Updateprobleme jeweder Software(Nach Internet Security 2011 befall)

Flow-De · 26.06.2011, 18:15

Moin,

wenn es dir nicht soviel umstand macht, würde ich gerne wissen was dieses script bewirken soll? Laut Combofix sollen noch Antivir Guard etc. aktiviert sein, aber dieses Programm ist schon längere zeit deinstalliert. Wohlmöglich reste in der Registry... was mich aber stört ist das Combofix sagt es wird ausgeführt. Unter den Prozessen konnte ich nichts von Antivir finden. Durch 2-3 mal ok klicken lief Combofix trotzdem.

Der Rechner hat auch nicht neugestartet. Hier das Log:

Code:

ATTFilter

ComboFix 11-06-23.01 - Justin 26.06.2011  18:54:39.2.4 - x64
Microsoft Windows 7 Professional   6.1.7600.0.1252.49.1031.18.6142.4729 [GMT 2:00]
ausgeführt von:: c:\users\Justin\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Justin\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-05-26 bis 2011-06-26  ))))))))))))))))))))))))))))))
.
.
2011-06-26 16:59 . 2011-06-26 16:59	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-06-23 21:54 . 2011-05-29 07:11	39984	----a-w-	c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-23 21:54 . 2011-06-23 21:54	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-06-23 20:25 . 2011-06-23 20:25	--------	d-----w-	c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-06-23 20:24 . 2011-06-23 20:24	--------	d-----w-	c:\program files\Enigma Software Group
2011-06-23 20:23 . 2011-06-23 20:43	--------	d-----w-	c:\windows\1226A4C56F274C4EAE372B5512DE125A.TMP
2011-06-23 20:23 . 2011-06-23 20:23	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2011-06-23 20:18 . 2011-06-23 20:18	--------	d-----w-	c:\users\Justin\AppData\Local\PackageAware
2011-06-23 10:34 . 2011-06-23 10:35	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2011-06-23 10:27 . 2011-06-23 10:55	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2011-06-23 10:27 . 2011-06-23 10:55	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2011-06-23 10:19 . 2011-06-23 10:19	2106216	----a-w-	c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-06-23 10:19 . 2011-06-23 10:19	1998168	----a-w-	c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-06-22 09:10 . 2011-06-24 07:55	270632	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2011-06-22 09:10 . 2011-06-23 11:18	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2011-06-21 21:40 . 2011-06-21 21:46	--------	d-----w-	c:\users\test
2011-06-21 20:15 . 2011-06-21 20:15	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2011-06-21 20:15 . 2011-06-21 20:15	--------	d-----w-	c:\program files\Microsoft Security Client
2011-06-21 09:07 . 2011-06-21 09:07	--------	d-----w-	c:\users\Justin\AppData\Local\{AEC54154-E298-420C-A62F-65063180C5A8}
2011-06-20 16:18 . 2011-06-20 16:18	--------	d-----w-	c:\users\Justin\AppData\Local\{CF0E8247-F42B-4A51-892E-2486920F1522}
2011-06-20 15:28 . 2011-06-20 15:28	--------	d-----w-	c:\program files (x86)\TeamSpeak 3 Client
2011-06-20 10:44 . 2011-06-20 10:44	--------	d-----w-	c:\users\Justin\AppData\Local\{08FF1306-6C83-4A00-812F-64BEAF6035B0}
2011-06-20 02:35 . 2010-04-09 11:06	374664	----a-w-	c:\windows\system32\drivers\netio.sys
2011-06-20 01:17 . 2011-06-20 01:17	--------	d-----w-	C:\avktmp
2011-06-19 22:52 . 2011-06-20 02:14	--------	d-----w-	c:\programdata\nE28247HgJmF28247
2011-06-19 21:45 . 2011-06-19 21:45	--------	d-----w-	c:\users\Justin\AppData\Local\{3B49D928-1761-44FE-B5B1-819147491BC0}
2011-06-19 09:44 . 2011-06-19 09:44	--------	d-----w-	c:\users\Justin\AppData\Local\{765EC9CA-2B70-4E60-8472-93EB2F03D312}
2011-06-18 23:50 . 2011-06-18 23:50	--------	d-----w-	c:\windows\system32\EventProviders
2011-06-18 13:16 . 2011-06-18 13:17	--------	d-----w-	c:\users\Justin\AppData\Local\{9458BF69-934D-485C-9E06-69768D52B77E}
2011-06-17 08:32 . 2011-05-09 22:00	8718160	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A1D42E87-0FE9-444A-AECB-F5A9B8D403D9}\mpengine.dll
2011-06-17 08:30 . 2011-06-17 08:30	--------	d-----w-	c:\users\Justin\AppData\Local\{0BEF3957-B07A-402A-94DB-EAEADE8B76D9}
2011-06-16 09:46 . 2011-06-16 09:46	--------	d-----w-	c:\users\Justin\AppData\Local\{A2A7DF3F-3095-471B-997C-297E5993AA49}
2011-06-15 21:46 . 2011-06-15 21:46	--------	d-----w-	c:\users\Justin\AppData\Local\{1C077B33-3059-4718-959D-A9F0FB4F3647}
2011-06-15 19:58 . 2011-04-27 02:57	102400	----a-w-	c:\windows\system32\drivers\dfsc.sys
2011-06-15 19:58 . 2011-04-25 05:32	1896832	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-06-15 19:58 . 2011-04-25 02:44	499712	----a-w-	c:\windows\system32\drivers\afd.sys
2011-06-15 19:58 . 2011-05-04 02:51	287744	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 19:58 . 2011-05-04 02:51	157696	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-06-15 19:58 . 2011-05-04 02:51	126464	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 19:58 . 2011-05-28 03:07	3133952	----a-w-	c:\windows\system32\win32k.sys
2011-06-15 19:57 . 2011-01-17 06:17	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2011-06-15 19:57 . 2011-01-17 05:38	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2011-06-15 19:57 . 2011-04-29 03:13	461312	----a-w-	c:\windows\system32\drivers\srv.sys
2011-06-15 19:57 . 2011-04-29 03:12	399872	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-06-15 19:57 . 2011-04-29 03:12	161792	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-06-15 19:57 . 2010-12-18 06:13	861184	----a-w-	c:\windows\system32\oleaut32.dll
2011-06-15 19:57 . 2010-12-18 05:31	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2011-06-15 19:57 . 2011-05-03 05:21	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-06-15 19:57 . 2011-05-03 04:50	740864	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-06-15 09:45 . 2011-06-15 09:46	--------	d-----w-	c:\users\Justin\AppData\Local\{DD28D64C-99FD-495C-9701-FC4FA281B470}
2011-06-14 21:45 . 2011-06-14 21:45	--------	d-----w-	c:\users\Justin\AppData\Local\{9F50A274-932B-428A-89FC-941540AECDFF}
2011-06-14 09:45 . 2011-06-14 09:45	--------	d-----w-	c:\users\Justin\AppData\Local\{52EDC7F5-E92D-4C26-8D0F-D38856C8492A}
2011-06-13 21:44 . 2011-06-13 21:45	--------	d-----w-	c:\users\Justin\AppData\Local\{F810E773-FC2D-4658-8AB0-E5CAD996447B}
2011-06-13 15:01 . 2011-06-13 15:01	--------	d-----w-	c:\program files\CrystalDiskMark
2011-06-13 14:56 . 2011-06-13 14:56	--------	d-----w-	c:\program files (x86)\HD Tune Pro
2011-06-13 09:44 . 2011-06-13 09:44	--------	d-----w-	c:\users\Justin\AppData\Local\{9B15E19D-4575-4204-B61A-6656935099F2}
2011-06-12 09:37 . 2011-06-12 09:37	--------	d-----w-	c:\users\Justin\AppData\Local\{18D9A83C-2AC4-4250-ABA5-6592202529E0}
2011-06-11 19:01 . 2011-06-11 19:01	--------	d-----w-	c:\programdata\Hewlett-Packard
2011-06-11 19:01 . 2009-07-14 01:41	230400	----a-w-	c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2011-06-11 16:56 . 2011-06-11 16:56	--------	d-----w-	c:\users\Justin\AppData\Local\{B7CEDDBB-ECA3-49CA-890F-49C258851B20}
2011-06-09 16:06 . 2009-07-14 01:41	258048	----a-w-	c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
2011-06-09 14:40 . 2011-06-09 14:40	--------	d-----w-	c:\users\Justin\AppData\Local\{49737F2E-56A7-43A9-B94F-31167011EAEE}
2011-06-08 16:21 . 2011-06-08 16:22	--------	d-----w-	c:\users\Justin\AppData\Local\{77838E10-8757-4A04-85BE-77E46522557B}
2011-06-07 14:34 . 2011-06-07 14:34	--------	d-----w-	c:\users\Justin\AppData\Local\{E7CFA76D-2785-4D05-B71E-AF152773AE4F}
2011-06-06 14:17 . 2011-06-06 14:17	--------	d-----w-	c:\users\Justin\AppData\Local\{8B517B1C-4C64-486C-9A20-5281FDD0CE88}
2011-06-06 10:55 . 2011-06-06 10:55	183696	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-06-06 10:55 . 2011-06-06 10:55	183696	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-06-05 20:39 . 2011-06-05 20:39	--------	d-----w-	c:\users\Justin\AppData\Local\{62BD8C7B-95CF-4B49-BAE7-CE2EE89CD45E}
2011-06-05 08:39 . 2011-06-05 08:39	--------	d-----w-	c:\users\Justin\AppData\Local\{E28171D1-15C0-4AEF-91EE-F01908D8B40B}
2011-06-04 08:24 . 2011-06-04 08:25	--------	d-----w-	c:\users\Justin\AppData\Local\{F92890FF-1BAE-45D4-871A-15A4DAE9C0DB}
2011-06-03 21:45 . 2011-06-03 21:45	--------	d-----w-	c:\program files (x86)\DNA
2011-06-03 15:27 . 2011-06-03 15:28	--------	d-----w-	c:\users\Justin\AppData\Local\{D8333509-A29D-4ED3-8E12-99E312B5E1BA}
2011-06-02 21:31 . 2011-06-02 21:32	--------	d-----w-	c:\users\Justin\AppData\Local\{75922FCE-02E2-4ED0-80F0-9BFDDC191F29}
2011-06-02 21:29 . 2011-06-24 07:55	270632	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2011-06-02 21:29 . 2011-06-02 21:29	--------	d-----w-	c:\users\Justin\AppData\Local\PunkBuster
2011-06-02 21:26 . 2011-06-23 11:23	270632	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2011-06-02 19:24 . 2011-06-02 19:24	--------	d-----w-	c:\program files (x86)\Pando Networks
2011-06-02 19:24 . 2011-06-23 11:05	--------	d-----w-	c:\program files (x86)\GamersFirst
2011-06-02 09:31 . 2011-06-02 09:31	--------	d-----w-	c:\users\Justin\AppData\Local\{13102B78-EA9B-4276-B9CE-74866B568C53}
2011-06-01 18:57 . 2011-06-01 18:57	--------	d-----w-	c:\users\Justin\AppData\Roaming\Artisteer
2011-06-01 16:58 . 2011-06-01 16:58	--------	d-----w-	c:\users\Justin\AppData\Local\{6B492914-CDD5-452C-9E51-C4D644E1AB49}
2011-05-31 19:52 . 2011-05-31 19:52	--------	d-----w-	c:\users\Justin\AppData\Local\{E349716F-38C2-45CE-BF80-A6CF311A63CE}
2011-05-30 18:54 . 2011-05-30 19:52	--------	d-----w-	c:\users\Justin\.gimp-2.6
2011-05-30 18:54 . 2011-05-30 18:54	--------	d-----w-	c:\program files\GIMP-2.0
2011-05-30 17:50 . 2011-05-30 17:50	--------	d-----w-	c:\users\Justin\AppData\Local\{8CC7172A-B917-40F7-AE2A-6C99E49BD72B}
2011-05-29 20:29 . 2011-05-29 20:29	--------	d-----w-	c:\users\Justin\AppData\Local\{A00A899C-9050-45F5-8281-D9D21A2F82C9}
2011-05-29 08:29 . 2011-05-29 08:29	--------	d-----w-	c:\users\Justin\AppData\Local\{38035D52-CDD8-4DAF-82F1-B3BA68C95FB8}
2011-05-28 14:50 . 2011-05-28 14:51	--------	d-----w-	c:\users\Justin\AppData\Local\{AB44ACBB-2F7A-4F63-8315-331A3879312E}
2011-05-27 17:31 . 2011-05-27 17:34	--------	d-----w-	c:\users\Justin\AppData\Local\{E14A3A57-57B8-4B5E-8586-5C5C0D9751D7}
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-19 18:00 . 2011-05-15 07:52	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-29 07:11 . 2010-11-26 10:45	25912	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-05-07 21:57 . 2011-05-07 21:57	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2011-05-07 21:57 . 2011-05-07 21:57	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2011-05-07 21:57 . 2011-05-07 21:57	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-05-07 21:57 . 2011-05-07 21:57	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2011-05-07 21:57 . 2011-05-07 21:57	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2011-05-07 21:57 . 2011-05-07 21:57	1126912	----a-w-	c:\windows\SysWow64\wininet.dll
2011-05-07 21:57 . 2011-05-07 21:57	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2011-05-07 21:57 . 2011-05-07 21:57	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-05-07 21:57 . 2011-05-07 21:57	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-05-07 21:57 . 2011-05-07 21:57	85504	----a-w-	c:\windows\system32\iesetup.dll
2011-05-07 21:57 . 2011-05-07 21:57	76800	----a-w-	c:\windows\system32\tdc.ocx
2011-05-07 21:57 . 2011-05-07 21:57	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2011-05-07 21:57 . 2011-05-07 21:57	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2011-05-07 21:57 . 2011-05-07 21:57	603648	----a-w-	c:\windows\system32\vbscript.dll
2011-05-07 21:57 . 2011-05-07 21:57	49664	----a-w-	c:\windows\system32\imgutil.dll
2011-05-07 21:57 . 2011-05-07 21:57	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-05-07 21:57 . 2011-05-07 21:57	448512	----a-w-	c:\windows\system32\html.iec
2011-05-07 21:57 . 2011-05-07 21:57	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2011-05-07 21:57 . 2011-05-07 21:57	367104	----a-w-	c:\windows\SysWow64\html.iec
2011-05-07 21:57 . 2011-05-07 21:57	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2011-05-07 21:57 . 2011-05-07 21:57	30720	----a-w-	c:\windows\system32\licmgr10.dll
2011-05-07 21:57 . 2011-05-07 21:57	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2011-05-07 21:57 . 2011-05-07 21:57	222208	----a-w-	c:\windows\system32\msls31.dll
2011-05-07 21:57 . 2011-05-07 21:57	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2011-05-07 21:57 . 2011-05-07 21:57	165888	----a-w-	c:\windows\system32\iexpress.exe
2011-05-07 21:57 . 2011-05-07 21:57	160256	----a-w-	c:\windows\system32\wextract.exe
2011-05-07 21:57 . 2011-05-07 21:57	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2011-05-07 21:57 . 2011-05-07 21:57	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2011-05-07 21:57 . 2011-05-07 21:57	1492992	----a-w-	c:\windows\system32\inetcpl.cpl
2011-05-07 21:57 . 2011-05-07 21:57	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2011-05-07 21:57 . 2011-05-07 21:57	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2011-05-07 21:57 . 2011-05-07 21:57	1389056	----a-w-	c:\windows\system32\wininet.dll
2011-05-07 21:57 . 2011-05-07 21:57	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2011-05-07 21:57 . 2011-05-07 21:57	12288	----a-w-	c:\windows\system32\mshta.exe
2011-05-07 21:57 . 2011-05-07 21:57	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2011-05-07 21:57 . 2011-05-07 21:57	114176	----a-w-	c:\windows\system32\admparse.dll
2011-05-07 21:57 . 2011-05-07 21:57	111616	----a-w-	c:\windows\system32\iesysprep.dll
2011-05-07 21:57 . 2011-05-07 21:57	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2011-04-22 20:18 . 2011-05-25 18:17	27008	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-04-09 16:55 . 2011-04-09 16:55	15453336	----a-w-	c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55	13642904	----a-w-	c:\windows\SysWow64\xlivefnt.dll
2011-04-09 06:58 . 2011-05-19 11:05	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-04-09 06:45 . 2011-05-11 20:18	5509504	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-11 20:18	3957632	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 20:18	3901824	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-19 11:05	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-06-23_20.45.04   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-08 15:16 . 2011-06-26 16:46	79742              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-06-26 16:46	45176              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-08 15:16 . 2011-06-26 16:46	20214              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-911968414-3850360206-3924130046-1000_UserData.bin
+ 2010-11-08 14:26 . 2011-06-23 20:58	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-08 14:26 . 2011-06-23 10:32	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-08 14:26 . 2011-06-23 20:58	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-11-08 14:26 . 2011-06-23 10:32	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-23 10:32	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-23 20:58	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-06-23 14:03 . 2011-06-23 14:03	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-26 16:41 . 2011-06-26 16:41	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-26 16:41 . 2011-06-26 16:41	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-06-23 14:03 . 2011-06-23 14:03	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-06-23 12:13	414768              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-06-24 12:34	414768              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-05-18 21:24 . 2011-06-23 20:51	1921440              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-911968414-3850360206-3924130046-1000-4096.dat
- 2011-05-18 21:24 . 2011-05-25 22:06	1921440              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-911968414-3850360206-3924130046-1000-4096.dat
+ 2010-12-12 14:45 . 2011-06-24 12:34	1270420              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-911968414-3850360206-3924130046-1000-12288.dat
- 2010-12-12 14:45 . 2011-06-23 12:13	1270420              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-911968414-3850360206-3924130046-1000-12288.dat
+ 2010-11-09 22:23 . 2011-06-24 12:34	13418396              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-911968414-3850360206-3924130046-1000-8192.dat
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-11-16 1242448]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
UltraMon.lnk - c:\windows\Installer\{B49673F8-7AB6-4A14-8213-C8A7BE370010}\IcoUltraMon.ico [2010-11-15 29310]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ALSysIO;ALSysIO;c:\users\Justin\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz130;cpuz130;c:\users\Justin\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 DIRECTIO;DIRECTIO;c:\program files (x86)\PerformanceTest\DirectIo.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-10-25 16392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys [x]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R4 dtpd;ShrewSoft DNS Proxy Daemon;c:\program files\ShrewSoft\VPN Client\dtpd.exe [2010-10-08 56592]
R4 iked;ShrewSoft IKE Daemon;c:\program files\ShrewSoft\VPN Client\iked.exe [2010-10-08 957712]
R4 ipsecd;ShrewSoft IPSEC Daemon;c:\program files\ShrewSoft\VPN Client\ipsecd.exe [2010-10-08 697616]
R4 ShadowProtectSvc;ShadowProtect Service;c:\program files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [2010-07-15 1657376]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-01 2271608]
R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-03-25 539248]
R4 VSNAPVSS;StorageCraft Shadow Copy Provider;c:\windows\SysWOW64\vsnapvss.exe [2010-07-15 67616]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 stcvsm;StorageCraft Volume Snapshot Driver;c:\windows\system32\DRIVERS\stcvsm.sys [x]
S1 sbmount;StorageCraft Image Mount Driver; [x]
S1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-14 20512]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 VMfilt;VMfilt;c:\windows\system32\drivers\VMfilt64.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-07-09 408584]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\Justin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
Trusted Zone: microsoft.com
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: windowsupdate.com
TCP: Interfaces\{B2FA24B3-6AA5-4134-B690-9474E9EE74B0}: NameServer = 172.16.10.16
TCP: Interfaces\{E94CCF6C-A2FB-4C0A-A7D6-C60261E95A92}: NameServer = 192.168.2.1
FF - ProfilePath - c:\users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\58gc5y1s.default\
FF - prefs.js: browser.search.defaulturl - hxxp://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://plasmoo.com/index.htm?SearchMashine=true&q=
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-911968414-3850360206-3924130046-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6BF3FB61-2747-78C2-26D8-DC4CD658160B}*]
"iahbkgmgalimnhpgmp"=hex:6a,61,6c,61,65,63,64,66,64,69,6d,62,62,6f,65,6b,61,6a,
   6c,6c,00,ed
"habbajmnegncmejp"=hex:6a,61,6c,61,65,63,64,66,64,69,6d,62,62,6f,65,6b,61,6a,
   6c,6c,00,7b
.
[HKEY_USERS\S-1-5-21-911968414-3850360206-3924130046-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CEDD38C2-232B-99BE-57AA-C19FA123AFC6}*]
"maficcaeembonmclkhnnhgmbmn"=hex:6a,61,68,67,6b,64,62,6f,63,69,70,67,70,6c,6c,
   6b,69,6a,68,64,00,ed
"nalgibjbknjlmbhfchmoobdccado"=hex:6a,61,68,67,6b,64,62,6f,63,69,70,67,70,6c,
   6c,6b,69,6a,68,64,00,02
"ialgibjbknjlmbhfch"=hex:6a,61,68,67,6b,64,62,6f,63,69,70,67,70,6c,6c,6b,69,6a,
   68,64,00,00
"haficcaeembonmcl"=hex:6a,61,68,67,6b,64,62,6f,63,69,70,67,70,6c,6c,6b,69,6a,
   68,64,00,00
.
[HKEY_USERS\S-1-5-21-911968414-3850360206-3924130046-1000\Software\SecuROM\License information*]
"datasecu"=hex:9d,dc,b2,84,47,89,af,b4,a5,31,90,c6,14,09,0f,fc,6f,17,29,d9,0d,
   93,8a,7d,24,eb,2d,c2,d5,0c,0d,28,03,68,e2,e4,fb,be,85,c4,e9,31,d0,41,cf,8a,\
"rkeysecu"=hex:7d,49,f8,a2,ad,e2,f2,ab,f8,15,62,7e,51,d6,fe,50
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-06-26  19:00:55
ComboFix-quarantined-files.txt  2011-06-26 17:00
ComboFix2.txt  2011-06-23 20:46
.
Vor Suchlauf: 15 Verzeichnis(se), 96.710.262.784 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 96.601.128.960 Bytes frei
.
- - End Of File - - 7F22F70917E693955B03875F37D84B0E

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)

Plagegeister aller Art und deren Bekämpfung: Updateprobleme jeweder Software(Nach Internet Security 2011 befall)

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)

Ähnliche Themen: Updateprobleme jeweder Software(Nach Internet Security 2011 befall)