Logfile von Combofix ... was nun?

lyci · 15.09.2012, 00:55

Hi an alle,

ich habe irrtümlich combofix gestartet. Wollte es sicherheitshalber nicht unterbrechen und ließ es durchlaufen. Nun habe ich ein Logfile und weiß nicht, weiter. Also sprich, ich kann es nicht lesen, weiß nicht, was combofix eigentlich macht. Ich habe gelesen, dass bei der Deinstallation von combofix einige Einträge ect. gelöscht werden. Also habe ich keine Ahnung, ob ich combofix deinstallieren darf. Hier das Ergebnis des scans:

ComboFix 12-09-14.03 - nett-marketing 15.09.2012 1:24.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1033.18.4095.2505 [GMT 2:00]
ausgeführt von:: c:\users\nett-marketing\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-14 bis 2012-09-14 ))))))))))))))))))))))))))))))
.
.
2012-09-14 23:31 . 2012-09-14 23:31 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-09-14 23:31 . 2012-09-14 23:31 -------- d-----w- c:\users\nettmarketing\AppData\Local\temp
2012-09-14 23:31 . 2012-09-14 23:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-14 20:14 . 2012-09-14 20:14 -------- d-----w- c:\programdata\ALM
2012-09-14 20:10 . 2012-09-14 20:10 -------- d-----w- c:\users\nett-marketing\Adobe Flash Builder 4.6
2012-09-14 20:02 . 2012-09-14 20:02 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2012-09-14 20:02 . 2011-11-03 01:01 56208 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2012-09-14 20:02 . 2011-10-17 01:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2012-09-14 20:02 . 2011-10-17 01:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2012-09-14 20:02 . 2012-09-14 20:02 -------- d-----w- c:\program files (x86)\My Company Name
2012-09-14 12:11 . 2012-09-14 12:11 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
2012-09-11 12:31 . 2012-09-11 12:31 -------- d-----w- c:\program files (x86)\Elaborate Bytes
2012-09-09 15:56 . 2012-09-14 23:17 -------- d-----w- c:\users\nett-marketing\AppData\Roaming\NVIDIA
2012-08-28 19:14 . 2012-08-28 19:14 -------- d-----w- c:\program files (x86)\TeamViewer
2012-08-24 20:36 . 2012-08-24 20:36 -------- d-----w- c:\programdata\NVIDIA Corporation
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-17 13:37 . 2012-07-31 12:38 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-17 13:37 . 2012-07-31 12:38 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-29 22:45 . 2012-04-07 23:31 955888 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-07-29 22:45 . 2012-04-07 23:31 839152 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-29 17:54 . 2012-07-29 17:53 111104 ----a-w- c:\windows\SysWow64\libvlc.dll
2012-07-18 16:04 . 2012-07-28 22:32 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-07-18 16:04 . 2012-07-28 22:32 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-07-18 16:04 . 2012-07-28 22:32 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-07-05 20:06 . 2012-07-29 13:53 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-05 20:06 . 2011-06-25 14:15 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-03 01:19 . 2010-03-21 17:25 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-31_19.01.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-09 20:43 . 2012-02-09 20:43 61248 c:\windows\SysWOW64\OpenCL.dll
+ 2011-03-07 02:08 . 2011-03-07 02:08 93552 c:\windows\SysWOW64\ElbyCDIO.dll
- 2009-07-14 04:54 . 2012-07-26 13:15 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-24 20:36 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-26 13:15 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-24 20:36 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-26 13:15 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-24 20:36 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-03-21 17:22 . 2012-09-14 23:34 61772 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-09-14 23:34 41786 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-03-21 16:37 . 2012-09-14 23:34 18424 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1304805427-2328156682-2798200666-1000_UserData.bin
+ 2011-09-05 17:04 . 2011-09-05 17:04 37264 c:\windows\system32\spool\drivers\x64\3\ADREGP.DLL
- 2010-10-25 14:13 . 2010-10-25 14:13 24984 c:\windows\system32\spool\drivers\x64\3\AdobePDFUI.dll
+ 2011-09-05 17:04 . 2011-09-05 17:04 24984 c:\windows\system32\spool\drivers\x64\3\AdobePDFUI.dll
- 2010-10-25 14:13 . 2010-10-25 14:13 53656 c:\windows\system32\spool\drivers\x64\3\AdobePdf.dll
+ 2011-09-05 17:05 . 2011-09-05 17:05 53656 c:\windows\system32\spool\drivers\x64\3\AdobePdf.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 68928 c:\windows\system32\OpenCL.dll
- 2012-01-24 08:15 . 2012-03-02 21:58 67584 c:\windows\system32\LogFiles\Srt\bootstat.dat
+ 2012-01-24 08:15 . 2012-09-11 15:54 67584 c:\windows\system32\LogFiles\Srt\bootstat.dat
+ 2011-01-15 16:21 . 2011-01-15 16:21 36352 c:\windows\system32\DriverStore\Temp\{54e2360a-fdca-4bc3-1ce1-1673fe692044}\Vista64\VClone.sys
- 2009-07-14 05:30 . 2012-04-20 00:43 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-09-14 20:07 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-02-09 20:43 . 2012-02-09 20:43 68928 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\OpenCL64.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 61248 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\OpenCL.dll
+ 2011-09-05 17:04 . 2011-09-05 17:04 24984 c:\windows\system32\DriverStore\FileRepository\adobepdf.inf_amd64_neutral_37dec03d80533e59\Amd64Vista\AdobePDFUI.dll
+ 2011-09-05 17:05 . 2011-09-05 17:05 53656 c:\windows\system32\DriverStore\FileRepository\adobepdf.inf_amd64_neutral_37dec03d80533e59\Amd64Vista\AdobePdf.dll
+ 2011-09-05 17:04 . 2011-09-05 17:04 37264 c:\windows\system32\DriverStore\FileRepository\adobepdf.inf_amd64_neutral_37dec03d80533e59\Amd64\ADREGP.DLL
+ 2011-01-15 16:21 . 2011-01-15 16:21 36352 c:\windows\system32\drivers\VClone.sys
+ 2010-12-16 22:58 . 2010-12-16 22:58 40816 c:\windows\system32\drivers\ElbyCDIO.sys
- 2010-03-22 00:23 . 2012-07-31 17:10 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-22 00:23 . 2012-09-14 08:28 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-08-01 09:05 . 2012-09-14 08:28 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-09-14 08:28 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-31 17:10 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-09-05 17:04 . 2011-09-05 17:04 24984 c:\windows\system32\AdobePDFUI.dll
+ 2011-09-05 17:05 . 2011-09-05 17:05 53656 c:\windows\system32\AdobePDF.dll
+ 2009-07-14 04:46 . 2012-09-14 23:34 86960 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-03-21 19:13 . 2012-07-31 18:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-21 19:13 . 2012-09-14 23:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-03-21 19:13 . 2012-07-31 18:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-03-21 19:13 . 2012-09-14 23:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-09-14 20:03 . 2012-09-14 20:03 23040 c:\windows\Installer\19594a5.msi
+ 2012-09-14 19:59 . 2012-09-14 19:59 32256 c:\windows\Installer\1959476.msi
+ 2012-09-14 12:11 . 2012-09-14 12:11 22016 c:\windows\Installer\1236be.msi
+ 2012-09-14 19:57 . 2012-09-14 19:57 10134 c:\windows\Installer\{B6D38690-755E-4F40-A35A-23F8BC2B86AC}\ARPPRODUCTICON.exe
+ 2012-09-14 19:54 . 2012-09-14 19:54 10134 c:\windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
- 2010-06-04 15:50 . 2010-06-04 15:50 10134 c:\windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
- 2010-07-12 23:31 . 2010-07-12 23:31 10134 c:\windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe
+ 2012-09-14 19:57 . 2012-09-14 19:57 10134 c:\windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe
+ 2012-07-31 20:57 . 2012-07-31 20:57 65536 c:\windows\Installer\{44025BD7-AD10-4769-99AE-6378FD0303D6}\DWARPPRODUCTICON.exe
+ 2012-09-14 20:02 . 2012-09-14 20:02 53248 c:\windows\Installer\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}\ARPPRODUCTICON.exe
+ 2012-09-14 20:02 . 2012-09-14 20:02 53248 c:\windows\Installer\{185F9795-9663-4F13-9EF9-307A282ADB5A}\ARPPRODUCTICON.exe
+ 2012-07-31 20:55 . 2012-07-31 20:55 65536 c:\windows\Installer\{0F022A2E-7022-497D-90A5-0F46746D8275}\EMARPPRODUCTICON.exe
- 2012-07-17 23:33 . 2012-07-17 23:33 65536 c:\windows\Installer\{0F022A2E-7022-497D-90A5-0F46746D8275}\EMARPPRODUCTICON.exe
+ 2012-09-14 19:54 . 2012-09-14 19:54 10134 c:\windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
- 2010-07-12 23:30 . 2010-07-12 23:30 10134 c:\windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
+ 2010-10-25 13:13 . 2010-10-25 13:13 17304 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\ViewerPS.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PrintInf64.exe
+ 2010-10-25 13:13 . 2010-10-25 13:13 16808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\piaglbreakfinder.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 84896 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFPrevHndlr.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 28568 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\FileDlgExt.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 17816 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Exch_AcrobatInfo.exe
+ 2010-10-25 13:13 . 2010-10-25 13:13 49064 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\acrotextextractor.exe
+ 2010-10-25 13:13 . 2010-10-25 13:13 97168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\AcroIF.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 64928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\AcroIEHelper.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Acrofx32.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 36760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\acrobat_sl.exe
+ 2012-02-09 20:43 . 2012-02-09 20:43 4096 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvdetx.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 4096 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvdet.dll
- 2012-07-31 18:43 . 2012-07-31 18:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-09-14 23:32 . 2012-09-14 23:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-09-14 23:32 . 2012-09-14 23:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-31 18:43 . 2012-07-31 18:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-09-06 23:01 . 2011-09-06 23:01 100848 c:\windows\SysWOW64\vxblock.dll
+ 2010-03-05 08:13 . 2012-03-12 18:56 947472 c:\windows\SysWOW64\msjava.dll
- 2010-03-05 08:13 . 2010-03-05 08:13 947472 c:\windows\SysWOW64\msjava.dll
+ 2012-08-17 13:37 . 2012-08-17 13:37 686792 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_Plugin.exe
+ 2012-07-31 12:38 . 2012-08-17 13:37 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- 2012-07-31 12:38 . 2012-07-31 12:38 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2011-03-07 00:52 . 2011-03-07 00:52 134512 c:\windows\SysWOW64\ElbyVCD.dll
+ 2010-03-21 20:06 . 2012-09-07 14:48 294608 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-03-26 20:31 . 2012-09-12 13:15 392596 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2011-09-05 17:05 . 2011-09-05 17:05 464272 c:\windows\system32\spool\drivers\x64\3\ADUIGP.DLL
- 2010-10-25 14:13 . 2010-10-25 14:13 464272 c:\windows\system32\spool\drivers\x64\3\ADUIGP.DLL
+ 2009-07-14 02:36 . 2012-09-11 11:44 652004 c:\windows\system32\perfh009.dat
+ 2010-03-21 17:38 . 2012-09-11 11:44 694526 c:\windows\system32\perfh007.dat
+ 2009-07-14 02:36 . 2012-09-11 11:44 120936 c:\windows\system32\perfc009.dat
+ 2010-03-21 17:38 . 2012-09-11 11:44 147650 c:\windows\system32\perfc007.dat
+ 2012-08-17 13:37 . 2012-08-17 13:37 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_271_Plugin.exe
- 2009-07-14 05:30 . 2012-04-20 00:43 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-09-14 20:07 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-04-20 00:43 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2012-09-14 20:07 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2012-02-09 20:43 . 2012-02-09 20:43 962368 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvumdshimx.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 812352 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvumdshim.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 310592 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvml.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 260416 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvinitx.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 215360 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvinit.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 201024 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvidia-smi.exe
+ 2012-02-09 20:43 . 2012-02-09 20:43 202752 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvdxgiwrapx.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 182080 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvdxgiwrap.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 324516 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvdrsdb.bin
+ 2012-02-09 20:43 . 2012-02-09 20:43 301376 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvdecodemft32.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 364352 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvdecodemft.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 261120 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\Nvd3d9wrapx.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 236352 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\Nvd3d9wrap.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 224064 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\dbInstaller.exe
+ 2011-09-05 17:05 . 2011-09-05 17:05 464272 c:\windows\system32\DriverStore\FileRepository\adobepdf.inf_amd64_neutral_37dec03d80533e59\Amd64\ADUIGP.DLL
+ 2009-07-14 05:38 . 2012-09-12 01:57 262144 c:\windows\system32\config\systemprofile\ntuser.dat
- 2009-07-14 05:38 . 2012-03-03 07:02 262144 c:\windows\system32\config\systemprofile\ntuser.dat
- 2009-07-14 05:12 . 2012-07-31 12:13 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2012-08-13 12:16 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2012-09-14 23:31 609628 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-04-15 04:48 . 2012-04-15 04:48 593408 c:\windows\Installer\1959497.msi
+ 2012-04-15 04:48 . 2012-04-15 04:48 915456 c:\windows\Installer\1959468.msi
+ 2009-07-12 05:43 . 2009-07-12 05:43 231936 c:\windows\Installer\1959462.msi
+ 2012-09-14 20:06 . 2012-09-14 20:06 335872 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000005}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
+ 2010-10-25 13:13 . 2010-10-25 13:13 109472 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\wcfirefoxextn.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 249232 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\sqlite.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 108864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\spal.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 905536 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\solidcore.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 133440 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\solid_wxbase_xml.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 404800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\securepdfsdk.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 147776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\scpdfbridge.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 457120 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFMPublisher.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 106904 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFMProject.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 641440 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFMPowerPoint.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 385952 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFMOfficeAddin.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 319808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\pdfmeta.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 528792 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFMEngine.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 221592 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFMakerAPI.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 217496 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFMAccess.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 435520 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\ocr.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 135568 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\nppdf32.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 344480 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\MDKitAdapter.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 316824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\ImpCommWord.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 858944 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\imagetool.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 681872 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Exch_JP2KLib.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 329104 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Exch_Acrobat.exe
+ 2010-10-25 13:13 . 2010-10-25 13:13 709528 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Dist_adistres.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 821144 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Dist_acrotray.exe
+ 2010-10-25 13:13 . 2010-10-25 13:13 405912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Dist_acrodist.exe
+ 2010-10-25 13:13 . 2010-10-25 13:13 143168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\dbcore.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 170816 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\convertercorelight.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 685464 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\ContextMenu.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 148880 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Aiod.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 222920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\ahclient.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 952728 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\aecfilter.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 226200 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\adobeafp.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 116624 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Adist64.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 110480 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Adist.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 203680 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\acroscanbroker.exe
+ 2010-10-25 13:13 . 2010-10-25 13:13 702352 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\AcroPDF.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 340384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\AcroIEFavClient.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 294808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\acrobroker.exe
+ 2010-10-25 13:13 . 2010-10-25 13:13 205720 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\a3dutils.dll
+ 2005-09-16 14:26 . 2005-09-16 14:26 114688 c:\windows\Downloaded Installations\Macromedia Dreamweaver 8\DW_Client_Installer.exe
+ 2012-02-09 20:43 . 2012-02-09 20:43 7713088 c:\windows\SysWOW64\nvwgf2um.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 2517312 c:\windows\SysWOW64\nvcuvid.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 2437440 c:\windows\SysWOW64\nvcuvenc.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 5892928 c:\windows\SysWOW64\nvcuda.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 2301248 c:\windows\SysWOW64\nvapi.dll
+ 2012-08-17 13:37 . 2012-08-17 13:37 9465032 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
+ 2012-08-17 13:37 . 2012-08-17 13:37 1536712 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
+ 2010-01-12 11:03 . 2012-02-09 20:43 9717568 c:\windows\system32\nvwgf2umx.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 1466176 c:\windows\system32\nvgenco64.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 1737536 c:\windows\system32\nvdispco64.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 2672448 c:\windows\system32\nvcuvid.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 2872640 c:\windows\system32\nvcuvenc.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 8008000 c:\windows\system32\nvcuda.dll
+ 2010-01-12 11:03 . 2012-02-09 20:43 2660160 c:\windows\system32\nvapi64.dll
+ 2009-07-14 04:45 . 2012-09-14 23:33 5196304 c:\windows\system32\FNTCACHE.DAT
+ 2012-02-09 20:43 . 2012-02-09 20:43 9717568 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvwgf2umx.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 7713088 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvwgf2um.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 1466176 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvgenco64.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 1737536 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvdispco64.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 2517312 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvcuvid32.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 2672448 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvcuvid.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 2872640 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvcuvenc64.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 2437440 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvcuvenc.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 5892928 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvcuda32.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 8008000 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvcuda.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 2660160 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvapi64.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 2301248 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvapi.dll
- 2009-07-14 04:45 . 2012-07-31 11:55 5984200 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-09-14 23:33 5984200 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2012-07-31 20:55 . 2012-07-31 20:55 6185472 c:\windows\Installer\505771.msi
+ 2012-04-15 04:44 . 2012-04-15 04:44 8297472 c:\windows\Installer\1959648.msi
+ 2012-04-15 04:48 . 2012-04-15 04:48 1436672 c:\windows\Installer\195949f.msi
+ 2011-04-15 22:14 . 2011-04-15 22:14 3186176 c:\windows\Installer\1959491.msi
+ 2012-04-15 04:47 . 2012-04-15 04:47 2259968 c:\windows\Installer\195948b.msi
+ 2012-04-15 04:48 . 2012-04-15 04:48 1997312 c:\windows\Installer\1959450.msi
+ 2012-04-15 04:48 . 2012-04-15 04:48 2211328 c:\windows\Installer\1959448.msi
+ 2010-10-25 13:13 . 2010-10-25 13:13 1876288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\solid_wxbase.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 2207632 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\rt3d.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 1054096 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\pdfport.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 1270680 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFMWord.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 2739608 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFMOutlook.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 2070432 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFMLotus_PDFMLotusNotes.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 2033040 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFMLotus_Lcppn30.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 1300888 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PDFMExcel.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 6445376 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\pdflibtool.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 1753504 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\OCRLibraryInf.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 5002632 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\MPS.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 1186728 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\JSByteCodeWin.bin
+ 2010-10-25 13:13 . 2010-10-25 13:13 2795928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Exch_cooltype.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 4728216 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Dist_acrodistdll.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 1591712 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\ContextMenu64.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 6222744 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\authplay.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 2893216 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\AdobePDFMakerX.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 6654360 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\AdobePDFL.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 1216416 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\AdobeCollabSync.exe
+ 2010-10-25 13:13 . 2010-10-25 13:13 2572712 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Acrobat_Elements.exe
+ 2005-09-16 14:26 . 2005-09-16 14:26 2003176 c:\windows\Downloaded Installations\Macromedia Dreamweaver 8\WindowsInstaller-KB884016-v2-x86.exe
+ 2012-02-09 20:43 . 2012-02-09 20:43 19443520 c:\windows\SysWOW64\nvoglv32.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 15009600 c:\windows\SysWOW64\nvd3dum.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 17543488 c:\windows\SysWOW64\nvcompiler.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 25541952 c:\windows\system32\nvoglv64.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 17642816 c:\windows\system32\nvd3dumx.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 25222976 c:\windows\system32\nvcompiler.dll
+ 2012-08-17 13:37 . 2012-08-17 13:37 12315336 c:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 25541952 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvoglv64.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 19443520 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvoglv32.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 13624128 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvlddmkm.sys
+ 2012-02-09 20:43 . 2012-02-09 20:43 17642816 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvd3dumx.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 15009600 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvd3dum.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 71579376 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\NvCplSetupInt.exe
+ 2012-02-09 20:43 . 2012-02-09 20:43 17543488 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvcompiler32.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 25222976 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\nvcompiler.dll
+ 2012-02-09 20:43 . 2012-02-09 20:43 13624128 c:\windows\system32\drivers\nvlddmkm.sys
+ 2010-11-29 08:34 . 2012-09-14 23:31 42235500 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1304805427-2328156682-2798200666-1000-8192.dat
+ 2005-09-16 16:07 . 2005-09-16 16:07 69864960 c:\windows\Installer\505775.msi
+ 2012-04-15 04:48 . 2012-04-15 04:48 12719104 c:\windows\Installer\1959470.msi
+ 2010-10-25 13:13 . 2010-10-25 13:13 17201560 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\webkitag.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 51284384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\PreflightLib.dll
+ 2010-10-25 13:13 . 2010-10-25 13:13 28406160 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\Acrobat.dll
+ 2005-09-16 16:07 . 2005-09-16 16:07 69864960 c:\windows\Downloaded Installations\Macromedia Dreamweaver 8\Macromedia_Dreamweaver_8.msi
+ 2012-04-15 04:44 . 2012-04-15 04:44 113676288 c:\windows\Installer\1959649.msp
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microtek Scanner Finder.lnk - c:\program files (x86)\Microtek\ScanWizard 5\ScannerFinder.exe [2012-2-27 339968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-17 250056]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 108296]
R3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 19720]
R3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [2007-04-23 144648]
R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 126216]
R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 123656]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-12-17 109168]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-24 2735528]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-31 13:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2009-06-30 291872]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_1&u=D7B74F2546A67A0B97E2F8501863F2F8
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
TCP: DhcpNameServer = 192.168.254.254
FF - ProfilePath - c:\users\nett-marketing\AppData\Roaming\Mozilla\Firefox\Profiles\m8tbqzhj.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - about:blank
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1304805427-2328156682-2798200666-1000_Classes\Wow6432Node\CLSID\{42edf80a-5931-47cc-9f47-312476b0f514}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000010d
"Therad"=dword:0000001d
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,69,93,bb,24,22,74,13,4c,66,a8,b1,e0,92,ab,\
.
[HKEY_USERS\S-1-5-21-1304805427-2328156682-2798200666-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):3b,52,0b,c5,59,28,b6,be,6e,02,7a,46,8f,8f,c8,ac,6a,d8,c7,2a,ee,
b8,b4,24,b1,8c,d1,a4,10,70,7b,c2,a2,18,db,29,80,38,c8,95,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-1304805427-2328156682-2798200666-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):6e,8c,14,15,b2,06,59,a9,75,e6,4f,b4,72,c8,8c,a4,34,09,8f,fc,f9,
fd,86,70,72,53,94,ef,bc,a0,e2,b0,3c,fe,af,ee,05,7d,c2,b1,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-1304805427-2328156682-2798200666-1000_Classes\Wow6432Node\CLSID\{e81c3f0a-0596-491f-bf82-8f5b7fe7509b}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000001f
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,c3,4d,9e,47,61,a7,8f,c3,2f,e9,ec,3d,5a,92,05,e8,0f,8a,ad,5e,c4,ee,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
c:\xampp\mysql\bin\mysqld.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-15 01:38:25 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-09-14 23:38
.
Vor Suchlauf: 34 Verzeichnis(se), 504.092.213.248 Bytes frei
Nach Suchlauf: 35 Verzeichnis(se), 504.015.986.688 Bytes frei
.
- - End Of File - - ED3B51A9BED5BED5DF689714CF02F1DD

Ich wäre sehr erfreut, wenn mir jemand weiterhelfen würde und bedanke mich schon einmal im voraus.

Lyci

markusg · 15.09.2012, 17:36

hi
wie startet man irtümlich nen programm welches man ja auch erst laden muss :-)
gibts pc probleme?

lyci · 15.09.2012, 22:23

Hi markusg,

ja, ich bin blond, aber dennoch... ;-)

Das Programm hatte ich noch von der Virenbeseitigung kurz zuvor. Ich wollte lediglich meinen Desktop aufräumen und habe bein Anklicken das Programm gestartet. Kann doch mal passieren, oder? ;-)

Und? Ist alles in Ordnung mit dem Logfile?

Vielen Dank.

Lyci

markusg · 17.09.2012, 17:19

start ausführen
tippe:
combofix/uninstall
enter
log sieht ok aus

lyci · 18.09.2012, 21:26

Hi Marcusg,

uninstallfiel mir auch direkt ein, ABER ich wusste nicht, ob das Löschen der markierten Files noch ein Unheil anrichten könnten!
Wenn also das Logfile ok ist und bei der Deinstallation von Combofix nichts weiter passieren kann, DANN ... auf geht's.

Danke schön!

LG
Lyci

markusg · 19.09.2012, 18:16

hi muss eig nicht neu gemacht werden, außer du möchtest es, falls nein, weiter bitte:
lade den CCleaner standard:
CCleaner Download - CCleaner 3.22.1800
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

15.09.2012, 17:36	#2
markusg /// Malware-holic	Logfile von Combofix ... was nun? hi wie startet man irtümlich nen programm welches man ja auch erst laden muss :-) gibts pc probleme? __________________ __________________

17.09.2012, 17:19	#4
markusg /// Malware-holic	Logfile von Combofix ... was nun? start ausführen tippe: combofix/uninstall enter log sieht ok aus __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

Logfile von Combofix ... was nun?

Plagegeister aller Art und deren Bekämpfung: Logfile von Combofix ... was nun?