Sicherheitscenter deaktiviert sich ständig

jenny2 · 29.01.2011, 12:05

Hallo,

ich habe das selbe Problem, der Sicherheitscenter deaktiviert sich ständug.
Ich habe den CCLeaner, Malwarebytes, MBR, Hijackthis, OTL und combofix laufen lassen.
Das Problem verschwindet nicht.
Hier der Log combofix:

Code:

ATTFilter

ComboFix 11-01-28.02 - Jenny 29.01.2011  11:26:12.1.2 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1252.49.1031.18.1013.455 [GMT 1:00]
ausgeführt von:: e:\users\Jenny\Downloads\cf.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

e:\program files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
e:\programdata\Microsoft\Network\Downloader\qmgr0.dat
e:\programdata\Microsoft\Network\Downloader\qmgr1.dat
e:\users\Jenny\AppData\Local\acxEventlib\Acrocfgdsc.dll
e:\users\Jenny\AppData\Roaming\Local
e:\users\Jenny\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
e:\users\Jenny\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
e:\users\Jenny\AppData\Roaming\Local\Temp\DDM\Settings\stars_cats.eye.ein.supertrio.e33.xvid.avi.ddr
e:\users\Jenny\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\stars_cats.eye.ein.supertrio.e33.xvid.avi.ddp
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\games\00d2dfc64c07a4f32824abac1d6f735b
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\games\3e4265e00cbc4a9cf22a105046a46d8a
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\games\44a5d79f5451d3036ba3986425e234c8
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\games\GameCategories.xml
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\games\GameTypes.xml
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\guid.dat
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\preferences.dat
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\stats.dat
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\uninstallFF.dat
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\weather\02746d7769634c669fa479cc639a6e02
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\weather\3d4d474e84c72d1e4bfe4c0bc35bdcfe
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\weather\forecasts_cache.xml
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\weather\observations_cache.xml
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\weatherbutton_prefs.xml
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\widgets_cache\84b70525cff6359fdeca553342c23e4c
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\widgets_cache\bf5b6317ae07da699882fc948f22eda4
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\widgets_cache\category_cache.xml
e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\searchqutb\widgets_cache\widget_cache.xml

----- BITS: Eventuell infizierte Webseiten -----

hxxp://download.windowsupdate.com
e:\windows\system32\userinit.exe . . . ist infiziert!!

.
(((((((((((((((((((((((   Dateien erstellt von 2010-12-28 bis 2011-01-29  ))))))))))))))))))))))))))))))
.

2011-01-29 10:37 . 2011-01-29 10:37	--------	d-----w-	e:\users\Default\AppData\Local\temp
2011-01-29 09:55 . 2011-01-29 09:55	--------	d-----w-	E:\_OTL
2011-01-28 19:54 . 2011-01-28 19:54	--------	d-----w-	e:\windows\system32\sda
2011-01-28 19:53 . 2009-06-24 09:59	167424	----a-w-	e:\windows\system32\drivers\RtsUStor.sys
2011-01-28 19:53 . 2009-06-22 10:51	270336	----a-w-	e:\windows\system32\RtsUStor.dll
2011-01-28 19:49 . 2009-02-02 17:27	7360512	------r-	e:\windows\system32\RTSUSTORicon.dll
2011-01-28 19:46 . 2011-01-28 19:48	--------	d-----w-	E:\Medion
2011-01-28 07:13 . 2010-03-04 04:04	146304	----a-w-	e:\windows\system32\drivers\usbvideo.sys
2011-01-28 07:13 . 2010-03-04 03:57	190976	----a-w-	e:\windows\system32\drivers\ks.sys
2011-01-28 03:07 . 2009-09-10 05:52	257024	----a-w-	e:\windows\system32\msv1_0.dll
2011-01-28 02:07 . 2010-10-19 08:10	7680	----a-w-	e:\program files\Internet Explorer\iecompat.dll
2011-01-28 02:06 . 2009-09-26 05:58	194488	----a-w-	e:\windows\system32\drivers\fvevol.sys
2011-01-28 02:06 . 2010-08-04 06:18	641536	----a-w-	e:\windows\system32\CPFilters.dll
2011-01-28 02:06 . 2010-08-04 06:17	417792	----a-w-	e:\windows\system32\msdri.dll
2011-01-28 02:06 . 2010-08-04 06:15	204288	----a-w-	e:\windows\system32\MSNP.ax
2011-01-28 02:06 . 2010-02-11 07:10	293376	----a-w-	e:\windows\system32\browserchoice.exe
2011-01-28 02:06 . 2010-08-04 06:15	199680	----a-w-	e:\windows\system32\mpg2splt.ax
2011-01-28 02:06 . 2009-12-13 09:30	465408	----a-w-	e:\windows\system32\psisdecd.dll
2011-01-28 02:06 . 2010-03-24 06:37	1286456	----a-w-	e:\windows\system32\ntdll.dll
2011-01-28 02:05 . 2010-07-13 05:22	26504	----a-w-	e:\windows\system32\drivers\Diskdump.sys
2011-01-28 02:05 . 2010-04-07 07:10	571904	----a-w-	e:\windows\system32\oleaut32.dll
2011-01-28 02:05 . 2010-01-18 23:29	365568	----a-w-	e:\windows\system32\secproc_isv.dll
2011-01-28 02:05 . 2010-01-18 23:29	85504	----a-w-	e:\windows\system32\secproc_ssp_isv.dll
2011-01-28 02:05 . 2010-01-18 23:29	369152	----a-w-	e:\windows\system32\secproc.dll
2011-01-28 02:05 . 2010-01-18 23:28	324608	----a-w-	e:\windows\system32\RMActivate_isv.exe
2011-01-28 02:05 . 2010-01-18 23:28	320512	----a-w-	e:\windows\system32\RMActivate.exe
2011-01-28 02:05 . 2010-01-18 23:29	85504	----a-w-	e:\windows\system32\secproc_ssp.dll
2011-01-28 02:05 . 2010-01-18 23:28	277504	----a-w-	e:\windows\system32\RMActivate_ssp_isv.exe
2011-01-28 02:05 . 2010-01-18 23:28	280064	----a-w-	e:\windows\system32\RMActivate_ssp.exe
2011-01-28 01:56 . 2010-06-14 06:12	1286016	----a-w-	e:\windows\system32\drivers\tcpip.sys
2011-01-28 01:56 . 2010-06-19 06:23	37376	----a-w-	e:\windows\system32\rtutils.dll
2011-01-28 01:55 . 2010-08-31 04:32	954752	----a-w-	e:\windows\system32\mfc40.dll
2011-01-28 01:55 . 2010-08-31 04:32	954288	----a-w-	e:\windows\system32\mfc40u.dll
2011-01-28 01:55 . 2010-10-20 04:54	34304	----a-w-	e:\windows\system32\atmlib.dll
2011-01-28 01:55 . 2010-10-20 02:58	294400	----a-w-	e:\windows\system32\atmfd.dll
2011-01-28 01:55 . 2009-10-19 14:10	70656	----a-w-	e:\windows\system32\fontsub.dll
2011-01-28 01:53 . 2010-06-08 06:02	1233920	----a-w-	e:\windows\system32\msxml3.dll
2011-01-28 01:52 . 2010-02-27 07:32	221696	----a-w-	e:\windows\system32\drivers\mrxsmb10.sys
2011-01-28 01:50 . 2010-08-21 05:32	316928	----a-w-	e:\windows\system32\spoolsv.exe
2011-01-28 01:50 . 2010-06-29 04:57	4247040	----a-w-	e:\program files\Windows NT\Accessories\wordpad.exe
2011-01-28 01:50 . 2010-06-29 05:02	1413632	----a-w-	e:\windows\system32\ole32.dll
2011-01-28 01:50 . 2009-10-31 05:45	2614272	----a-w-	e:\windows\explorer.exe
2011-01-28 01:50 . 2009-10-28 06:17	285696	----a-w-	e:\windows\system32\winlogon.exe
2011-01-28 01:50 . 2010-08-21 05:36	224256	----a-w-	e:\windows\system32\schannel.dll
2011-01-28 01:50 . 2010-10-27 04:32	2048	----a-w-	e:\windows\system32\tzres.dll
2011-01-28 01:49 . 2010-08-26 04:39	109056	----a-w-	e:\windows\system32\t2embed.dll
2011-01-28 01:49 . 2010-07-29 06:30	197632	----a-w-	e:\windows\system32\ir32_32.dll
2011-01-28 01:49 . 2010-07-29 06:30	82944	----a-w-	e:\windows\system32\iccvid.dll
2011-01-28 01:49 . 2010-10-12 04:25	516096	----a-w-	e:\program files\Windows Mail\wab.exe
2011-01-28 01:17 . 2011-01-28 20:00	--------	d-----w-	e:\windows\system32\wbem\Performance
2011-01-28 01:15 . 2009-11-25 11:47	99176	----a-w-	e:\windows\system32\PresentationHostProxy.dll
2011-01-28 01:15 . 2009-11-25 11:47	49472	----a-w-	e:\windows\system32\netfxperf.dll
2011-01-28 01:15 . 2009-11-25 11:47	297808	----a-w-	e:\windows\system32\mscoree.dll
2011-01-28 01:15 . 2009-11-25 11:47	295264	----a-w-	e:\windows\system32\PresentationHost.exe
2011-01-28 01:15 . 2009-11-25 11:47	1130824	----a-w-	e:\windows\system32\dfshim.dll
2011-01-28 01:13 . 2009-12-29 06:55	172032	----a-w-	e:\windows\system32\wintrust.dll
2011-01-28 01:13 . 2010-01-09 06:52	132608	----a-w-	e:\windows\system32\cabview.dll
2011-01-28 00:15 . 2011-01-29 09:59	--------	d-----w-	e:\users\Jenny
2011-01-28 00:12 . 2011-01-28 19:49	--------	d-----w-	e:\program files\Realtek
2011-01-28 00:12 . 2011-01-28 00:12	--------	d-----w-	e:\windows\system32\RTCOM
2011-01-28 00:02 . 2011-01-28 00:02	--------	d-----w-	e:\program files\Microsoft Games
2011-01-27 18:59 . 2011-01-28 01:09	218688	----a-w-	e:\windows\system32\drivers\dtsoftbus01.sys
2011-01-27 18:59 . 2011-01-28 00:22	--------	d-----w-	e:\program files\DAEMON Tools Lite
2011-01-27 18:59 . 2011-01-28 00:26	--------	d-----w-	e:\programdata\DAEMON Tools Lite
2011-01-25 11:50 . 2011-01-28 00:21	--------	d-----w-	e:\program files\CCleaner
2011-01-24 19:43 . 2011-01-28 00:24	--------	d-----w-	e:\program files\MOOS Project Viewer
2011-01-24 14:31 . 2011-01-28 00:26	--------	d-----w-	e:\programdata\eMule
2011-01-24 14:30 . 2011-01-28 00:22	--------	d-----w-	e:\program files\eMule
2011-01-24 09:56 . 2011-01-28 00:26	--------	d-----w-	e:\programdata\Spybot - Search & Destroy
2011-01-24 09:56 . 2011-01-28 00:24	--------	d-----w-	e:\program files\Spybot - Search & Destroy
2011-01-24 09:38 . 2010-12-22 18:45	2336384	----a-w-	e:\windows\system32\BootMan.exe
2011-01-24 09:38 . 2010-07-15 07:44	86408	----a-w-	e:\windows\system32\setupempdrv03.exe
2011-01-24 09:38 . 2010-07-15 07:44	8456	----a-w-	e:\windows\system32\EuGdiDrv.sys
2011-01-24 09:38 . 2010-07-15 07:44	14848	----a-w-	e:\windows\system32\EuEpmGdi.dll
2011-01-24 09:38 . 2010-07-15 07:44	14216	----a-w-	e:\windows\system32\epmntdrv.sys
2011-01-24 09:38 . 2011-01-28 00:22	--------	d-----w-	e:\program files\EASEUS
2011-01-23 17:31 . 2011-01-28 00:22	--------	d-----w-	e:\program files\Common Files\Java
2011-01-23 17:30 . 2011-01-23 17:30	472808	----a-w-	e:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-01-23 17:30 . 2011-01-23 17:30	472808	----a-w-	e:\windows\system32\deployJava1.dll
2011-01-23 17:30 . 2011-01-28 00:23	--------	d-----w-	e:\program files\Java
2011-01-23 16:11 . 2011-01-28 00:24	--------	d-----w-	e:\program files\NeoSmart Technologies
2011-01-23 14:02 . 2010-12-20 17:09	38224	----a-w-	e:\windows\system32\drivers\mbamswissarmy.sys
2011-01-23 14:02 . 2011-01-28 00:26	--------	d-----w-	e:\programdata\Malwarebytes
2011-01-23 14:02 . 2011-01-28 00:23	--------	d-----w-	e:\program files\Malwarebytes' Anti-Malware
2011-01-23 14:02 . 2010-12-20 17:08	20952	----a-w-	e:\windows\system32\drivers\mbam.sys
2011-01-22 21:09 . 2011-01-22 21:09	98304	--sha-r-	e:\windows\system32\KBDCZ2N.dll
2011-01-22 20:54 . 2011-01-28 00:26	--------	d-----w-	e:\programdata\Stylus Studio
2011-01-22 19:00 . 2011-01-28 00:25	--------	d-----w-	e:\program files\Stylus Studio 2011 XML Enterprise Suite
2011-01-22 19:00 . 2001-09-05 03:18	225280	----a-w-	e:\program files\Common Files\InstallShield\IScript\iscript.dll
2011-01-22 19:00 . 2001-09-05 03:14	176128	----a-w-	e:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-01-22 19:00 . 2001-09-05 03:13	32768	----a-w-	e:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-01-22 19:00 . 2001-09-05 03:18	77824	----a-w-	e:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-01-22 19:00 . 2002-07-25 16:07	614532	----a-w-	e:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2011-01-21 20:01 . 2011-01-13 09:41	5890896	----a-w-	e:\programdata\Microsoft\Windows Defender\Definition Updates\{153A74A2-7C80-4104-8497-0ECF76F59C1E}\mpengine.dll
2011-01-20 18:27 . 2010-10-07 06:50	428352	----a-w-	e:\program files\Mozilla Firefox\StubInstaller.exe
2011-01-19 20:13 . 2011-01-28 00:23	--------	d-----w-	e:\program files\Lavalys
2011-01-16 23:48 . 2011-01-28 00:22	--------	d-----w-	e:\program files\Dr.Kawashima_Demo
2011-01-13 10:17 . 2011-01-28 00:26	--------	d-----w-	e:\program files\WinSCP
2011-01-11 23:00 . 2011-01-11 23:00	75776	----a-w-	e:\windows\cadkasdeinst01e.exe
2011-01-10 22:24 . 2011-01-28 00:26	--------	d-----w-	e:\programdata\regid.1986-12.com.adobe
2011-01-10 21:27 . 2011-01-28 00:24	--------	d-----w-	e:\program files\Smart PDF Converter
2011-01-10 21:14 . 2011-01-28 00:24	--------	d-----w-	e:\program files\PDF Converter
2011-01-10 00:24 . 2011-01-28 00:28	--------	d-----w-	e:\windows\uninstall
2011-01-10 00:24 . 2011-01-28 00:26	--------	d-----w-	e:\program files\Wecker 2.2
2011-01-05 13:27 . 2011-01-28 00:22	--------	d-----w-	e:\program files\Common Files\Skype
2011-01-05 13:27 . 2011-01-28 00:24	--------	d-----r-	e:\program files\Skype
2011-01-05 13:27 . 2011-01-28 00:26	--------	d-----w-	e:\programdata\Skype

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-19 15:53 . 2010-12-08 18:11	31552	----a-w-	e:\windows\system32\TURegOpt.exe
2010-11-19 15:49 . 2010-12-08 18:13	21312	----a-w-	e:\windows\system32\authuitu.dll
2010-11-19 15:49 . 2010-12-08 18:13	29504	----a-w-	e:\windows\system32\uxtuneup.dll
2010-11-12 00:44 . 2010-11-12 00:44	94208	----a-w-	e:\windows\system32\dpl100.dll
2010-11-08 22:57 . 2010-11-08 22:57	353592	----a-w-	e:\windows\system32\DivXControlPanelApplet.cpl
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19	94208	----a-w-	e:\users\Jenny\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19	94208	----a-w-	e:\users\Jenny\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19	94208	----a-w-	e:\users\Jenny\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="e:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="e:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"RtHDVCpl"="e:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-16 7547424]
"PDFPrint"="e:\program files\PDF24\pdf24.exe" [2010-12-14 216456]
"SynTPEnh"="e:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-11 1033512]

e:\users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - e:\users\Jenny\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 4 (0x4)
"EnableLUA"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="e:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"SpybotSD TeaTimer"=e:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HotKeysCmds"=e:\windows\system32\hkcmd.exe
"Persistence"=e:\windows\system32\igfxpers.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;e:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SBSDWSCService;SBSD Security Center Service;e:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 epmntdrv;epmntdrv;e:\windows\system32\epmntdrv.sys [2010-07-15 14216]
R3 EuGdiDrv;EuGdiDrv;e:\windows\system32\EuGdiDrv.sys [2010-07-15 8456]
R3 osppsvc;Office Software Protection Platform;e:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 RtsUIR;Realtek IR Driver;e:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TuneUp.UtilitiesSvc;TuneUp Utilities Service;e:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-11-19 1483072]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;e:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
R4 BroadCamService;BroadCam Video Streaming Server;e:\program files\NCH Software\BroadCam\broadcam.exe [2010-12-10 1175556]
R4 EyelineService;Eyeline Video System;e:\program files\NCH Software\Eyeline\eyeline.exe [2010-12-10 675844]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;e:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-28 218688]
S1 vwififlt;Virtual WiFi Filter Driver;e:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 vpnagent;Cisco AnyConnect VPN Agent;e:\program files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-10-21 592120]
S3 netr28;Ralink 802.11n-Drahtlostreiber für Windows Vista;e:\windows\system32\DRIVERS\netr28.sys [2009-07-13 530944]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;e:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 167424]
S3 RTL8167;Realtek 8167 NT Driver;e:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
S3 VCam_WDM;e2eSoft VCam;e:\windows\system32\DRIVERS\VCam_WDM.sys [2010-06-30 95840]

.
Inhalt des "geplante Tasks" Ordners
.
.
------- Zusätzlicher Suchlauf -------
.
IE: An OneNote s&enden - e:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - e:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - e:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - e:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - e:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - e:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - e:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - e:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\waujcnsy.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - e:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - e:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Speed Dial: {64161300-e22b-11db-8314-0800200c9a66} - %profile%\extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - e:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - e:\program files\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - e:\program files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKCU-Run-Acrocfgdsc - e:\users\Jenny\AppData\Local\acxEventlib\Acrocfgdsc.dll


.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(4076)
e:\users\Jenny\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
e:\program files\WinSCP\DragExt.dll
e:\progra~1\SPYBOT~1\SDHelper.dll
e:\windows\system32\igfxsrvc.dll
e:\windows\system32\igfxrDEU.lrc
.
------------------------ Weitere laufende Prozesse ------------------------
.
e:\windows\system32\rundll32.exe
e:\windows\system32\taskhost.exe
e:\windows\system32\conhost.exe
e:\program files\Synaptics\SynTP\SynTPHelper.exe
e:\program files\Windows Media Player\wmpnetwk.exe
e:\windows\system32\sppsvc.exe
e:\windows\system32\mmc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-01-29  11:44:47 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-01-29 10:44

Vor Suchlauf: 7 Verzeichnis(se), 137.977.442.304 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 137.266.728.960 Bytes frei

- - End Of File - - 473D5ACA345D385C9EE562A773006CE9

mbr

Code:

ATTFilter

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:			
Windows Version:		Windows 7 Professional
Windows Information:		 (build 7600), 32-bit
Base Board Manufacturer:	MEDION
BIOS Manufacturer:		American Megatrends Inc.
System Manufacturer:		MEDION
System Product Name:		E1212
Logical Drives Mask:		0x00000094

Kernel Drivers (total 189):
  0x81E56000 \SystemRoot\system32\ntkrnlpa.exe
  0x81E1F000 \SystemRoot\system32\halmacpi.dll
  0x81CFE000 \SystemRoot\system32\kdcom.dll
  0x86218000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x86290000 \SystemRoot\system32\PSHED.dll
  0x862A1000 \SystemRoot\system32\BOOTVID.dll
  0x862A9000 \SystemRoot\system32\CLFS.SYS
  0x862EB000 \SystemRoot\system32\CI.dll
  0x86419000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x8648A000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x86498000 \SystemRoot\system32\DRIVERS\ACPI.sys
  0x864E0000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
  0x864E9000 \SystemRoot\system32\DRIVERS\msisadrv.sys
  0x864F1000 \SystemRoot\system32\DRIVERS\pci.sys
  0x8651B000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
  0x86526000 \SystemRoot\System32\drivers\partmgr.sys
  0x86537000 \SystemRoot\system32\DRIVERS\compbatt.sys
  0x8653F000 \SystemRoot\system32\DRIVERS\BATTC.SYS
  0x8654A000 \SystemRoot\system32\DRIVERS\volmgr.sys
  0x8655A000 \SystemRoot\System32\drivers\volmgrx.sys
  0x865A5000 \SystemRoot\System32\drivers\mountmgr.sys
  0x865BB000 \SystemRoot\system32\DRIVERS\atapi.sys
  0x865C4000 \SystemRoot\system32\DRIVERS\ataport.SYS
  0x865E7000 \SystemRoot\system32\DRIVERS\msahci.sys
  0x865F1000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
  0x86400000 \SystemRoot\system32\DRIVERS\amdxata.sys
  0x86396000 \SystemRoot\system32\drivers\fltmgr.sys
  0x863CA000 \SystemRoot\system32\drivers\fileinfo.sys
  0x8660A000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x86739000 \SystemRoot\System32\Drivers\msrpc.sys
  0x86764000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x86777000 \SystemRoot\System32\Drivers\cng.sys
  0x867D4000 \SystemRoot\System32\drivers\pcw.sys
  0x867E2000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x8683E000 \SystemRoot\system32\drivers\ndis.sys
  0x868F5000 \SystemRoot\system32\drivers\NETIO.SYS
  0x86933000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x86A18000 \SystemRoot\System32\drivers\tcpip.sys
  0x86B61000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x86B92000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
  0x86B9B000 \SystemRoot\system32\DRIVERS\volsnap.sys
  0x86BDA000 \SystemRoot\System32\Drivers\spldr.sys
  0x86958000 \SystemRoot\System32\drivers\rdyboost.sys
  0x86BE2000 \SystemRoot\System32\Drivers\mup.sys
  0x86BF2000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x86985000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x86A00000 \SystemRoot\system32\DRIVERS\disk.sys
  0x869B7000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
  0x86A11000 \SystemRoot\System32\Drivers\Null.SYS
  0x86830000 \SystemRoot\System32\Drivers\Beep.SYS
  0x86811000 \SystemRoot\System32\drivers\vga.sys
  0x863DB000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x8681D000 \SystemRoot\System32\drivers\watchdog.sys
  0x867EB000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x867F3000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x86600000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x86409000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x86200000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x87A1F000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x87A36000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x87A41000 \SystemRoot\system32\drivers\afd.sys
  0x87A9B000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x87ACD000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x87AD4000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x87AF3000 \SystemRoot\system32\DRIVERS\vwififlt.sys
  0x87B04000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x87B12000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
  0x87B4D000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x87B60000 \SystemRoot\system32\DRIVERS\termdd.sys
  0x87B70000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x87BB1000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x87BBB000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0x87BC5000 \SystemRoot\System32\drivers\discache.sys
  0x8A21A000 \SystemRoot\system32\drivers\csc.sys
  0x8A27E000 \SystemRoot\System32\Drivers\dfsc.sys
  0x8A296000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x8A2A4000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x8CC39000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
  0x8D142000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x8CC00000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x8A2C5000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0x8A2E4000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
  0x8A329000 \SystemRoot\system32\DRIVERS\netr28.sys
  0x8A3B2000 \SystemRoot\system32\DRIVERS\vwifibus.sys
  0x8A3BC000 \SystemRoot\system32\DRIVERS\usbuhci.sys
  0x8D818000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x8D863000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x8D872000 \SystemRoot\system32\DRIVERS\i8042prt.sys
  0x8D88A000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x8D897000 \SystemRoot\system32\DRIVERS\SynTP.sys
  0x8D8C6000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x8D8C8000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x8D8D5000 \SystemRoot\system32\DRIVERS\CmBatt.sys
  0x8D8D9000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
  0x8D8E2000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x8D8F4000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
  0x8D901000 \SystemRoot\system32\DRIVERS\VCam_WDM.sys
  0x8D917000 \SystemRoot\system32\DRIVERS\STREAM.SYS
  0x8D925000 \SystemRoot\system32\DRIVERS\ks.sys
  0x8D959000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x8D96B000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x8D983000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x8D98E000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x8D9B0000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x8D9C8000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x8D9DF000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x8D9F6000 \SystemRoot\system32\DRIVERS\rdpbus.sys
  0x8D800000 \SystemRoot\system32\DRIVERS\swenum.sys
  0x8D802000 \SystemRoot\system32\DRIVERS\umbus.sys
  0x8E80C000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x8E850000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x8E861000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x80C2E000 \SystemRoot\system32\drivers\RTKVHDA.sys
  0x80E71000 \SystemRoot\system32\drivers\portcls.sys
  0x80EA0000 \SystemRoot\system32\drivers\drmk.sys
  0x80EB9000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x80EC6000 \SystemRoot\System32\Drivers\dump_dumpata.sys
  0x80ED1000 \SystemRoot\System32\Drivers\dump_msahci.sys
  0x80EDB000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x81060000 \SystemRoot\System32\win32k.sys
  0x80EEC000 \SystemRoot\System32\drivers\Dxapi.sys
  0x80EF6000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0x80F01000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x80F14000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x80F1B000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x80F26000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x812C0000 \SystemRoot\System32\TSDDD.dll
  0x80F31000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0x80F48000 \SystemRoot\System32\Drivers\usbvideo.sys
  0x80F6C000 \SystemRoot\System32\Drivers\RtsUStor.sys
  0x812F0000 \SystemRoot\System32\cdd.dll
  0x80F98000 \SystemRoot\system32\drivers\luafv.sys
  0x80FB3000 \SystemRoot\system32\drivers\WudfPf.sys
  0x80FCD000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x8E880000 \SystemRoot\system32\DRIVERS\nwifi.sys
  0x80FDD000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0x80FED000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x8E8C6000 \SystemRoot\system32\drivers\HTTP.sys
  0x80C00000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x80C19000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x8E94B000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x8E96E000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x8E9A9000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0xA5C17000 \SystemRoot\system32\drivers\peauth.sys
  0xA5CAE000 \SystemRoot\System32\Drivers\secdrv.SYS
  0xA5CB8000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0xA5CD9000 \SystemRoot\System32\drivers\tcpipreg.sys
  0xA5CE6000 \SystemRoot\System32\DRIVERS\srv2.sys
  0xA5D35000 \SystemRoot\System32\DRIVERS\srv.sys
  0xA5D86000 \SystemRoot\system32\DRIVERS\asyncmac.sys
  0x77B50000 \Windows\System32\ntdll.dll
  0x47BB0000 \Windows\System32\smss.exe
  0x77D90000 \Windows\System32\apisetschema.dll
  0x00260000 \Windows\System32\autochk.exe
  0x77D20000 \Windows\System32\shlwapi.dll
  0x77AA0000 \Windows\System32\msvcrt.dll
  0x76E50000 \Windows\System32\shell32.dll
  0x76CF0000 \Windows\System32\ole32.dll
  0x76BF0000 \Windows\System32\wininet.dll
  0x76A50000 \Windows\System32\setupapi.dll
  0x769B0000 \Windows\System32\advapi32.dll
  0x767B0000 \Windows\System32\iertutil.dll
  0x77D10000 \Windows\System32\nsi.dll
  0x77CE0000 \Windows\System32\imagehlp.dll
  0x77CA0000 \Windows\System32\ws2_32.dll
  0x76760000 \Windows\System32\Wldap32.dll
  0x76710000 \Windows\System32\gdi32.dll
  0x766B0000 \Windows\System32\difxapi.dll
  0x76630000 \Windows\System32\comdlg32.dll
  0x76610000 \Windows\System32\imm32.dll
  0x77C90000 \Windows\System32\lpk.dll
  0x76530000 \Windows\System32\kernel32.dll
  0x76460000 \Windows\System32\user32.dll
  0x76450000 \Windows\System32\normaliz.dll
  0x763B0000 \Windows\System32\usp10.dll
  0x76300000 \Windows\System32\rpcrt4.dll
  0x76270000 \Windows\System32\oleaut32.dll
  0x76250000 \Windows\System32\sechost.dll
  0x76240000 \Windows\System32\psapi.dll
  0x761B0000 \Windows\System32\clbcatq.dll
  0x760E0000 \Windows\System32\msctf.dll
  0x75FA0000 \Windows\System32\urlmon.dll
  0x75F80000 \Windows\System32\devobj.dll
  0x75F50000 \Windows\System32\wintrust.dll
  0x75F20000 \Windows\System32\cfgmgr32.dll
  0x75E90000 \Windows\System32\comctl32.dll
  0x75E40000 \Windows\System32\KernelBase.dll
  0x75D20000 \Windows\System32\crypt32.dll
  0x75D10000 \Windows\System32\msasn1.dll

Processes (total 42):
       0 System Idle Process
       4 System
     264 E:\Windows\System32\smss.exe
     404 csrss.exe
     460 E:\Windows\System32\wininit.exe
     468 csrss.exe
     516 E:\Windows\System32\services.exe
     548 E:\Windows\System32\winlogon.exe
     568 E:\Windows\System32\lsass.exe
     576 E:\Windows\System32\lsm.exe
     684 E:\Windows\System32\svchost.exe
     764 E:\Windows\System32\svchost.exe
     828 E:\Windows\System32\svchost.exe
     896 E:\Windows\System32\svchost.exe
     944 E:\Windows\System32\svchost.exe
    1088 E:\Windows\System32\svchost.exe
    1200 E:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
    1240 E:\Windows\System32\svchost.exe
    1384 E:\Windows\System32\spoolsv.exe
    1412 E:\Windows\System32\svchost.exe
    1444 E:\Windows\System32\taskeng.exe
    1480 E:\Windows\System32\rundll32.exe
    1656 E:\Windows\System32\taskhost.exe
    1676 E:\Windows\System32\dwm.exe
    1728 E:\Windows\explorer.exe
    1796 E:\Windows\System32\svchost.exe
    1628 E:\Windows\System32\igfxtray.exe
    1592 E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    1748 E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    1756 E:\Program Files\Windows Sidebar\sidebar.exe
    1852 E:\Windows\System32\rundll32.exe
    2092 E:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    2876 E:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
    3060 E:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    3568 E:\Program Files\Mozilla Firefox\firefox.exe
    3596 E:\Program Files\Windows Media Player\wmpnetwk.exe
    3732 E:\Windows\System32\svchost.exe
    3984 E:\Windows\servicing\TrustedInstaller.exe
    3248 E:\Windows\System32\audiodg.exe
    2980 E:\Windows\System32\dllhost.exe
    3968 E:\Users\Jenny\Downloads\MBRCheck.exe
    3992 E:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00  (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000000`64041600  (NTFS)

PhysicalDrive0 Model Number: ST9160310AS, Rev: SD03    

      Size  Device Name          MBR Status
  --------------------------------------------
    149 GB  \\.\PhysicalDrive0   Windows 7 MBR code detected
            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

otl

Code:

ATTFilter

OTL Extras logfile created on: 29.01.2011 01:26:56 - Run 2
OTL by OldTimer - Version 3.2.20.6     Folder = E:\Users\Jenny\Downloads
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.013,00 Mb Total Physical Memory | 407,00 Mb Available Physical Memory | 40,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files
Drive C: | 1,56 Gb Total Space | 0,15 Gb Free Space | 9,36% Space Free | Partition Type: NTFS
Drive E: | 147,49 Gb Total Space | 128,46 Gb Free Space | 87,10% Space Free | Partition Type: NTFS
 
Computer Name: JENNY-NET | User Name: Jenny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- E:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- E:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "E:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{668842FC-6827-4B6F-82BF-3828BE6D3007}" = Cisco AnyConnect VPN Client
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 2.9.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C53AA9D3-1FE1-46FA-A4FA-D66D16E8A81B}" = PowerArchiver 2009 German
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FE07EBD9-AEC3-4F3B-903F-54DEE3B88178}" = Stylus Studio 2011 XML Enterprise Suite
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BroadCam" = BroadCam Video Streaming Server
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Debut" = Debut Video Capture Software
"DivX Setup.divx.com" = DivX-Setup
"e2eSoft VCam_is1" = e2eSoft VCam v5.1
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 7.0.1 Home Edition
"EasyBCD" = EasyBCD 2.0
"eMule" = eMule
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Eyeline" = Eyeline Video System
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MOOS Project Viewer" = MOOS Project Viewer
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Office14.STANDARD" = Microsoft Office Standard 2010
"PDF Converter_is1" = PDF Converter 3.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"VideoPad" = VideoPad Videobearbeitungs-Software
"Wecker 2.2" = Wecker 2.2 2.2
"winscp3_is1" = WinSCP 4.2.9
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DrKawashima_Demo" = Dr Kawashima Demo
"Dropbox" = Dropbox
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 24.01.2011 09:08:24 | Computer Name = Jenny-Net | Source = Windows Backup | ID = 4104
Description = 
 
Error - 24.01.2011 09:37:02 | Computer Name = Jenny-Net | Source = Windows Backup | ID = 4104
Description = 
 
Error - 24.01.2011 09:45:09 | Computer Name = Jenny-Net | Source = Windows Backup | ID = 4104
Description = 
 
Error - 25.01.2011 11:19:58 | Computer Name = Jenny-Net | Source = Application Hang | ID = 1002
Description = Programm OUTLOOK.EXE, Version 14.0.4760.1000 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: bf4    Startzeit: 01cbbca31438c2f4    Endzeit: 63    Anwendungspfad: 
E:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE    Berichts-ID: 88f4c365-2896-11e0-ae19-0024216246e8

 
Error - 25.01.2011 17:59:11 | Computer Name = Jenny-Net | Source = Application Hang | ID = 1002
Description = Programm integrator.exe, Version 10.0.2020.1 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: b54    Startzeit: 01cbbcc40cd712a1    Endzeit: 1377    Anwendungspfad:
 E:\Program Files\TuneUp Utilities 2011\integrator.exe    Berichts-ID: 458aea20-28ce-11e0-ae19-0024216246e8

 
Error - 27.01.2011 14:59:52 | Computer Name = Jenny-Net | Source = System Restore | ID = 8193
Description = 
 
Error - 27.01.2011 20:49:59 | Computer Name = Jenny-Net | Source = .NET Runtime Optimization Service | ID = 1103
Description = 
 
Error - 27.01.2011 21:07:24 | Computer Name = Jenny-Net | Source = ESENT | ID = 215
Description = WinMail (3528) WindowsMail0: Die Sicherung wurde abgebrochen, weil
 sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
 wurde.
 
Error - 27.01.2011 21:18:38 | Computer Name = Jenny-Net | Source = Microsoft-Windows-LoadPerf | ID = 3009
Description = Die Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl)
 konnten nicht installiert werden. Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error - 28.01.2011 15:50:24 | Computer Name = Jenny-Net | Source = VSS | ID = 8194
Description = 
 
[ Cisco AnyConnect VPN Client Events ]
Error - 27.01.2011 06:31:41 | Computer Name = Jenny-Net | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp
Line:
 7578 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 27.01.2011 06:31:41 | Computer Name = Jenny-Net | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::genericNoticeHandler File: .\MainThread.cpp Line:
 5613 Invoked Function: CMainThread::applyHostConfigForNoVpn Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 27.01.2011 06:31:41 | Computer Name = Jenny-Net | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::processNotice File: .\MainThread.cpp Line: 5353
Invoked
 Function: CMainThread::genericNoticeHandler Return Code: -33095647 (0xFE070021) Description:
 ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 27.01.2011 06:31:41 | Computer Name = Jenny-Net | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::noticeHandler File: .\MainThread.cpp Line: 5315
Invoked
 Function: CMainThread::processNotice Return Code: -33095647 (0xFE070021) Description:
 ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 27.01.2011 06:31:41 | Computer Name = Jenny-Net | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::internalCallbackHandler File: .\MainThread.cpp
Line:
 5077 Invoked Function: CMainThread::noticeHandler Return Code: -33095647 (0xFE070021)
Description:
 ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 27.01.2011 06:31:41 | Computer Name = Jenny-Net | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::callbackHandler File: .\MainThread.cpp Line: 
5003 Invoked Function: internalCallbackHandler Return Code: -33095647 (0xFE070021)
Description:
 ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 27.01.2011 21:05:26 | Computer Name = Jenny-Net | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
 2460 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647 
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 27.01.2011 21:05:26 | Computer Name = Jenny-Net | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line: 
2188 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 27.01.2011 21:05:26 | Computer Name = Jenny-Net | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp
Line:
 7578 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 27.01.2011 21:05:26 | Computer Name = Jenny-Net | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::MainLoop File: .\MainThread.cpp Line: 325 Invoked
 Function: CMainThread::applyHostConfigForNoVpn Return Code: -33095647 (0xFE070021)
Description:
 ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
[ System Events ]
Error - 28.01.2011 16:21:50 | Computer Name = Jenny-Net | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1079
 
Error - 28.01.2011 16:22:56 | Computer Name = Jenny-Net | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1079
 
Error - 28.01.2011 16:26:52 | Computer Name = Jenny-Net | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Defender" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1297
 
Error - 28.01.2011 19:57:24 | Computer Name = Jenny-Net | Source = Microsoft-Windows-Kernel-General | ID = 6
Description = 
 
Error - 28.01.2011 20:00:51 | Computer Name = Jenny-Net | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TuneUp Designerweiterung" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1083
 
Error - 28.01.2011 20:04:41 | Computer Name = Jenny-Net | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TuneUp Designerweiterung" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1083
 
Error - 28.01.2011 20:05:00 | Computer Name = Jenny-Net | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SBSD Security Center Service" ist vom Dienst "Sicherheitscenter"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 28.01.2011 20:13:07 | Computer Name = Jenny-Net | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1079
 
Error - 28.01.2011 20:22:32 | Computer Name = Jenny-Net | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1079
 
Error - 28.01.2011 20:22:44 | Computer Name = Jenny-Net | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1079
 
 
< End of report >

hijackthis

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:35:23, on 27.01.2011
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
E:\Windows\system32\Dwm.exe
E:\Windows\Explorer.EXE
E:\Windows\system32\taskhost.exe
E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
E:\Program Files\PDF24\pdf24.exe
E:\Windows\System32\rundll32.exe
E:\Program Files\Synaptics\SynTP\SynTPHelper.exe
E:\Program Files\Windows Sidebar\sidebar.exe
E:\Windows\system32\taskmgr.exe
E:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
E:\Windows\system32\taskhost.exe
E:\Program Files\Stylus Studio 2011 XML Enterprise Suite\bin\struzzo.exe
E:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
E:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Mozilla Firefox\plugin-container.exe
E:\Users\Jenny\AppData\Roaming\Dropbox\bin\Dropbox.exe
E:\Windows\regedit.exe
E:\Windows\system32\mmc.exe
E:\Users\Jenny\Downloads\HiJackThis204.exe
E:\Program Files\TuneUp Utilities 2011\Integrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - E:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - E:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {7FF99715-3016-4381-84CE-E4E4C9673020} - (no file)
O4 - HKLM\..\Run: [RtHDVCpl] E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PDFPrint] E:\Program Files\PDF24\pdf24.exe
O4 - HKCU\..\Run: [Acrocfgdsc] rundll32.exe "E:\Users\Jenny\AppData\Local\acxEventlib\Acrocfgdsc.dll",tapinetAgent dbUservga
O4 - HKCU\..\Run: [Sidebar] E:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Startup: Dropbox.lnk = E:\Users\Jenny\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: An OneNote s&enden - res://E:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://E:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: BroadCam Video Streaming Server (BroadCamService) - Unknown owner - E:\Program Files\NCH Software\BroadCam\broadcam.exe
O23 - Service: Eyeline Video System (EyelineService) - Unknown owner - E:\Program Files\NCH Software\Eyeline\eyeline.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - E:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - E:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

--
End of file - 7274 bytes

malwarebytes

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5633

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

29.01.2011 01:42:23
mbam-log-2011-01-29 (01-42-23).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 134437
Laufzeit: 5 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Vielen Dank für eure Hilfe

cosinus · 02.02.2011, 21:32

Wieso überliest man wichtige Themen?

http://www.trojaner-board.de/95176-combofix.html

02.02.2011, 21:32	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Sicherheitscenter deaktiviert sich ständig Wieso überliest man wichtige Themen? http://www.trojaner-board.de/95176-combofix.html __________________ __________________

Sicherheitscenter deaktiviert sich ständig

Plagegeister aller Art und deren Bekämpfung: Sicherheitscenter deaktiviert sich ständig

Sicherheitscenter deaktiviert sich ständig

Sicherheitscenter deaktiviert sich ständig

Ähnliche Themen: Sicherheitscenter deaktiviert sich ständig