ComboFix 08-01-23.1C - User 2008-01-27 12:39:25.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1031.18.1673 [GMT 1:00]
ausgeführt von:: C:\Dokumente und Einstellungen\User\Desktop\ComboFix.exe
 * Neuer Wiederherstellungspunkt wurde erstellt

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

(((((((((((((((((((((((   Dateien erstellt von 2007-12-27 bis 2008-01-27  ))))))))))))))))))))))))))))))
.

2008-01-27 12:39 . 2000-08-31 08:00	51,200	--a------	C:\WINDOWS\Nircmd.exe
2008-01-27 11:09 . 2008-01-27 11:11	<DIR>	d--h-----	C:\WINDOWS\PIF
2008-01-26 12:46 . 2008-01-26 12:46	<DIR>	d--------	C:\WINDOWS\system32\Kaspersky Lab
2008-01-22 14:33 . 2007-05-16 16:45	3,497,832	--a------	C:\WINDOWS\system32\d3dx9_34.dll
2008-01-22 14:33 . 2007-05-16 16:45	1,124,720	--a------	C:\WINDOWS\system32\D3DCompiler_34.dll
2008-01-22 14:33 . 2007-05-16 16:45	443,752	--a------	C:\WINDOWS\system32\d3dx10_34.dll
2008-01-22 14:26 . 2008-01-22 14:26	<DIR>	d--------	C:\Programme\Flagship Studios
2008-01-20 12:24 . 2008-01-20 12:24	156	--a------	C:\WINDOWS\WLP.ini
2008-01-15 15:39 . 2008-01-15 15:36	4,314	--a------	C:\Hellgate London.mds
2008-01-15 14:18 . 2008-01-15 14:18	<DIR>	d--------	C:\Programme\Alcohol Soft
2008-01-15 13:45 . 2008-01-15 13:46	<DIR>	d--------	C:\Hellgate_London_GERMAN-GENESIS
2008-01-15 13:44 . 2008-01-15 13:44	639,224	--a------	C:\WINDOWS\system32\drivers\sptd.sys
2008-01-10 10:59 . 2008-01-10 10:59	<DIR>	d--------	C:\Programme\Monte Cristo
2008-01-09 19:23 . 2008-01-09 19:23	<DIR>	d--------	C:\Programme\Enlight
2008-01-09 12:37 . 2008-01-09 12:37	<DIR>	d--------	C:\Programme\Gemeinsame Dateien\DirectX
2008-01-08 10:55 . 2008-01-08 10:55	<DIR>	d--------	C:\Programme\Reality Pump
2008-01-07 19:34 . 1994-08-24 01:00	188,960	---------	C:\WINDOWS\system\WingDe.dll
2008-01-07 19:34 . 1994-09-21 01:00	92,208	---------	C:\WINDOWS\system\Wing.dll
2008-01-07 19:34 . 1994-09-21 01:00	12,800	---------	C:\WINDOWS\system\Wing32.dll
2008-01-07 19:34 . 1995-07-28 15:00	9,785	---------	C:\WINDOWS\system\DVA.386
2008-01-07 19:34 . 1994-09-21 01:00	6,736	---------	C:\WINDOWS\system\WingDib.drv
2008-01-07 19:34 . 1994-09-21 01:00	5,024	---------	C:\WINDOWS\system\WingPal.wnd
2008-01-07 19:32 . 2008-01-20 12:23	<DIR>	d--------	C:\Programme\Wildlife Park
2008-01-06 11:29 . 2008-01-06 11:29	<DIR>	d--------	C:\Programme\ZOO Digital Publishing
2008-01-03 17:00 . 2008-01-03 17:00	<DIR>	d--------	C:\Programme\Java
2008-01-03 17:00 . 2007-09-24 23:31	69,632	--a------	C:\WINDOWS\system32\javacpl.cpl
2008-01-03 16:59 . 2008-01-03 16:59	<DIR>	d--------	C:\Programme\Gemeinsame Dateien\Java
2007-12-31 22:53 . 2007-12-31 22:53	<DIR>	d--------	C:\Program Files
2007-12-31 22:53 . 2006-08-17 02:46	139,264	--a------	C:\WINDOWS\NeoUninstall.exe
2007-12-31 22:53 . 2007-12-31 23:23	26	--a------	C:\WINDOWS\neosetup.INI
2007-12-27 19:47 . 2007-12-27 20:10	<DIR>	d--------	C:\Programme\World of Warcraft
2007-12-27 19:47 . 2007-12-27 19:47	<DIR>	d--------	C:\Programme\Gemeinsame Dateien\Blizzard Entertainment
2007-12-27 18:44 . 2004-03-14 21:39	73,728	--a------	C:\WINDOWS\system32\GkSui18.EXE

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-22 13:37	107,888	----a-w	C:\WINDOWS\system32\CmdLineExt.dll
2008-01-20 11:22	---------	d--h--w	C:\Programme\InstallShield Installation Information
2008-01-20 11:22	---------	d-----w	C:\Programme\Gemeinsame Dateien\InstallShield
2008-01-10 09:55	---------	d-----w	C:\Programme\Windows Media Connect 2
2007-12-30 13:25	---------	d-----w	C:\Programme\Warcraft III
2007-12-23 15:45	126,976	----a-w	C:\WINDOWS\War3Unin.exe
2007-12-23 14:49	---------	d-----w	C:\Programme\TuneUp Utilities 2007
2007-12-23 14:48	---------	d-----w	C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2007-12-23 02:09	---------	d-----w	C:\Programme\xchat
2007-12-22 17:37	---------	d-----w	C:\Programme\Google
2007-12-22 07:04	---------	d-----w	C:\Programme\ICQ6
2007-12-21 19:19	221,184	----a-w	C:\WINDOWS\system32\UAService7.exe
2007-12-21 19:18	---------	d-----w	C:\Programme\Atari
2007-12-21 14:15	---------	d-----w	C:\Programme\Electronic Arts
2007-12-21 14:05	---------	d-----w	C:\Programme\Gemeinsame Dateien\AVM
2007-12-21 14:05	---------	d-----w	C:\Programme\FRITZ!DSL
2007-12-21 14:05	---------	d-----w	C:\Programme\FRITZ!BoxPrint
2007-12-21 14:05	---------	d-----w	C:\Programme\FRITZ!Box
2007-12-21 13:55	---------	d-----w	C:\Programme\avmwlanstick
2007-12-20 17:09	---------	d-----w	C:\Programme\Gemeinsame Dateien\Adobe
2007-12-20 16:50	---------	d-----w	C:\Programme\Avira
2007-12-20 16:49	---------	d-----w	C:\Programme\OpenOffice.org 2.3
2007-12-20 16:45	69,632	----a-w	C:\WINDOWS\uinst001.exe
2007-12-20 16:44	---------	d-----w	C:\Programme\Gemeinsame Dateien\Ahead
2007-12-20 16:42	---------	d-----w	C:\Programme\Nero
2007-12-20 16:13	---------	d-----w	C:\Programme\MSBuild
2007-12-20 16:11	---------	d-----w	C:\Programme\Reference Assemblies
2007-12-20 15:16	315,392	----a-w	C:\WINDOWS\HideWin.exe
2007-12-20 15:16	---------	d-----w	C:\Programme\Realtek
2007-12-20 15:14	---------	d-----w	C:\Programme\Intel
2007-12-20 15:07	---------	d--h--w	C:\Programme\Uninstall Information
2007-12-20 14:54	---------	d-----w	C:\Programme\MSXML 6.0
2007-12-20 14:54	---------	d-----w	C:\Programme\MSXML 4.0
2007-12-20 14:54	---------	d-----w	C:\Programme\microsoft frontpage
2007-12-20 14:53	---------	d-----w	C:\Programme\Online-Dienste
2007-12-20 14:52	---------	d-----w	C:\Programme\Gemeinsame Dateien\MSSoap
2007-12-20 14:52	---------	d-----w	C:\Programme\Gemeinsame Dateien\Dienste
2007-12-20 14:39	---------	d-----w	C:\Programme\Gemeinsame Dateien\SpeechEngines
2007-12-20 14:39	---------	d-----w	C:\Programme\Gemeinsame Dateien\ODBC
2007-11-13 20:23	59,392	----a-w	C:\WINDOWS\system32\dmutil.dll
2007-11-13 20:23	52,736	----a-w	C:\WINDOWS\system32\wzcsapi.dll
2007-11-13 20:23	51,712	----a-w	C:\WINDOWS\system32\cnbjmon.dll
2007-11-13 20:23	476,160	----a-w	C:\WINDOWS\system32\wzcsvc.dll
2007-11-13 20:23	47,616	----a-w	C:\WINDOWS\system32\iyuv_32.dll
2007-11-13 20:23	35,328	----a-w	C:\WINDOWS\system32\pid.dll
2007-11-13 20:23	20,992	----a-w	C:\WINDOWS\system32\hid.dll
2007-11-13 20:23	2,019,840	----a-w	C:\WINDOWS\system32\ntkrnlpa.exe
2007-11-13 20:23	17,408	----a-w	C:\WINDOWS\system32\msyuv.dll
2007-11-13 20:23	15,360	----a-w	C:\WINDOWS\system32\pjlmon.dll
2007-11-13 20:23	1,548,288	----a-w	C:\WINDOWS\system32\sfcfiles.dll
2007-11-13 20:21	86,073	----a-w	C:\WINDOWS\system32\usrfaxa.dll
2007-11-13 20:21	8,192	----a-w	C:\WINDOWS\system32\tsbyuv.dll
2007-11-13 20:21	8,192	----a-w	C:\WINDOWS\system32\streamci.dll
2007-11-13 20:21	77,891	----a-w	C:\WINDOWS\system32\usrmlnka.exe
2007-11-13 20:21	77,890	----a-w	C:\WINDOWS\system32\usrdpa.dll
2007-11-13 20:21	77,883	----a-w	C:\WINDOWS\system32\usrrtosa.dll
2007-11-13 20:21	72,192	----a-w	C:\WINDOWS\system32\sprio800.dll
2007-11-13 20:21	70,656	----a-w	C:\WINDOWS\system32\sprio600.dll
2007-11-13 20:21	69,700	----a-w	C:\WINDOWS\system32\usrshuta.exe
2007-11-13 20:21	69,699	----a-w	C:\WINDOWS\system32\usrcoina.dll
2007-11-13 20:21	69,632	----a-w	C:\WINDOWS\system32\spnike.dll
2007-11-13 20:21	61,508	----a-w	C:\WINDOWS\system32\usrprbda.exe
2007-11-13 20:21	61,500	----a-w	C:\WINDOWS\system32\usrcntra.dll
2007-11-13 20:21	57,856	----a-w	C:\WINDOWS\system32\dvdplay.exe
2007-11-13 20:21	53,305	----a-w	C:\WINDOWS\system32\usrlbva.dll
2007-11-13 20:21	49,211	----a-w	C:\WINDOWS\system32\usrvpa.dll
2007-11-13 20:21	49,211	----a-w	C:\WINDOWS\system32\usrsdpia.dll
2007-11-13 20:21	49,209	----a-w	C:\WINDOWS\system32\usrv80a.dll
2007-11-13 20:21	45,116	----a-w	C:\WINDOWS\system32\usrvoica.dll
2007-11-13 20:21	41,019	----a-w	C:\WINDOWS\system32\usrsvpia.dll
2007-11-13 20:21	323,641	----a-w	C:\WINDOWS\system32\usrdtea.dll
2007-11-13 20:21	3,200	----a-w	C:\WINDOWS\system32\wowfax.dll
2007-11-13 20:21	157,696	----a-w	C:\WINDOWS\system32\paqsp.dll
2007-11-13 20:21	147,968	----a-w	C:\WINDOWS\system32\mdwmdmsp.dll
2007-11-13 20:21	14,336	----a-w	C:\WINDOWS\system32\wowfaxui.dll
2007-11-13 20:21	102,457	----a-w	C:\WINDOWS\system32\usrv42a.dll
2007-11-13 20:12	998,912	----a-w	C:\WINDOWS\system32\syssetup.dll
2007-11-13 20:12	282,112	----a-w	C:\WINDOWS\system32\gdi32.dll
2007-11-13 20:12	1,036,288	----a-w	C:\WINDOWS\explorer.exe
2007-11-13 20:11	293,376	----a-w	C:\WINDOWS\system32\winsrv.dll
2007-11-13 20:11	2,140,160	----a-w	C:\WINDOWS\system32\ntoskrnl.exe
2007-11-13 20:11	185,856	----a-w	C:\WINDOWS\system32\upnphost.dll
2007-11-13 20:11	144,896	----a-w	C:\WINDOWS\system32\schannel.dll
2007-11-13 20:11	1,104,896	----a-w	C:\WINDOWS\system32\msxml3.dll
2007-11-13 20:10	981,760	----a-w	C:\WINDOWS\system32\mfc42u.dll
2007-11-13 20:10	927,504	----a-w	C:\WINDOWS\system32\mfc40u.dll
2007-11-13 20:10	73,216	----a-w	C:\WINDOWS\system32\magnify.exe
2007-11-13 20:10	715,776	----a-w	C:\WINDOWS\system32\sxs.dll
2007-11-13 20:10	579,584	----a-w	C:\WINDOWS\system32\user32.dll
2007-11-13 20:10	55,296	----a-w	C:\WINDOWS\system32\narrator.exe
2007-11-13 20:10	50,176	----a-w	C:\WINDOWS\system32\utilman.exe
2007-11-13 20:10	40,960	----a-w	C:\WINDOWS\system32\mf3216.dll
2007-11-13 20:10	36,352	----a-w	C:\WINDOWS\system32\umandlg.dll
2007-11-13 20:10	216,576	----a-w	C:\WINDOWS\system32\osk.exe
2007-11-13 20:10	2,854,400	----a-w	C:\WINDOWS\system32\msi.dll
2007-11-13 20:10	132,096	----a-w	C:\WINDOWS\system32\wkssvc.dll
2007-11-13 20:10	126,976	----a-w	C:\WINDOWS\system32\oledlg.dll
2007-11-13 20:10	1,844,096	----a-w	C:\WINDOWS\system32\win32k.sys
2007-11-13 20:09	72,704	----a-w	C:\WINDOWS\system32\hlink.dll
2007-11-13 20:09	69,120	----a-w	C:\WINDOWS\system32\ciodm.dll
.

((((((((((((((((((((((((((((   Autostart Punkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 22:57 15360]
"ICQ"="C:\Programme\ICQ6\ICQ.exe" [2007-11-21 01:47 172280]
"swg"="C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-22 18:37 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16:28 16126464 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2007-04-04 18:22 1822720 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-11-06 10:30 8523776]
"nwiz"="nwiz.exe" [2007-11-06 10:30 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-11-06 10:30 81920]
"NeroFilterCheck"="C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"avgnt"="C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-20 19:38 249896]
"Adobe Reader Speed Launcher"="C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"AVMWlanClient"="C:\Programme\avmwlanstick\FRITZWLANMini.exe" [2006-04-20 15:47 323584]
"SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"

R2 UxTuneUp;TuneUp Designerweiterung;C:\WINDOWS\System32\svchost.exe [2004-08-03 22:58]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;C:\WINDOWS\system32\DRIVERS\l151x86.sys [2007-07-03 12:06]
S3 FWLANUSB;AVM FRITZ!WLAN;C:\WINDOWS\system32\DRIVERS\fwlanusb.sys [2006-04-06 01:00]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{559c0630-afcc-11dc-989d-001d607d453e}]
\Shell\AutoRun\command - H:\pushinst.exe

*Newly Created Service* - PROCEXP90 
.
Inhalt des "geplante Tasks" Ordners
"2008-01-04 16:15:33 C:\WINDOWS\Tasks\1-Klick-Wartung.job"
- C:\Programme\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-27 12:40:09
Windows 5.1.2600 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostart Einträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen 
versteckte Dateien: 0 

**************************************************************************
.
Zeit der Fertigstellung: 2008-01-27 12:40:20
.
2008-01-09 17:24:38	--- E O F ---