 13:10 31387936 ----a-w- c:\windows\system32\nvoglv64.dll

2014-05-20 02:44 . 2014-05-31 13:10 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll

2014-05-20 02:44 . 2014-05-31 13:10 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2014-05-20 02:44 . 2014-05-31 13:10 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll

2014-05-20 02:44 . 2014-05-31 13:10 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2014-05-20 02:44 . 2014-05-31 13:10 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2014-05-20 02:44 . 2014-05-31 13:10 11599072 ----a-w- c:\windows\system32\nvopencl.dll

2014-05-20 02:44 . 2014-05-31 13:09 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll

2014-05-20 02:44 . 2014-05-31 13:09 3141976 ----a-w- c:\windows\system32\nvcuvid.dll

2014-05-20 02:44 . 2014-05-31 13:09 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2014-05-20 02:44 . 2014-05-31 13:09 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll

2014-05-20 02:44 . 2014-05-31 13:09 25256224 ----a-w- c:\windows\system32\nvcompiler.dll

2014-05-20 02:44 . 2014-05-31 13:09 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2014-05-20 02:44 . 2014-05-31 13:09 1889112 ----a-w- c:\windows\system32\nvdispco6433788.dll

2014-05-20 02:44 . 2014-05-31 13:09 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2014-05-20 02:44 . 2014-05-31 13:09 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll

2014-05-20 02:44 . 2014-05-31 13:09 1541576 ----a-w- c:\windows\system32\nvdispgenco6433788.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 131248 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 131248 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 131248 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]

"LightShot"="c:\users\Niko\AppData\Local\Skillbrains\lightshot\Lightshot.exe" [2014-03-12 226592]

"ooVoo.exe"="c:\program files (x86)\ooVoo\oovoo.exe" [2014-03-25 36247104]

"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2014-05-23 466656]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-09-12 56128]

"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-05-23 502328]

"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-05-08 959904]

"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2014-07-04 296520]

"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]

.

c:\users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Niko\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\

RealPlayer Cloud Service UI.lnk - c:\program files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe [2014-7-4 1022048]

SRS PC Sound.lnk - c:\program files\SRS Labs\SRS Control Panel\SRSPanel_64.exe /h [2012-5-8 2170752]

WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK32.EXE [2012-7-4 603536]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"PromptOnSecureDesktop"= 0 (0x0)

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableCursorSuppression"= 1 (0x1)

"ConsentPromptBehaviorUser"= 3 (0x3)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ   autocheck autochk *\0\0sdnclean64.exe

.

R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]

R2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [x]

R2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [x]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]

R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 BthLEEnum;Bluetooth Low Energy Driver;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]

R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]

R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]

R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]

R3 ipadtst;ipadtst;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys [x]

R3 LcUvcUpper;LcUvcUpper Service;c:\windows\system32\DRIVERS\LcUvcUpper.sys;c:\windows\SYSNATIVE\DRIVERS\LcUvcUpper.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]

R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]

R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]

S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]

S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]

S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\SCM\MSIService.exe;c:\program files (x86)\SCM\MSIService.exe [x]

S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]

S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]

S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]

S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]

S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]

S3 IntcDAud;Intel® Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]

S3 NETwNe64;@oem7.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 8 64-Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]

S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]

S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]

S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]

S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\System32\drivers\seehcri.sys;c:\windows\SYSNATIVE\drivers\seehcri.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-07-19 13:23 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe

.

Inhalt des "geplante Tasks" Ordners

.

2014-07-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-661680978-1436471099-98317007-1002Core.job

- c:\users\Niko\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-18 11:34]

.

2014-07-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-661680978-1436471099-98317007-1002UA.job

- c:\users\Niko\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-18 11:34]

.

2014-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-16 13:18]

.

2014-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-16 13:18]

.

2014-07-21 c:\windows\Tasks\update-S-1-5-21-661680978-1436471099-98317007-1002.job

- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2014-04-08 16:44]

.

2014-07-20 c:\windows\Tasks\update-sys.job

- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2014-04-08 16:44]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 164016 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 164016 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 164016 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09 164016 ----a-w- c:\users\Niko\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2012-08-27 11577216]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-24 13662936]

"Radio Manager"="c:\program files (x86)\SCM\Radio Manager.exe" [2013-06-28 406920]

"SCM"="c:\program files (x86)\SCM\SCM.exe" [2013-06-28 410016]

"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]

"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = www.google.com

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: Send to Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm

Trusted Zone: alipay.com

Trusted Zone: alisoft.com

Trusted Zone: taobao.com

TCP: DhcpNameServer = 192.168.2.1

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)

ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)

ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)

Wow6432Node-HKCU-Run-SearchProtection - c:\users\Niko\AppData\Roaming\Search Protection\SearchProtection.EXE

Wow6432Node-HKLM-Run-LifeCam - c:\program files (x86)\Microsoft LifeCam\LifeExp.exe

Notify-SDWinLogon - SDWinLogon.dll

ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)

ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)

ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)

HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe

HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]

"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

@SACL=(02 0000)

.

Zeit der Fertigstellung: 2014-07-21  14:07:09

ComboFix-quarantined-files.txt  2014-07-21 12:07

.

Vor Suchlauf: 315,551,629,312 bytes free

Nach Suchlauf: 315,386,114,048 bytes free

.

- - End Of File - - 739C6EEB37D57366ABFAC740282FD2FF

Link to post
Share on other sites
TwinHeadedEagle

TwinHeadedEagle

Posted
Posted

Hello,
    

They call me TwinHeadedEagle around here, and I'll be working with you.

    

    
Before we start please read and note the following:
    
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Do not paste the logs in your posts, attachments make my work easier. There is a Attach Files option below which you can use to attach your reports. Always attach reports from all tools.
icon_arrow.gif Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.
icon_arrow.gif Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
icon_arrow.gif If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
    
icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!
 

 

WARNING!!! ComboFix is complex and very powerfull tool, that is able to destroy your system completely if run in wrong hands. It is not intended for everyday use. It should be run only when asked and under guidance by trained malware removal expert. Don't run ComboFix on your own!!!

 

 

 

Tell me what problems do you have?

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept