2-4x iexplore.exe im Task-Manager (Lautstärke unverändert)

ComboFix 10-07-07.02 - Peter 08.07.2010  14:38:12.1.2 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1252.49.1031.18.2046.1529 [GMT 2:00]
ausgeführt von:: c:\users\Peter\Desktop\cofi.exe
 * Im Speicher befindliches AV aktiv.

.

(((((((((((((((((((((((   Dateien erstellt von 2010-06-08 bis 2010-07-08  ))))))))))))))))))))))))))))))
.

2010-07-08 12:44 . 2010-07-08 12:44	--------	d-----w-	c:\users\Peter\AppData\Local\temp
2010-07-08 12:44 . 2010-07-08 12:44	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-07-08 11:23 . 2010-07-08 11:23	--------	d-----w-	c:\program files\Common Files\Java
2010-07-08 11:20 . 2010-04-12 15:29	411368	----a-w-	c:\windows\system32\deployJava1.dll
2010-07-07 12:56 . 2010-07-07 12:56	--------	d-----w-	c:\program files\Bootkit Remover
2010-07-07 10:51 . 2010-07-07 10:51	--------	d-----w-	c:\users\Peter\AppData\Roaming\Malwarebytes
2010-07-07 10:50 . 2010-04-29 10:19	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-07 10:50 . 2010-07-07 10:50	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-07-07 10:50 . 2010-07-07 10:50	--------	d-----w-	c:\programdata\Malwarebytes
2010-07-07 10:50 . 2010-04-29 10:19	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-07-07 10:44 . 2010-07-08 12:28	--------	d-----w-	c:\program files\CCleaner
2010-07-07 06:46 . 2009-12-01 08:53	670072	----a-w-	c:\program files\autoruns.exe
2010-06-28 20:41 . 2010-06-28 20:52	--------	d-----w-	c:\users\Peter\AppData\Roaming\ImgBurn
2010-06-28 20:17 . 2010-06-28 20:17	--------	d-----w-	c:\program files\ImgBurn
2010-06-27 19:45 . 2010-06-27 19:45	--------	d-----w-	c:\program files\DAEMON Tools Lite
2010-06-23 22:45 . 2010-06-24 07:08	--------	d-----w-	c:\programdata\NOS
2010-06-23 22:23 . 2009-11-25 10:47	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2010-06-23 22:23 . 2009-11-25 10:47	49472	----a-w-	c:\windows\system32\netfxperf.dll
2010-06-23 22:23 . 2009-11-25 10:47	297808	----a-w-	c:\windows\system32\mscoree.dll
2010-06-23 22:23 . 2009-11-25 10:47	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2010-06-23 22:23 . 2009-11-25 10:47	1130824	----a-w-	c:\windows\system32\dfshim.dll
2010-06-10 07:11 . 2010-05-01 14:49	2326528	----a-w-	c:\windows\system32\win32k.sys
2010-06-10 07:11 . 2010-03-05 07:42	67584	----a-w-	c:\windows\system32\asycfilt.dll
2010-06-10 07:11 . 2010-05-21 05:18	977920	----a-w-	c:\windows\system32\wininet.dll
2010-06-10 07:11 . 2010-05-27 07:24	34304	----a-w-	c:\windows\system32\atmlib.dll
2010-06-10 07:11 . 2010-05-27 03:49	293888	----a-w-	c:\windows\system32\atmfd.dll

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-08 12:42 . 2009-07-14 08:47	647376	----a-w-	c:\windows\system32\perfh007.dat
2010-07-08 12:42 . 2009-07-14 08:47	127404	----a-w-	c:\windows\system32\perfc007.dat
2010-07-08 12:28 . 2010-01-21 12:19	--------	d-----w-	c:\users\Peter\AppData\Roaming\Media Player Classic
2010-07-08 11:59 . 2010-01-29 12:27	--------	d-----w-	c:\users\Peter\AppData\Roaming\Skype
2010-07-08 11:58 . 2010-01-21 13:25	--------	d-----w-	c:\users\Peter\AppData\Roaming\Azureus
2010-07-08 11:20 . 2010-01-29 16:36	--------	d-----w-	c:\program files\Java
2010-07-08 11:18 . 2010-03-29 16:26	33	----a-w-	c:\windows\popcinfo.dat
2010-07-08 10:44 . 2010-01-30 09:46	13025	----a-w-	c:\users\Peter\AppData\Roaming\nvModes.dat
2010-07-04 08:09 . 2010-01-29 16:37	--------	d-----w-	c:\program files\JDownloader
2010-07-01 14:57 . 2010-01-22 11:46	--------	d-----w-	c:\programdata\Microsoft Help
2010-06-01 10:08 . 2010-01-21 15:19	--------	d-----w-	c:\program files\Foxit Reader
2010-05-31 14:53 . 2010-05-31 14:53	--------	d-----w-	c:\users\Peter\AppData\Roaming\adma
2010-05-21 12:14 . 2010-01-20 11:45	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-13 00:37 . 2009-07-14 02:37	--------	d-----w-	c:\program files\Windows Mail
2010-05-10 09:46 . 2010-01-21 13:24	--------	d-----w-	c:\program files\Vuze
2010-04-29 13:08 . 2010-01-21 13:52	40904	----a-w-	c:\windows\system32\drivers\gdwfpcd32.sys
2010-04-23 07:13 . 2010-05-26 07:13	2048	----a-w-	c:\windows\system32\tzres.dll
2010-02-02 22:43 . 2010-02-02 22:43	595499	----a-w-	c:\program files\Autoruns.zip
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"G DATA AntiVirus Trayapplication"="c:\program files\G Data\AntiVirus\AVKTray\AVKTray.exe" [2009-09-18 924232]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-04-17 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-17 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-17 81920]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2007-01-12 118784]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-3-25 813584]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28	72208	----a-w-	c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-01-30 691696]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2010-01-21 28616]
S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\DRIVERS\gdwfpcd32.sys [2010-04-29 40904]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2010-01-21 29992]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G DATA\AVKProxy\AVKProxy.exe [2009-12-07 1128008]
S2 AVKService;G Data Scheduler;c:\program files\G Data\AntiVirus\AVK\AVKService.exe [2009-08-08 397896]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files\G Data\AntiVirus\AVK\AVKWCtl.exe [2009-11-25 1251488]
S3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2010-01-21 55624]
S3 GDScan;G Data Scanner;c:\program files\Common Files\G DATA\GDScan\GDScan.exe [2009-11-26 302152]
S3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2010-01-21 35272]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2009-06-17 40720]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2009-06-17 10384]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 R5U870FLx86;R5U870 UVC Lower Filter  ;c:\windows\system32\Drivers\R5U870FLx86.sys [2007-03-15 74240]
S3 R5U870FUx86;R5U870 UVC Upper Filter  ;c:\windows\system32\Drivers\R5U870FUx86.sys [2007-03-15 43904]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-02-08 807424]
S3 yukonw7;NDIS6.2-Miniporttreiber für Marvell Yukon-Ethernet-Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\g6v8wy8d.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - component: c:\program files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}\components\AvkWebFilterFF.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

---- FIREFOX Richtlinien ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2010-07-08  14:47:00
ComboFix-quarantined-files.txt  2010-07-08 12:47

Vor Suchlauf: 12 Verzeichnis(se), 18.597.707.776 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 18.516.168.704 Bytes frei

- - End Of File - - 597A7822458211038E0EE838841E8EA8