hier das logfile
Code:
Alles auswählen Aufklappen ATTFilter
ComboFix 10-07-15.01 - xxx 15.07.2010 21:31:25.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3000.1748 [GMT 2:00]
ausgeführt von:: c:\users\xxx\Desktop\cofi.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\Install.cmd
c:\windows\Ydesoa.exe
.
((((((((((((((((((((((( Dateien erstellt von 2010-06-15 bis 2010-07-15 ))))))))))))))))))))))))))))))
.
2010-07-15 19:40 . 2010-07-15 19:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-15 18:31 . 2010-07-15 18:31 -------- d-----w- c:\program files\CCleaner
2010-07-15 15:45 . 2010-07-15 15:45 -------- d-----w- c:\users\xxx\AppData\Roaming\Malwarebytes
2010-07-15 15:43 . 2010-04-29 10:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-15 15:43 . 2010-07-15 15:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-15 15:43 . 2010-07-15 15:43 -------- d-----w- c:\programdata\Malwarebytes
2010-07-15 15:43 . 2010-04-29 10:19 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-14 20:33 . 2010-07-14 20:33 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-14 20:28 . 2010-07-14 21:51 -------- d-----w- c:\programdata\Lavasoft
2010-07-14 20:28 . 2010-07-14 21:51 -------- d-----w- c:\program files\Lavasoft
2010-07-14 13:09 . 2010-07-14 13:09 -------- dc-h--w- c:\programdata\{CBBF61D9-36A1-4A2B-A39A-BFFA9ADBB5D5}
2010-07-14 13:09 . 2009-02-11 11:23 2946584 -c--a-w- c:\programdata\{CBBF61D9-36A1-4A2B-A39A-BFFA9ADBB5D5}\Traktor Setup.exe
2010-07-14 13:09 . 2010-07-14 13:09 -------- d-----w- c:\programdata\Native Instruments
2010-07-14 13:09 . 2009-01-15 11:39 2932576 -c--a-w- c:\programdata\{902029B2-957E-4066-85FA-30DA31731718}\Service Center Setup.exe
2010-07-14 13:09 . 2010-07-14 13:09 -------- dc-h--w- c:\programdata\{902029B2-957E-4066-85FA-30DA31731718}
2010-07-14 13:08 . 2010-07-14 13:09 -------- d-----w- c:\program files\Native Instruments
2010-07-14 13:08 . 2010-07-14 13:08 -------- d-----w- c:\program files\Common Files\Native Instruments
2010-07-09 17:47 . 2010-07-09 17:47 -------- d-----w- c:\users\xxx\AppData\Local\Apple Computer
2010-07-09 17:47 . 2010-07-14 15:43 -------- d-----w- c:\users\xxx\AppData\Roaming\Apple Computer
2010-07-09 17:47 . 2010-07-14 21:51 -------- dc----w- c:\windows\system32\DRVSTORE
2010-07-09 17:47 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-07-09 17:47 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-07-09 17:46 . 2010-07-09 17:46 -------- d-----w- c:\program files\iPod
2010-07-09 17:46 . 2010-07-09 17:47 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-07-09 17:46 . 2010-07-09 17:47 -------- d-----w- c:\program files\iTunes
2010-07-09 17:45 . 2010-07-09 17:46 -------- d-----w- c:\programdata\Apple Computer
2010-07-09 17:45 . 2010-07-09 17:45 -------- d-----w- c:\program files\QuickTime
2010-07-09 17:44 . 2010-07-09 17:44 -------- d-----w- c:\users\xxx\AppData\Local\Apple
2010-07-09 17:44 . 2010-07-09 17:44 -------- d-----w- c:\program files\Apple Software Update
2010-07-09 17:42 . 2010-07-09 17:42 -------- d-----w- c:\program files\Bonjour
2010-07-09 17:42 . 2010-07-09 17:46 -------- d-----w- c:\program files\Common Files\Apple
2010-07-09 17:42 . 2010-07-09 17:42 -------- d-----w- c:\programdata\Apple
2010-07-01 08:12 . 2010-07-08 08:41 -------- d-----w- c:\users\xxx\AppData\Roaming\HpUpdate
2010-07-01 08:12 . 2010-07-01 08:12 -------- d-----w- c:\windows\Hewlett-Packard
2010-06-24 01:00 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-24 01:00 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-24 01:00 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-24 01:00 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-24 01:00 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-23 10:08 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-23 10:08 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-14 23:02 . 2009-07-07 19:36 -------- d-----w- c:\users\xxx\AppData\Roaming\ICQ
2010-07-14 23:02 . 2009-07-18 19:14 -------- d-----w- c:\users\xxx\AppData\Roaming\Skype
2010-07-14 22:00 . 2009-07-18 19:20 -------- d-----w- c:\users\xxx\AppData\Roaming\skypePM
2010-07-14 20:16 . 2008-01-21 07:15 628742 ----a-w- c:\windows\system32\perfh007.dat
2010-07-14 20:16 . 2008-01-21 07:15 126454 ----a-w- c:\windows\system32\perfc007.dat
2010-07-14 18:18 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-07-14 10:56 . 2010-04-27 22:44 -------- d-----w- c:\users\xxx\AppData\Roaming\DivX
2010-07-04 15:00 . 2010-01-26 19:44 -------- d-----w- c:\users\xxx\AppData\Roaming\HP
2010-07-04 14:59 . 2010-01-26 19:25 219077 ----a-w- c:\windows\hpoins46.dat
2010-07-01 08:14 . 2010-01-26 19:27 -------- d-----w- c:\program files\HP
2010-06-27 11:20 . 2009-01-08 16:41 -------- d-----w- c:\program files\Google
2010-06-26 09:52 . 2009-07-11 20:55 -------- d-----w- c:\program files\Microsoft.NET
2010-06-16 17:55 . 2009-09-20 16:31 -------- d-----w- c:\program files\ICQ6.5
2010-06-15 18:01 . 2010-06-15 18:01 72504 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-05 11:39 . 2010-06-05 11:39 501872 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbDE37.tmp.exe
2010-06-04 05:18 . 2010-05-11 21:26 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-06-04 05:18 . 2010-05-11 21:16 -------- d-----w- c:\programdata\DivX
2010-06-04 05:16 . 2010-05-11 21:21 895256 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-06-04 05:16 . 2010-05-11 21:21 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-05-28 20:12 . 2009-07-16 15:50 -------- d-----w- c:\program files\EPSON
2010-05-27 04:09 . 2009-01-08 16:43 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-26 17:06 . 2010-06-11 19:45 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-11 19:45 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 12:14 . 2009-10-03 20:16 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-20 23:41 . 2010-05-20 23:41 144053 ----a-w- c:\users\xxx\AppData\Roaming\Move Networks\uninstall.exe
2010-05-20 23:41 . 2010-05-20 23:41 -------- d-----w- c:\users\xxx\AppData\Roaming\Move Networks
2010-05-20 23:41 . 2010-02-11 19:31 5640640 ----a-w- c:\users\xxx\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll
2010-05-19 18:58 . 2010-05-19 18:58 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-05-19 18:58 . 2010-05-19 18:58 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-05-19 18:58 . 2010-05-19 18:58 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-05-19 18:58 . 2010-05-19 18:58 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-05-19 18:58 . 2010-05-19 18:58 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-05-19 18:58 . 2010-05-19 18:58 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-05-19 18:58 . 2010-05-19 18:58 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-05-19 18:58 . 2010-05-19 18:58 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-05-19 18:58 . 2010-05-19 18:58 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-05-19 18:58 . 2010-05-19 18:57 -------- d-----w- c:\program files\Common Files\Real
2010-05-19 18:58 . 2010-05-19 18:57 -------- d-----w- c:\program files\Real
2010-05-19 18:58 . 2010-05-19 18:58 -------- d-----w- c:\program files\Common Files\xing shared
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-05-18 14:35 . 2010-05-18 14:35 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-11 21:20 . 2010-05-11 21:20 84040 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-05-11 21:20 . 2010-05-11 21:20 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-05-11 21:20 . 2010-05-11 21:20 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-05-11 21:20 . 2010-05-11 21:20 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-05-10 21:00 . 2010-05-10 21:00 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbDABA.tmp.exe
2010-05-04 19:15 . 2010-06-11 19:45 834048 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 18:37 . 2010-06-11 19:45 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-05-01 14:13 . 2010-06-11 19:45 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-23 14:13 . 2010-05-26 18:20 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-28 16:44 . 2009-07-08 05:41 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\program files\PACKARD BELL\SetUpMyPC\SmpSys.exe" [2008-07-07 1038136]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-05-13 26192168]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe " [2008-04-28 1828136]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2008-08-04 6265376]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-08 894512]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-28 30192]
"SmpcSys"="c:\program files\Packard Bell\SetupMyPC\SmpSys.exe" [2008-07-07 1038136]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-12 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-12 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-12 145944]
"Skytel"="Skytel.exe" [2008-08-04 1833504]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-19 202256]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
" Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
VPN Client.lnk - c:\windows\Installer\{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}\Icon3E5562ED7.ico [2009-8-3 6144]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):b9,30,34,28,65,52,ca,01
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1ca0003ad71aad0;Google Update Service (gupdate1ca0003ad71aad0);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 133104]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-28 30192]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32-Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752]
R3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 ETService;Empowering Technology Service;c:\program files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe [2008-07-16 24576]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2008-07-29 418816]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Inhalt des "geplante Tasks" Ordners
2010-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 19:38]
2010-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 19:38]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://potsdam-lounge.foren-city.de/
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0209&m=easynote_mh36
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\vkfsob7o.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://potsdam-lounge.foren-city.de/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\xxx\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX Richtlinien ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
HKLM-Run-eRecoveryService - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-07-15 21:40
Windows 6.0.6002 Service Pack 2 NTFS
Scanne versteckte Prozesse...
Scanne versteckte Autostarteinträge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
**************************************************************************
.
Zeit der Fertigstellung: 2010-07-15 21:43:01
ComboFix-quarantined-files.txt 2010-07-15 19:42
Vor Suchlauf: 7 Verzeichnis(se), 219.608.571.904 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 219.523.203.072 Bytes frei
- - End Of File - - F37D90EBAF48224BF5F78AD2941EC4EE
15.07.2010, 20:49
Baum-Darstellung